Highest Voted 'splunk-calculation' Questions

1

vote

1 answer

how to write splunk query to create a dashboard

I have a Splunk log which contains a message at different time stamp with some case number "message":"Welcome home user case num 1ABCD-201901-765-2 UserId - 1203 XV - 543 UserAd - 76542 Elect - 5789875 Later Code - QWERZX" In below log few log…

asked Feb 05 '22 at 08:10

Learners

121
11

1

vote

2 answers

How Can I Generate A Visualisation with Multiple Data Series In Splunk

I have been experimenting with Splunk, trying to emulate some basic functionality from the OSISoft PI Time Series database. I have two data points that I wish to display trends for over time in order to compare fluctuations between them,…

splunk splunk-query splunk-calculation

asked Apr 28 '21 at 16:55

Paul Johnson

213
3
14

1

vote

0 answers

Splunk event increasing logic witch each SPL query

I am getting data in Splunk from Snowflake using Splunk DB Connect. This is just simple orders data. At Splunk search & reporting I am running the following query on my table to get visualization. source="big_data_table_inner_join" "UNITS_SOLD" |…

splunk splunk-query splunk-formula splunk-calculation

asked Feb 09 '21 at 15:19

Faisal Ghufran

25
4

1

vote

2 answers

Splunk: Find events that don't have a certain attribute logged as different log lines

We have Splunk logs like: ts=20:10:01 id=1 state=first foo=bar ts=20:10:05 id=1 state=second foo=bar ts=20:10:06 id=1 state=third foo=bar ts=20:10:03 id=2 state=first foo=bar ts=20:11:01 id=3 state=first foo=bar ts=20:11:03 id=3 state=second…

splunk splunk-query splunk-formula splunk-calculation

asked Jan 26 '21 at 22:44

Sumitk

1,485
6
19
31

1

vote

0 answers

Splunk query over @Timed annotation by the Prometheus metrics

As the title says I have @Timed annotation in my microservice written in spring-boot: @Timed(value = "api.rest.get-account-msgs",histogram = true,percentiles = {0.5, 0.95, 0.99}) and I'm struggling to find the correct query for the splunk to…

spring-boot prometheus splunk splunk-query splunk-calculation

asked Jan 05 '21 at 09:18

Jin

71
3

1

vote

0 answers

Splunk - how to parse JSON ingested from Azure blob?

I have file called "30 Jan 2020.json" that contains 2 records: [ { "Sender": "John", "Recipient": "Alice", "Subject": "Hello", "MessageDate": "10 Jan 2020" }, { "Sender": "Jane", "Recipient": "Bob", "Subject":…

splunk splunk-formula splunk-calculation

asked Nov 30 '20 at 22:02

Rich750

17
5

1

vote

1 answer

Splunk: How to Compute Incident Duration Records?

I have the following events in Splunk: _time Agent_Hostname alarm status 2020-08-23T03:04:05.000-0700 m50-ups.a_domain upsAlarmOnBypass raised 2020-08-23T03:07:16.000-0700 m50-ups.a_domain …

splunk splunk-query splunk-formula splunk-calculation

asked Sep 03 '20 at 16:38

Yu Shen

2,770
3
33
48

1

vote

1 answer

How to multiply value from previous command to some constant?

I am doing a query such that it will take the total count of the a value and then multiply it by some constant. For example : source="test.csv" sourcetype="csv" | stats count(adId) I want to multiply the result returned by the count by 0.5.…

splunk splunk-query splunk-calculation splunk-formula

asked Apr 18 '20 at 18:37

Atif Imam

49
1
9

1

vote

1 answer

In splunk addition of two same column from 2 indexes

I have 2 indexes with one field(A) as common in both Now I want the count of that same field(A) from both indexer in one panel .eg: indexer 1= total event count of A=30 indexer 2= total event count of A=20 now in a panel i want to show total count…

splunk-query splunk-calculation splunk-formula

asked Apr 16 '20 at 13:56

Supriya Sharma

21
4

1

vote

0 answers

json parsing using spath

I have a json log as shown below { action: Get, applicationName: abc, controller: Main, ip: 123.123.123.123, logLevel: INFO, loggerType: abcdef, machineName: windows, message:…

regex splunk splunk-calculation splunk-formula

asked Jul 12 '19 at 18:22

Praveen

11
3

1

vote

1 answer

Using Splunk to identify relatively unusual categorical event

I am starting off with Splunk and trying to solve a problem. I have a data set with millions of log records. The use case is to identify events that are unusual for a specific role and highlight the event and the user. The below table gives a…

splunk splunk-query splunk-calculation

asked Feb 07 '18 at 06:06

NinjaR

621
6
22

1

vote

0 answers

How to compare two or more field values

i have this kind of data: event 1: field_name=field_value, status="process", status_file="file_name" event 2: field_name=field_value, status="send", status_file="file_name" event 3: field_name=field_value, transfer_status="transferred",…

splunk splunk-query splunk-formula splunk-calculation splunk-sdk

asked Jan 30 '18 at 20:05

Chandana Puppy

133
1
9

1

vote

1 answer

Splunk map With zipcode

I am new to Splunk. I want to create a map using zipcode or city. I used the below query to get zipcode and city: index=*** "cf_foundation=p**" cf_app_name=o***| spath input=payload | stats values(addresses{}.zip) as…

splunk splunk-query splunk-calculation

asked Oct 11 '17 at 08:26

kaviya .P

469
3
11
27

1

vote

1 answer

Splunk query for division of sums of entries within a time frame

I have in the Splunk logs messages with the following format: LogService product id=1 price=10.00 numberOfClients=4 profit=5.00 I need to create a query that will find all the records from the last day and will calculate: sum(price *…

splunk splunk-query splunk-sum splunk-calculation splunk-formula

asked Jan 20 '17 at 22:01

user998692

5,172
7
40
63

0

votes

2 answers

List unique values from splunk events

index=myIndex container_name="abc-mno-pqr" "status code :: 50*" For this splunk query I am getting events like below [123-456-789-098] | 2023-07-26 12:05:31:245 [application-1] INFO com.example.event.SampleClasss - status code ::…

splunk splunk-query splunk-calculation

asked Jul 27 '23 at 07:19

Sat

3,520
9
39
66

Questions tagged [splunk-calculation]