Highest Voted 'splunk-query' Questions

0

votes

0 answers

Splunk drilldown search

I am working on splunk dashboard. Below is the sample table and query index="myindex" message="ApiImpl" "succeed=true" | rex field=message "execution_time=(?.*)" | table method response_time | stats avg(response_time) as "avg",…

splunk splunk-query

asked Feb 01 '18 at 00:57

Kiran

839
3
15
45

0

votes

1 answer

Delete logs from server using Splunk Universal forwarder

Can Splunk Universal forwarder be used to delete logs from a particular server. e.g. I have a universal forwarder installed on a server on which an application is running. The purpose of the UF is to send logs of this application to the splunk…

splunk logrotate splunk-query log-rotation

asked Jan 26 '18 at 15:15

Monizer

1
2

0

votes

1 answer

How can I connect my splunk using Splunk SDK Java?

I am getting Getting URI can't be null when trying with the url Below is my code, HttpService.setSslSecurityProtocol(SSLSecurityProtocol.SSLv3); //Tried the below one also //HttpService.setSslSecurityProtocol(SSLSecurityProtocol.TLSv1_2); …

java splunk splunk-query splunk-formula splunk-sdk

asked Jan 23 '18 at 15:57

Gnik

7,120
20
79
129

0

votes

1 answer

How to move raw data in Splunk with no field assigned to a table?

This might be a really simple question, but I haven't been able to find an answer as of yet. I have some raw data from some events that is for example "(duration 5555ms)" and I want to put that in a "| timechart span=1m count by duration" to create…

splunk raw-data splunk-query

asked Jan 21 '18 at 01:05

Cdhippen

615
1
10
32

0

votes

1 answer

Add Currency Symbol to Splunk Query

I have a column in splunk that I want to use to show totals. I would like for the dollar sign ($) to appear before the numbers in the totals column. Here's my query: index=prd_aws_billing (source="/*2017-12.csv") LinkedAccountId="123456678"…

splunk splunk-query

asked Jan 11 '18 at 04:03

bluethundr

1,005
17
68
141

0

votes

1 answer

How to set alert for multiple error scenario for multiple API logs in Splunk

I'm naïve to splunk and I have to done this task on priority basis,I want to set alert for multiple api deployed on PCF, E.g. API-NAME : Error1,Error2,3.. API-NAME2 : Error1,Error2,3. API-NAME3 : Error1,Error2,3. The error are same for every…

splunk splunk-query splunk-formula

asked Dec 26 '17 at 07:35

shadowhunter_077

454
1
6
13

0

votes

1 answer

How to integrate Expresso and Control M Jobs with splunk?

We have requirement to update the Expresso and Control-M scheduled job completion status in Splunk which will useful for live job monitoring. I have searched in SPlunk app and not able to find any app related to Expresso & Control-M. Is there anyway…

splunk control-m splunk-query expresso-store expresso

asked Dec 21 '17 at 10:49

Prabakaran

221
4
9
19

0

votes

1 answer

Splunk query to fetch http methods

Here is my log message. I am trying to capture all the http methods that are coming to /selfservice url. Basically i want to find number of hits for each api with count for each GET, PUT, POST etc. 65791 > GET…

splunk splunk-query

asked Dec 14 '17 at 22:26

Kiran

839
3
15
45

0

votes

1 answer

Splunk regular expression to find data

I am trying to find x-sw-client-id value i.e. self-service-automation from below log. key is always same but value will be different based on the client. could you suggest me a regex or query to find the number of clients hitting my service? POST…

splunk splunk-query

asked Dec 08 '17 at 22:01

Kiran

839
3
15
45

0

votes

1 answer

Search with original text that was replaced earlier

I am gathering performance metrics for each each api that we have. With the below query I get results as method response_time Create Billing 2343.2323 index="dev-uw2" logger_name="*Aspect*" message="*ApiImpl*" | rex…

splunk splunk-query

asked Dec 08 '17 at 18:10

Kiran

839
3
15
45

0

votes

2 answers

Splunk Dedup by _time and Combine Values for One Field Into One Event

I am working with Exchange 2010 data. I have the MessageID, Sender, Recipients, and _time. Depending on the event type, recipients can be split (i.e. all recipients for a given message are not included in the event, but are split across multiple…

duplicates splunk splunk-query splunk-calculation

asked Nov 21 '17 at 03:45

OverflowingTheGlass

2,324
1
27
75

0

votes

1 answer

How to count the number of occurence of string in Splunk

I am not able to find a Splunk query to count the number of occurences of a string across events. My string is: "\"IsFeedback\":true" I tried this but it doesn't count the number of occurrences of the string across events: host="HOST001" AND…

splunk splunk-query

asked Nov 17 '17 at 06:23

Bhaskar Mishra

3,332
7
26
36

0

votes

1 answer

Splunk logging with transaction

1) I want to count the number of occurences of the HTTP URL with p(95) response time for url invocation: https://example.net/v1/abc/xyz with the response code as 200 or 500 2) The response time is the difference of time-stamp b/w line 6 & 3. 3) Both…

splunk splunk-query

asked Nov 10 '17 at 09:05

gautham

21
2

0

votes

0 answers

Extract mixed JSON from Splunk log

I am new to Splunk. I want to create a dashboard based on the JSON string in the log. I have attached my search results: 2017 - 10 - 06 T05: 33: 46.910365 + 00: 00 loggregator xxxx[[APP / PROC / WEB / 0]]: cf_foundation = px - xxx cf_app_name = xxxx…

json splunk splunk-query

asked Oct 13 '17 at 06:43

kaviya .P

469
3
11
27

0

votes

3 answers

How to find traffic and number of hits per URL in Splunk?

I have been using Splunk as a log monitoring tool but recently got to know that we will get network traffic and number of hits per URL. For example, I have a URL like the one below and I want to know the total number of hits that occurred over the…

splunk splunk-query

asked Oct 10 '17 at 08:54

Praveen Kumar Mekala

628
1
10
26

Questions tagged [splunk-query]