Highest Voted 'splunk-calculation' Questions

5

votes

1 answer

splunk check if message contains certain string

In Splunk search query how to check if log message has a text or not? Log message: message: 2018-09-21T07:15:28,458+0000 comp=hub-lora-ingestor-0 [vert.x-eventloop-thread-0] INFO com.nsc.iot.hono.receiver.HonoReceiver - Connected successfully,…

asked Sep 21 '18 at 09:54

Pratap A.K

4,337
11
42
79

5

votes

2 answers

Splunk how to combine two queries and get one answer

I am very new to Splunk and basically been dropped in the deep end!! also very new to language so any help and tips on the below would be great. The out come i am trying to get is to join the queries and get Username, ID and the amount of…

splunk splunk-query splunk-calculation splunk-formula splunk-sdk

asked Aug 16 '18 at 10:51

James

51
1
1
3

4

votes

1 answer

How to parse JSON metrics array in Splunk

I receive JSON from API in the following format: [ { "scId": "000DD2", "sensorId": 2, "metrics": [ { "s": 5414, "dateTime": "2018-02-02T13:03:30+01:00" }, { "s": 5526, …

splunk splunk-query splunk-calculation

asked May 23 '18 at 09:14

Max Zhylochkin

79
1
5

4

votes

1 answer

How To Calculate Exact 99.9th Percentile in Splunk

Does anyone know how to exactly calculate the 99.9th percentile in Splunk? I have tried a variety of methods as below, such as exactperc (but this only takes integer percentiles) and perc (but this approximates the result heavily). base | stats…

splunk percentile splunk-query splunk-calculation

asked Jul 31 '17 at 15:58

user1763328

301
2
3
11

3

votes

1 answer

Splunk monthly interval time chart

I'm trying to create a timechart at intervals of one moth however the below code produces the sum of the entire month, I want the value on the 1st of each month,please let me know any solutions to get value as on 2022-10-01 …

sql charts splunk splunk-calculation

asked Oct 10 '22 at 14:27

Ann

31
4

2

votes

1 answer

Splunk - Displaying addcoltotals into its own column

I have a report where I am working with event logs. I have created a table with fields that are extracted from the event logs. This is my splunk query: | stats count as Total_by_Requester values(*) as * by Requester_Id | table Type_of_Call LOB…

splunk splunk-query splunk-calculation

asked Oct 18 '22 at 18:39

ashu mallik

49
1
6

2

votes

1 answer

Query to extract data

Here is a snippet of the logs: 127.0.0.1 - - [01/Dec/2020:00:00:11 -0500] "GET / url:"api/orderLaptop for customer id 123" 127.0.0.1 - - [01/Nov/2020:00:00:24 -0500] "GET / url:"api/orderLaptop for customer id 124" 127.0.0.1 - -…

splunk splunk-query splunk-formula splunk-calculation splunk-dashboard

asked Jan 15 '22 at 03:16

user3376592

191
1
13

2

votes

1 answer

Splunk Concurrency Calculation

I have some data from logs in Splunk where I need to determine what other requests were running concurrently at the time of any single event. Using the following query, I was able to have it return a column for the number of requests that ran at the…

splunk splunk-query splunk-calculation

asked Oct 02 '21 at 00:03

SBB

8,560
30
108
223

2

votes

1 answer

splunk regex issue

How can we write regex for below? CEF:0|Incapsula|SIEMintegration|1|1|Normal|0| fileId=465000430130063349 Here I want to extract only 0 placed between || just before fileId.

splunk splunk-calculation

asked Jun 09 '21 at 14:50

supriya

21
1
6

2

votes

2 answers

how to calculate duration between two events Splunk

I need to find the duration between two events. I went over the solutions on splunk and Stack Overflow, but still can't get the calculation. Both sentToSave and SaveDoc have the time stamp already formatted, which is why I used the case function. I…

splunk splunk-query splunk-calculation

asked Apr 01 '21 at 00:17

Zara Z.

23
7

1

vote

1 answer

Is there a splunk query to sum all the column values based on same row field?

I have a existing splunk table as: JobAction Status TimeTaken(ms) Records Host Delete SUCCESS 100 50 Host1 Delete SUCCESS 120 200 Host1 Insert SUCCESS 500 30 Host1 Insert SUCCESS 120 25 Host1 I want to get the totaltime and…

splunk splunk-query splunk-dashboard splunk-calculation

asked Oct 07 '22 at 16:10

AD27060

21
5

1

vote

2 answers

Splunk Query to find all the occurrences of a Boolean key value pair in logs over a period of time

Given below is a snippet of splunk event. My requirement is to find all the occurrences of "isOutstanding": true. Here the point to note is that one event may/may not have multiple occurrences. Need to find the total count from multiple events over…

splunk splunk-query splunk-calculation splunk-dashboard

asked May 15 '22 at 19:57

remya thekkuvettil

778
1
7
22

1

vote

1 answer

Splunk percentage value for each category

I have 2 columns service and status. How do I calculate percentage availability for each service. total count for that service -> ts 5xx status for that service -> er_s availability = ((ts - er_s) / ts) * 100 I am able to get as a whole or…

splunk splunk-query splunk-calculation

asked May 10 '22 at 09:51

theGamblerRises

686
1
11
27

1

vote

0 answers

Conditional statement on delta if there's a series of negative numbers

csv image here, last column is deltaSuppose there's monthly raindrop data by state, how would I pick out 3 or 4 month of continuous decrease in a row (if 0 or positive ignore the state) output should be NY and HI only. rows are as follows: state …

splunk splunk-formula splunk-calculation

asked May 06 '22 at 13:34

Lexie

11
2

1

vote

1 answer

Splunk search by given timestamp not the time of ingestion to splunk

Is it possible to connect the timestamp given in the Data set to the Splunk date picker.

splunk splunk-query splunk-formula splunk-calculation splunk-dashboard

asked Apr 04 '22 at 08:48

Enoy Lu

13
4

Questions tagged [splunk-calculation]