https://community.splunk.com/t5/Splunk-Search/Basic-Query-help/m-p/543921#M154076 <P>Hi <a href="https://community.splunk.com/t5/user/viewprofilepage/user-id/232503">@mnmn777</a>,</P><P>If you have in your logs the SHA of many files, you can use Splunk to search that signature, which data have you to search?</P><P>Ciao.</P><P>Giuseppe</P> Mon, 15 Mar 2021 20:36:49 GMT gcusello 2021-03-15T20:36:49Z https://community.splunk.com/t5/Splunk-Search/Basic-Query-help/m-p/543908#M154068 <P>I just want to look for a hash signature in Splunk.&nbsp;</P><P>Example:&nbsp;<SPAN>d09a773dab9a20e6b39176e9cf76ac6863fe388d69367407c317c71652c84b9e</SPAN></P><P>What is the basic query please?&nbsp;</P> Mon, 15 Mar 2021 17:59:36 GMT https://community.splunk.com/t5/Splunk-Search/Basic-Query-help/m-p/543908#M154068 mnmn777 2021-03-15T17:59:36Z https://community.splunk.com/t5/Splunk-Search/Basic-Query-help/m-p/543909#M154069 <P>Hi&nbsp;<a href="https://community.splunk.com/t5/user/viewprofilepage/user-id/232503">@mnmn777</a>,</P><P>sorry but I don't understand your need:</P><P>the hash you shared is what you want to search in your logs or what else?</P><P>if this is waht you want to search, you can use this string in a simple search:</P><LI-CODE lang="markup">index=your:index d09a773dab9a20e6b39176e9cf76ac6863fe388d69367407c317c71652c84b9e</LI-CODE><P>if you could add more informations to you question we'd be able to help you.</P><P>CIao.</P><P>Giuseppe</P> Mon, 15 Mar 2021 18:04:16 GMT https://community.splunk.com/t5/Splunk-Search/Basic-Query-help/m-p/543909#M154069 gcusello 2021-03-15T18:04:16Z https://community.splunk.com/t5/Splunk-Search/Basic-Query-help/m-p/543910#M154070 <P>I want to see if a file, which has that SHA256 signature is in my Enterprise or logs.&nbsp;</P><P>&nbsp;</P> Mon, 15 Mar 2021 18:07:47 GMT https://community.splunk.com/t5/Splunk-Search/Basic-Query-help/m-p/543910#M154070 mnmn777 2021-03-15T18:07:47Z https://community.splunk.com/t5/Splunk-Search/Basic-Query-help/m-p/543921#M154076 <P>Hi <a href="https://community.splunk.com/t5/user/viewprofilepage/user-id/232503">@mnmn777</a>,</P><P>If you have in your logs the SHA of many files, you can use Splunk to search that signature, which data have you to search?</P><P>Ciao.</P><P>Giuseppe</P> Mon, 15 Mar 2021 20:36:49 GMT https://community.splunk.com/t5/Splunk-Search/Basic-Query-help/m-p/543921#M154076 gcusello 2021-03-15T20:36:49Z