Reporting

Community Activity

Scheduled report only intermittently adding data to index We have a scheduled report that passes data using "collect" & targeting an index which was running fine on schedule a... by AliDodd Loves-to-Learn in Reporting 08-06-2024 0 2	0	2
Check Critical Assets that are Logging Hi All,So I have a lookup table with the following fields: FQDN, Hostname, and IP. I need to check to see which of th... by Zer0F8th Loves-to-Learn in Reporting 07-26-2024 0 1	0	1
Issue with Splunk query I am working on the below query in which I want to calculate the lead_time in HH:SS. This query is giving me some res... by uagraw01 Motivator in Reporting 07-26-2024 0 8	0	8
compare splunk search with lookup and output the difference Can someone help me understand what I am doing wrong here? My requirement is I have a index=prod_syslogfarm which w... by Richy_s Path Finder in Reporting 07-22-2024 0 11	0	11
Microsoft Hyper-V cluster monitoring using Splunk: Hyper-V add-on for Splunk misses MS cluster monitoring scripts Hello there!To monitor Microsoft Hyper-V in customer environment, I know and use Hyper-V add-on for Splunk. But, the ... by SanjayM Explorer in Reporting 07-19-2024 0 0	0	0
Add sparklines to a table for ingestion I am trying to create a table showing the ingestion (usage) in GB by index over the past 24 hours. I am using this se... by scout29 Path Finder in Reporting 07-18-2024 0 3	0	3
Are ActivityID's for windows Events ever re-used after a period of time or reboot? What I want to do is summarize a completed transaction of ActivityID's like Windows updates. However, I do not know ... by simoom Explorer in Reporting 07-18-2024 0 3	0	3
rex need help message: Send async response via rest [url=https://prd.ase1.dbktp-feedloader.prd.gcp.db.com/callbackservice/book, as... by bhaskar5428 Explorer in Reporting 07-18-2024 0 3	0	3
Table wont show on search Hi,Im trying to collate URL domain names of users who visit websites over the course of 24 hours. It pulls the right ... by jacksonchandler Engager in Reporting 07-17-2024 0 3	0	3
Need help on joining on multiple search Hi , Please check above two screenshot , i want to join these queries in such way where i will get AppID along with ... by bhaskar5428 Explorer in Reporting 07-17-2024 0 4	0	4
need help on REX command Hi team , from above screenshot can you suggest how can i extract SEP013 against "errorCode":I need count of events... by bhaskar5428 Explorer in Reporting 07-16-2024 0 13	0	13
How can I change the color of a bar chart in Splunk Studio 9.0.3? I want to change the color of the bars to green for approved and red for declined. I have tried using seriesColorsByF... by AlejandroRmM Engager in Reporting 07-08-2024 0 2	0	2
Fetch Splunk data to Power BI Hi All, I want to fetch data from splunk to Power BI . Please suggest. I know there is a splunk ODBC driver where we ... by umeshchandra Observer in Reporting 07-02-2024 0 1	0	1
How to extract timestamp from file name I have a event that are generated in csv format with timestamp within file name as mentioned below. Need to extract t... by ravir_jbp Explorer in Reporting 06-28-2024 0 4	0	4
Remove T ffrom the timestamp and find the different two different time column Able to get event output in table format. But looking for eval condition:1. Remove T from the timestamp and convert ... by ravir_jbp Explorer in Reporting 06-28-2024 0 1	0	1
How to Comment a Single Line in SPL Query? Hi Splunkers,I need to know how to comment out a single line in an SPL query when working in search and reporting. Co... by sanjai Path Finder in Reporting 06-23-2024 0 2	0	2
Alert pls can i get a query to set up an alert for when a scheduled job failed to run by whitecat001 Explorer in Reporting 06-16-2024 0 1	0	1
Knowledge object How do i clone a dashboard and lookuptables from one App to another in Splunk by whitecat001 Explorer in Reporting 06-12-2024 0 1	0	1
Any way to get the name of the scheduled search you are in? I have an odd use case, where I'd like to be able to add a field naming the saved search I happen to be executing. ... by DalJeanis Legend in Reporting 06-02-2024 1 11	1	11
Is there a search that will return all changes creation, deletion of global groups? Hi to All, I need help with creating an Active Directory changes report. I used Win Events like 4728, 4729, 4730 but... by DanAlexander1 Engager in Reporting 05-31-2024 0 3	0	3
How to Set Expiry Time for Saved Scheduled Search Results to 7 days I have a scheduled job that runs every month, storing monthly report and sending an email with the search results.Thi... by Polarbear Engager in Reporting 05-29-2024 0 3	0	3
Implementing conditions between different lines in stats command I have extracted this data with the stats command.The goal is to compare left timestamp (start time) of the second li... by jarrebola Explorer in Reporting 05-28-2024 0 3	0	3
Fortigate Firewall Syslog distinguish Hi,i am forwarding fortigate firewalls syslogs to windows universal forwarder and this data is sent to splunk single ... by AtherAD Engager in Reporting 05-25-2024 0 2	0	2
sendemail to Function - Send email only if there are results Hello, I am using the sendemail to function in my search to send emails. I receive the email whenever the search is ... by anantshah Path Finder in Reporting 05-21-2024 2 7	2	7
Splunk REST API - add webhook using API but Splunk Web UI not showing it has anyone successfully using Splunk API call /services/saved/searches/SEARCH_NAME(https://docs.splunk.com/Documentat... by gdbtek New Member in Reporting 05-20-2024 0 0	0	0