New to Splunk Searching, anyone able to help? - Splunk Community

Splunk Search

I need to create a table that includes the filename, the domain name of which file came from, the source IP, the destination IP, and the date/time stamp.
What should the search query be?

Also with this - Find the executable they uploaded. Once found, detail the following in a single table: What was the filename? When was it uploaded? Was the upload successful? Where did it come from?

To take advantage of the advanced search features in the Splunk software, you must understand what fields are and how to use them.

Like, the events you have for having respective fields in tabular format (using table command)

Start with the events you have in particular index and search into search bar.

Go through the below link to identify fields in events.

https://docs.splunk.com/Documentation/Splunk/8.2.2/SearchTutorial/Usefieldstosearch

After this you have to use table command to list the identified fields.

https://docs.splunk.com/Documentation/SplunkCloud/8.2.2107/SearchReference/Table

Other references:

https://docs.splunk.com/Documentation/SplunkCloud/8.2.2107/SearchReference/WhatsInThisManual

https://docs.splunk.com/Documentation/SplunkCloud/latest/SearchReference/ListOfSearchCommands

I hope this will help you to work with Splunk & Splunk Search. If you need further help please share you sample events So we can help with search.

Thanks
KV
▄︻̷̿┻̿═━一 😉

If any of my reply helps you to solve the problem Or gain knowledge, an upvote would be appreciated.

Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open! conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor. HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members! The ...