Splunk Search

Discussions

Thread Info

change events only

I have events with the following keys: key1, key2 & key3. I would like to get the change events i.e. events that t...

by Loves-to-Learn Everything in

run different filter in an index search based on a condition in dropdown

Is it possible to run different filter in an index search based on a condition in dropdown below?The second filter wo...

by Communicator in

How to find field value, based on where condition, and assign to variable?

Good Morning! I rarely get to dabble in SPL, and as such, some (probably simple) things stump me. That is what bro...

by Path Finder in

Select the right index based on value in Dropdown

I have a dropdown with two values PROD and TEST. Based on my selection in my panels in the dashboard I have to choose...

by New Member in

What's best way to count calls from main search excluding sub search results?

Greetings. I'm trying to count all calls in this:index="my_data" resourceId="sip*" "CONNECTED"Where not in this:in...

by Path Finder in

Need help with python script to log into Splunk Cloud

I have the following script, but it keeps erroring out. def connect_to_splunk ( username ...

by Path Finder in

How to subtract total values of 2 fields in a dashboard?

Hi there, I have a dashboard and I want to subtract the total number of events of 2 queries but not sure how to do...

by Path Finder in

Using comparison function within mstats

Hello fellow Splunkthiasts! I need some insights to understand how comparison functions in mstats could be used. Co...

by Path Finder in

Capture multiple values of same pattern in an event

How do we capture multiple URLs in a single event? Log1: type=EXECVE msg=audit(1695798790.101:25214323): argc=17 ...

by Explorer in

Search to match high temp events, but ignore specific events on host that trigger within 25 seconds of each other

Hello all, We have a Splunk alert that searches for high temperature events on Juniper routers, it's a very straigh...

by Explorer in

Getting a count of the number of fields associated with a sourcetype

I've done a little looking and poking around but haven't seen an answer to this - hopefully I haven't overlooked some...

by Motivator in

what is the use of below query?

index=botsv1 sourcetype="stream:http" | timechart max(date_year)

by New Member in

How to capture x,y data from stacked charts for drill down option

Is there a way of capturing the x, y and z data from a stacked chart? At the moment, my x and y are as follows ...

by Explorer in

Plot graph using lookup file

Hi Team, I have a got a request to plot graph of previous 30 days. But the org has a retention period of 7days set...

by New Member in

How to combine two csv?

Hi All, I have two csv files. File1.csv -> id, operation_name, session_id File2.csv -> id, error, operation_name ...

by New Member in

Blocked auditqueue causing random skipped searches and scheduler slowness on SH/SHC. Slow UI.

Blocked auditqueue can cause random skipped searches, scheduler slowness on SH/SHC and slow UI.

by Splunk Employee in

How to parse grepable Nmap output?

I have several events with similar to this raw data field that I would like to break down into a new event for each I...

by Path Finder in

ingesting nmap xml output

I have been trying to get nmap output into Splunk. I thought the xml output would be nice and straightforward! Whil...

by Explorer in

How to create a search for matching two fields value to one new field?

Hello Splunker, I'm trying to join two fields values in stats command using Eval , looks like I'm doing it wrong,...

by Explorer in

Missing settlement notification

Event and Report extract rules Use the payment business events to identify Transactions which have ACCP clearing st...

by Explorer in

Get Updates on the Splunk Community!

Splunk Search

Discussions

change events only

run different filter in an index search based on a condition in dropdown

How to find field value, based on where condition, and assign to variable?

Select the right index based on value in Dropdown

What's best way to count calls from main search excluding sub search results?

Need help with python script to log into Splunk Cloud

How to subtract total values of 2 fields in a dashboard?

Using comparison function within mstats

Capture multiple values of same pattern in an event

Search to match high temp events, but ignore specific events on host that trigger within 25 seconds of each other

Getting a count of the number of fields associated with a sourcetype

what is the use of below query?

How to capture x,y data from stacked charts for drill down option

Plot graph using lookup file

How to combine two csv?

Blocked auditqueue causing random skipped searches and scheduler slowness on SH/SHC. Slow UI.

How to parse grepable Nmap output?

ingesting nmap xml output

How to create a search for matching two fields value to one new field?

Missing settlement notification

Devesh Logendran, Splunk, and the Singapore Cyber Conquest

There's No Place Like Chrome and the Splunk Platform

Customer Experience | Join the Customer Advisory Board!

Using comparison function within mstats

Search to match high temp events, but ignore speci...

splunk search statement using keyword from input b...

Ex Cisco - run a report for all DFS users who logg...

Splunk query to list all the queries that time out