Splunk Search

Community Activity

	Eval or Lookup bug I have a splunk search that is returning the wrong results from a kvstore if the secondUID field is set to itself bef... by Derson Explorer in Splunk Search 01-23-2024 0 7	0	7
	Display a single value from multyple value filed in the table. I have filed "Labels" with multiple value in the single filed.I need to see only OS value red hat(linux) or windows 2... by bigll Path Finder in Splunk Search 01-23-2024 0 1	0	1
	Need help in extraction of data from distributed and async logging application Hi All,I am almost a starter in Splunk but my org uses this tool as a log management utility.I need help in getting a... by Anurag101 New Member in Splunk Search 01-23-2024 0 2	0	2
	Listing sources not having a match Hello,I've a simple requirement but new to Splunk so facing some challenges and hoping for some luck!My application w... by nnkreddy Explorer in Splunk Search 01-23-2024 0 2	0	2
	timechart comparison for 15 mints current working day vs previous working day Hi, I have the below SPL and I would like to get the comparison for 15 mints time span i.e if we run today at 5 am t... by selvam_sekar Path Finder in Splunk Search 01-23-2024 0 2	0	2
	Windows Admin User Logins I want to create an alert that notifies when Windows admins login and the accounts they are using. I want to ensure t... by bkeyser New Member in Splunk Search 01-23-2024 0 3	0	3
	Can we get login location for the logged in Splunk users ? Hi All, I am trying to get login data about the the number of users logged in to the Splunk instance every day. I got... by _pravin Contributor in Splunk Search 01-23-2024 0 5	0	5
	need to delete column from the result generated after timechart command i have a timechart query which is giving me the below result i want to exclude the columns with Zero like 02gdysjska2... by venky1544 Builder in Splunk Search 01-23-2024 0 1	0	1
	How to get peakstats and a count of success and errors for a month in one table? How to get peakstats and a count of success and errors for a month in one table? by ashidhingra Path Finder in Splunk Search 01-22-2024 0 3	0	3
	Using Inputlookup to find a string contains a value and more Hi guys, So heres what im trying to do. I have a lookup csv with 3 columns. I have data with string values that migh... by 73mustang Engager in Splunk Search 01-22-2024 0 3	0	3
	How to combine two searches? I need to look for an incoming email and if an email matches a certain subject, I need to check another source type t... by alexrod03 New Member in Splunk Search 01-22-2024 0 1	0	1
	How could I correlate values in multiple fields that contain multiple values So, I've been away from Splunk for several years now, and now re-visiting it. I've got a scenario where I would like... by digital_alchemy Path Finder in Splunk Search 01-22-2024 0 5	0	5
	splunk 8.0.4 support mpreview? Hii'm using splunk 8.0.4 and when i use mpreview, return Unknown search command 'mpreview'.Any idea?Thanks by indeed_2000 Motivator in Splunk Search 01-22-2024 0 1	0	1
	Converting multiple html entities in each field to unicode characters Hi, I have a dataset with very poor qulity and multiple encoding error. Some fields contain data like "Ал... by bitnapper Path Finder in Splunk Search 01-21-2024 0 6	0	6
	Creating alert for high traffic to a destination Hi, I have a search that shows the output of traffic as sum(sentbyte) This is my search, names have been changed to p... by Drewprice Engager in Splunk Search 01-21-2024 0 4	0	4
	can I insert data from the search field to test search expressions with hello, I was wanting to do something like insert "some test data key=value" \| search ... No data would actually b... by alexl1 Path Finder in Splunk Search 01-20-2024 0 2	0	2
	Dashboard Studio Dropdown default value from lookup table I am trying to replace default value of drop down with all the values from a column in lookup tableExample:Lookup tab... by splunkuser320 Path Finder in Splunk Search 01-19-2024 0 2	0	2
	Should be simple but it's not for me regex Hi, I have the below string and I'm trying to extract out the downstream status code by using this expression. I use... by dcase9999 Engager in Splunk Search 01-19-2024 0 2	0	2
	Json Parsing.. Json :-\| makeresults \| eval _raw="{<!-- -->\"a.com\": [{ \"yahoo.com\":\"10ms\",\"trans-id\": \"x1\"},{ \"google.com\":\"20ms... by onthakur Explorer in Splunk Search 01-19-2024 0 3	0	3
	How to get peak TPS stats for a month with the count of all route codes ? How to get peak TPS stats for a month with the count of all route codes ? by ashidhingra Path Finder in Splunk Search 01-19-2024 0 1	0	1
	how to filter lookup csv first Hi, I am using splunk enterprise 9.0.5.1 since about a month and have been experimenting with a dashboard (studio) fo... by svp66 Engager in Splunk Search 01-19-2024 0 2	0	2
	How to create a search that check each value from inputlookup table in a seach and return the results Hey Guys, I am trying to write a SPL in splunk where I have a lookup file with 10 values and I want to search each va... by Suagni Observer in Splunk Search 01-18-2024 0 1	0	1
	Total spend per field per month Hi Alli am struggling with a query and appreciate some help pleasei received the data on csv file - timestamp is toda... by PaulaCom Path Finder in Splunk Search 01-18-2024 0 1	0	1
	Issues in adding a lookup field in a Data Model Hi at all,I'm trying to add a field from a lookup in a Data Model, but the field is always empty in the Data Model, e... by gcusello SplunkTrust in Splunk Search 01-18-2024 0 10	0	10
	Json Parsing. I have below json and I want table of url and corresponding duration. {<!-- -->"details": {<!-- -->"sub-trans": [{<!-- -->"app-trans-id": "12... by onthakur Explorer in Splunk Search 01-18-2024 0 3	0	3