Splunk Search

Community Activity

	Creating alert for high traffic to a destination Hi, I have a search that shows the output of traffic as sum(sentbyte) This is my search, names have been changed to p... by Drewprice Engager in Splunk Search 01-21-2024 0 4	0	4
	can I insert data from the search field to test search expressions with hello, I was wanting to do something like insert "some test data key=value" \| search ... No data would actually b... by alexl1 Path Finder in Splunk Search 01-20-2024 0 2	0	2
	Dashboard Studio Dropdown default value from lookup table I am trying to replace default value of drop down with all the values from a column in lookup tableExample:Lookup tab... by splunkuser320 Path Finder in Splunk Search 01-19-2024 0 2	0	2
	Should be simple but it's not for me regex Hi, I have the below string and I'm trying to extract out the downstream status code by using this expression. I use... by dcase9999 Engager in Splunk Search 01-19-2024 0 2	0	2
	Json Parsing.. Json :-\| makeresults \| eval _raw="{<!-- -->\"a.com\": [{ \"yahoo.com\":\"10ms\",\"trans-id\": \"x1\"},{ \"google.com\":\"20ms... by onthakur Explorer in Splunk Search 01-19-2024 0 3	0	3
	How to get peak TPS stats for a month with the count of all route codes ? How to get peak TPS stats for a month with the count of all route codes ? by ashidhingra Path Finder in Splunk Search 01-19-2024 0 1	0	1
	how to filter lookup csv first Hi, I am using splunk enterprise 9.0.5.1 since about a month and have been experimenting with a dashboard (studio) fo... by svp66 Engager in Splunk Search 01-19-2024 0 2	0	2
	How to create a search that check each value from inputlookup table in a seach and return the results Hey Guys, I am trying to write a SPL in splunk where I have a lookup file with 10 values and I want to search each va... by Suagni Observer in Splunk Search 01-18-2024 0 1	0	1
	Total spend per field per month Hi Alli am struggling with a query and appreciate some help pleasei received the data on csv file - timestamp is toda... by PaulaCom Path Finder in Splunk Search 01-18-2024 0 1	0	1
	Issues in adding a lookup field in a Data Model Hi at all,I'm trying to add a field from a lookup in a Data Model, but the field is always empty in the Data Model, e... by gcusello SplunkTrust in Splunk Search 01-18-2024 0 10	0	10
	Json Parsing. I have below json and I want table of url and corresponding duration. {<!-- -->"details": {<!-- -->"sub-trans": [{<!-- -->"app-trans-id": "12... by onthakur Explorer in Splunk Search 01-18-2024 0 3	0	3
	Getting Error - [mvexpand] / max_mem_usage_mb has been reached getting below error ommand.mvexpand: output will be truncated at 3200 results due to excessive memory usage. Memory t... by sabari80 Explorer in Splunk Search 01-18-2024 0 15	0	15
	How to calcualte an Eval of percentage between two rows of stats values? Hi All,I'm trying to calculate the failureRate as a percentage between the NumberOfAuthErrors column and the TotalReq... by becksyboy Contributor in Splunk Search 01-18-2024 0 4	0	4
	Create new field by combining 2 fields from same index. I got 2 fields from same splunk indexfield1 have rows 1,2,3,4,5 and field2 have rows 10,12I want new field3 with data... by onthakur Explorer in Splunk Search 01-18-2024 0 1	0	1
	Indexes used within the last 30 day Hi, I am looking for a search to list out all of the indexes in Splunk. I know how to get the full but looking for a ... by Strangertinz Path Finder in Splunk Search 01-18-2024 0 2	0	2
	Splunk Chart dynamic column header sorting I have a chart formed like below and it's dynamic columns are created based on processes date. By default now the col... by avadhutha Explorer in Splunk Search 01-18-2024 0 4	0	4
	How to Disable Email Functionality for a Particular Role? (Or limit capabilities to admin) Is there a way to disable all email capabilities for a particular role in Splunk? The data in our deployment has to b... by MattHatter Explorer in Splunk Search 01-18-2024 0 1	0	1
	What is <14> we see in Splunk logs, each log starts with <14> what does it pertain to ? can anyone answer this please? <14> prefix is displayed in splunk logs, what does it mean, why is it displayed? Can anyone answer this question plea... by jlsiri Engager in Splunk Search 01-18-2024 0 3	0	3
	Fix JSON format by replacing single quote and put into new field Hello,\| dbxquery connection=test query="select employee_data from company"The following employee_data is not in prope... by LearningGuy Motivator in Splunk Search 01-18-2024 0 5	0	5
	How to sort dynamic column names? Hi, I have 2 columns: Name and Value. My column names are dynamically changed. How can I sort the column Names? Pl... by avitallange Explorer in Splunk Search 01-18-2024 0 6	0	6
	Need help on why my eval if statement isn't working Hello, I've been researching this online for over a day and nothing seems to be working for me. I have 2 EVAL IF st... by mninansplunk Path Finder in Splunk Search 01-18-2024 0 4	0	4
	Searching for windows logins Hello to all, really hoping I can make sense while asking this.... I'm an entry level IT Security Specialist and ... by ktaylor Loves-to-Learn Lots in Splunk Search 01-18-2024 0 7	0	7
	Need to create summary index continuously realtime Need to create summary index continuously realtime, now have two questions:1-run splunk forwarder on client and logs ... by indeed_2000 Motivator in Splunk Search 01-18-2024 0 13	0	13
	Expand the multivalue fields Trying to expand the multivalue field with one to one mapping as shown in image.mvexpand create multiple row with all... by RSS_STT Explorer in Splunk Search 01-18-2024 0 9	0	9
	How to extract variable field name from log file path and add them to each log line while sending to splunk Hi Everyone,I am using splunk forwarder and I have below requirements We have log files under path /opt/airflow/logs/... by Deep Engager in Splunk Search 01-18-2024 0 5	0	5