Splunk Search

Community Activity

Field Extraction did not work Oct 30 06:55:08 Server1 request-default Cert x.x.x.x - John bank_user Viewer_PIP_PIP_env vu01 Appl Test [30/Oct/2023:... by gnshah12345 Observer in Splunk Search 01-25-2024 0 2	0	2
How to use the REST API to just run a search and stream the results back? Hi, I have a question about using the REST API to run a search. The doc seems to indicate that you need to follow 3... by a212830 Champion in Splunk Search 01-24-2024 5 15	5	15
how to see the data in table command which is showing empty cells i see the splunk query index="sample" "log_processed.env"=prod "log_processed.app"=sample "log_processed.traceId"=90c... by venugoski Explorer in Splunk Search 01-24-2024 0 3	0	3
trying to compare two sources and extract these ones that do not have SysMon Hello Community,I have a challenge finding and isolating the unique hosts out of two sources (DHCL and SysMon in my c... by DanAlexander Communicator in Splunk Search 01-24-2024 0 15	0	15
chart count for comparison Hi,I have the below SPL and I am not able to get the expected results. Please could you help?if i use stats count by ... by selvam_sekar Path Finder in Splunk Search 01-24-2024 0 3	0	3
Impossible number of occurrences being returned Given the sample event below representing a user sign-in, I am trying to create a table that shows each combination o... by Ara Engager in Splunk Search 01-23-2024 0 3	0	3
Rex multiline extraction only grabbing every other occurrence Hoping this is something simple with lookahead/lookback that I'm missing... trying to extract multi-line fields from ... by rmercy Explorer in Splunk Search 01-23-2024 0 4	0	4
Eval or Lookup bug I have a splunk search that is returning the wrong results from a kvstore if the secondUID field is set to itself bef... by Derson Explorer in Splunk Search 01-23-2024 0 7	0	7
Display a single value from multyple value filed in the table. I have filed "Labels" with multiple value in the single filed.I need to see only OS value red hat(linux) or windows 2... by bigll Path Finder in Splunk Search 01-23-2024 0 1	0	1
Need help in extraction of data from distributed and async logging application Hi All,I am almost a starter in Splunk but my org uses this tool as a log management utility.I need help in getting a... by Anurag101 New Member in Splunk Search 01-23-2024 0 2	0	2
Listing sources not having a match Hello,I've a simple requirement but new to Splunk so facing some challenges and hoping for some luck!My application w... by nnkreddy Explorer in Splunk Search 01-23-2024 0 2	0	2
timechart comparison for 15 mints current working day vs previous working day Hi, I have the below SPL and I would like to get the comparison for 15 mints time span i.e if we run today at 5 am t... by selvam_sekar Path Finder in Splunk Search 01-23-2024 0 2	0	2
Windows Admin User Logins I want to create an alert that notifies when Windows admins login and the accounts they are using. I want to ensure t... by bkeyser New Member in Splunk Search 01-23-2024 0 3	0	3
Can we get login location for the logged in Splunk users ? Hi All, I am trying to get login data about the the number of users logged in to the Splunk instance every day. I got... by _pravin Contributor in Splunk Search 01-23-2024 0 5	0	5
need to delete column from the result generated after timechart command i have a timechart query which is giving me the below result i want to exclude the columns with Zero like 02gdysjska2... by venky1544 Builder in Splunk Search 01-23-2024 0 1	0	1
How to get peakstats and a count of success and errors for a month in one table? How to get peakstats and a count of success and errors for a month in one table? by ashidhingra Path Finder in Splunk Search 01-22-2024 0 3	0	3
Using Inputlookup to find a string contains a value and more Hi guys, So heres what im trying to do. I have a lookup csv with 3 columns. I have data with string values that migh... by 73mustang Engager in Splunk Search 01-22-2024 0 3	0	3
How to combine two searches? I need to look for an incoming email and if an email matches a certain subject, I need to check another source type t... by alexrod03 New Member in Splunk Search 01-22-2024 0 1	0	1
How could I correlate values in multiple fields that contain multiple values So, I've been away from Splunk for several years now, and now re-visiting it. I've got a scenario where I would like... by digital_alchemy Path Finder in Splunk Search 01-22-2024 0 5	0	5
splunk 8.0.4 support mpreview? Hii'm using splunk 8.0.4 and when i use mpreview, return Unknown search command 'mpreview'.Any idea?Thanks by indeed_2000 Motivator in Splunk Search 01-22-2024 0 1	0	1
Converting multiple html entities in each field to unicode characters Hi, I have a dataset with very poor qulity and multiple encoding error. Some fields contain data like "Ал... by bitnapper Path Finder in Splunk Search 01-21-2024 0 6	0	6
Creating alert for high traffic to a destination Hi, I have a search that shows the output of traffic as sum(sentbyte) This is my search, names have been changed to p... by Drewprice Engager in Splunk Search 01-21-2024 0 4	0	4
can I insert data from the search field to test search expressions with hello, I was wanting to do something like insert "some test data key=value" \| search ... No data would actually b... by alexl1 Path Finder in Splunk Search 01-20-2024 0 2	0	2
Dashboard Studio Dropdown default value from lookup table I am trying to replace default value of drop down with all the values from a column in lookup tableExample:Lookup tab... by splunkuser320 Path Finder in Splunk Search 01-19-2024 0 2	0	2
Should be simple but it's not for me regex Hi, I have the below string and I'm trying to extract out the downstream status code by using this expression. I use... by dcase9999 Engager in Splunk Search 01-19-2024 0 2	0	2