Splunk Search

Community Activity

How to search for a range of IP addresses (example: 10.10.10.32 through 10.10.10.96)? Does anyone know the criteria to search for a range of IP address under the following conditions. I want to narrow ... by kmulcahy Engager in Splunk Search 03-02-2018 1 7	1	7
Hello every one, while I am searching on splunk , I am getting the following error. Search process did not exit cleanly, exit_code=255, description="exited with code 255". Please look in search.log for this peer in the Job Inspector for more info. Our environment is having 3 Sh and 4 indexers . I am getting following error very frequently. I followed suggestions... by jsuryaprakash Path Finder in Splunk Search 03-02-2018 0 1	0	1
How to search specific lines in splunk log file? I have 100 lines content log files where I want to show only between 32-80 lines in searching without regex condition... by saibal6 Path Finder in Splunk Search 03-02-2018 0 1	0	1
Table ES Suppressions including start time and end time I'm looking to create a dashboard of existing suppression's, and those that have recently expired or will expire in t... by jacqu3sy Path Finder in Splunk Search 03-02-2018 0 2	0	2
Regex help: Colon space and comma as key-value pair I'm trying to figure out better way of doing regex for a data like below Protocol: TCP, SrcIP: 1.2.3.4, OriginalClie... by koshyk Super Champion in Splunk Search 03-02-2018 0 4	0	4
search query - Lack of account activity for more than 3 months. search query - Lack of account activity for more than 3 months. There is a directory with the accounts that you need ... by Aleksey_18 New Member in Splunk Search 03-02-2018 0 1	0	1
Why is there unrelated fields to all my events? Hi, I have a couple of fields that always appear in the output of the fieldsummary command. I focused on one in par... by ctaf Contributor in Splunk Search 03-02-2018 0 3	0	3
How to convert string result into rows? Hello I've been trying to chart/table the following search but I keep getting the wrong sorting for my array. My sea... by bora9 Explorer in Splunk Search 03-01-2018 0 4	0	4
Pass value to another search Hi, I currently have a simple query that returns a table of data. Let's say... 1) index=test source=test_log groupI... by michael_mai Engager in Splunk Search 03-01-2018 1 2	1	2
Compare current time vs fields time I have a checkbox that when ticked I want it to compare the current time vs. the time of the values in a field of the... by JoshuaJohn Contributor in Splunk Search 03-01-2018 0 1	0	1
We have tried to extract index time field extarction We have tried to extract index time field extraction, below are the details.. props.conf:- [sourcetype] TRANSFORMS-f... by rvinil New Member in Splunk Search 03-01-2018 0 4	0	4
Field Extract and Format Time Stamp Hi All. How to break this log block so that it reads each row as an event, and this log is not in timestamp format? ... by jfeitosa Path Finder in Splunk Search 03-01-2018 0 4	0	4
How can I specify the constant colors to field values in a pie chart ? I have a splunk query which ends as follows my_query \| stats count by field_A \| eval field_A=field_A + "," + count ... by pavanae Builder in Splunk Search 03-01-2018 1 2	1	2
how to get the aggregation count of field values? I am looking something like the following result A_Count AGGREGATE TOTAL 20 20 30 ... by vrmandadi Builder in Splunk Search 03-01-2018 0 3	0	3
_time improper format Hello splunkers, I have logs in my file 01-03-2018 15:54:58 WARNING [PID:88888][TradeId:11551427] /apps/abcrc/src/c... by kannu Communicator in Splunk Search 03-01-2018 0 2	0	2
How many times we can use eval command or eval function in a single query?? Are there any limitation to use the eval , like to use only to a certain number of times in a query.. if so why? please ans the question by shankeranollamu New Member in Splunk Search 03-01-2018 0 2	0	2
How to re-position table refresh/extract popup? Is there a setting to move the refresh/extract popup from the bottom right corner of a table to the lop left? Or do y... by matstap Communicator in Splunk Search 03-01-2018 0 0	0	0
Is there a way to query whois by ip Hi, Is there any existing way to query whois by ip address? The domain tools app is great, but it looks like it onl... by a212830 Champion in Splunk Search 03-01-2018 0 1	0	1
How to calculate a linear regression for each field and predict the next possible number in my search query? Suppose I have this data (but in thousands, is just an example): ID class qty 1 cup 5 2 cup 6 3 cup 2 4 cup 7 5 mug ... by saenito New Member in Splunk Search 03-01-2018 0 6	0	6
How to write lookup csv file? Hi Splunk Experts, I am preparing one POC , here what I want . I have data in splunk like (empId,name,deparment) . ... by vikas_gopal Builder in Splunk Search 03-01-2018 0 1	0	1
Different results between specific date and the whole month I'm getting different results in some Nessus searches. The scans are done every 2 weeks. If I search in splunk in the... by ivan128 Explorer in Splunk Search 03-01-2018 0 2	0	2
How to ignore splunk field naming convention during extraction? Hi, In case I have a key-value format and the name of the key starting with __ or every other invalid characters, Ho... by shayhibah Path Finder in Splunk Search 03-01-2018 0 2	0	2
Regex in Whitelist, in inputs.conf regex help I'm trying to monitor log files within my application for the error & fatal logs, which can look like web-error.log ... by aa70627 Communicator in Splunk Search 03-01-2018 0 4	0	4
Workflow action contains other $variables$, how do I escape them? I am trying to make a workflow action to look up IP addresses and hostnames in Active Directory. Here's what I have ... by ktwombley Explorer in Splunk Search 03-01-2018 1 2	1	2
search of 2 words in a field not in particular order I have a field called Manager Name which come is some files managerforename,managersurname and in some managersurname... by surekhasplunk Communicator in Splunk Search 03-01-2018 0 4	0	4