Splunk Search

Community Activity

	Help with report creation please hello I am pretty new using Splunk and I am being tasked to generate multiple of these kinds of reports in Splunk (or... by GIA Path Finder in Splunk Search 12-21-2023 0 5	0	5
	Splunk coalesce index="*******"message_type =ERROR correlation_id=""\| eval err_field1 = spath(_raw,"response_details.body")\| eval e... by yuvaraj_m91 Loves-to-Learn Lots in Splunk Search 12-21-2023 0 2	0	2
	Splunk content This was my initial search. I cannot compare the two fields "srcdomain = destdomain" because when I intend to use eva... by quangnm21 Explorer in Splunk Search 12-21-2023 0 3	0	3
	How to compare matching values and their count from two fields from two lookup files Hello Friends, I need your help to find out matching fields values and their total count by comparing from two differ... by Mr_Adate Explorer in Splunk Search 12-20-2023 0 9	0	9
	Download splunk apm on premises Hihow can I download splunk apm on premises? FYI: I don’t want use cloud version Thanks by indeed_2000 Motivator in Splunk Search 12-20-2023 0 6	0	6
	Change table columns based on field value Hello All,I have a search question. I have a csv file that returnds data.the ID field if there is no data - I want to... by eholz1 Builder in Splunk Search 12-20-2023 0 3	0	3
	Extract fields in query or in config file HiWhat is the different between Extract fields in query with rex or in config file.Pros and cons?how about performanc... by indeed_2000 Motivator in Splunk Search 12-20-2023 0 4	0	4
	strptime calculation not working correctly with / but works with - timeformat Hi, communities,I am doing a calculation or eval command. \| eval dormancy=if(last_login="(never)",round((now()-str... by youngsuh Contributor in Splunk Search 12-20-2023 0 1	0	1
	blacklisting event code 4679. TaskCategory=Kerberos Service Ticket Operations Hello,I am trying to blacklist winevent code 4679 by TaskCategory=Kerberos Service Ticket Operations. This regex is... by nyajoefit22 Loves-to-Learn Lots in Splunk Search 12-20-2023 0 3	0	3
	I need to create panel with filter Hi,So i have below base query :\| inputlookup abc.csv where DECOMMISSIONED=N \| fields DATABASE DB_VERSION APP_NAME ACT... by shruti14 Explorer in Splunk Search 12-20-2023 0 1	0	1
	How to sort value in a multivalue field of IP address Hello, I know that mvsort command sort values lexicographically.But I want the output as below:62.0.3.7563.0.3.8475.... by mnj1809 Path Finder in Splunk Search 12-20-2023 0 9	0	9
	Box plot error in 'stats' command I try to make box plot graph using <viz>However, My code have this error,"Error in 'stats' command: The number of wil... by Questioner Path Finder in Splunk Search 12-19-2023 0 2	0	2
	How can I extract just a section of a field? I have a key called messageInside the value are several results but I need to only extract one result in the middle o... by mark_groenveld Path Finder in Splunk Search 12-19-2023 0 2	0	2
	Data disappears in expanded search time I'm trying to have a timechart showing the count of events by a category grouped by week. The search time is controll... by michaeler Communicator in Splunk Search 12-19-2023 0 3	0	3
	Searching a block of text for multiple values from a list. I have an index set up that holds a number of fields, one of which is a comma separated list of reference numbers and... by El_Franco Explorer in Splunk Search 12-19-2023 0 3	0	3
	Why my date values are showing the year 1969 (12/31/1969) this is my end_time: 1703027679.5678809After this query, it showed this output but i am getting the 1969 format\| eval... by ramkyreddy Explorer in Splunk Search 12-19-2023 0 1	0	1
	I want to create the table in Splunk for last 3 months TC Execution Summary for Last QuarterNo. of job runsAUSJERINDASIAugust150121110200Sept200140150220Oct100160130420I wa... by ramkyreddy Explorer in Splunk Search 12-19-2023 0 4	0	4
	Deduct certain events from search by riz1 Engager in Splunk Search 12-18-2023 0 1	0	1
	Rename works in search but not in Dashboard Studio I have a data like this.{ ... name: AppName metrics: {<!-- --> data: [ { details: { ... } ... by MirrorCraze Explorer in Splunk Search 12-18-2023 0 5	0	5
	Max/Min/Avg TPS Hi all, I have this query:\| timechart span=1s count AS TPS\| eventstats max(TPS) as MaxPeakTPS\| stats avg(TPS) as avgT... by WanLohnston Explorer in Splunk Search 12-18-2023 0 4	0	4
	How to round Totals for Statistics under Format Summary? HelloWhen I turned on Total for Statistics under Format > Summary, the output shows long digit after decimal point: T... by LearningGuy Motivator in Splunk Search 12-18-2023 0 13	0	13
	Partially eliminate error message in Splunk query Hi,below are the log details.index=ABC sourcetype=logging_0Below are the values of "ErrorMessages" field:invalid - 5 ... by Dharani Path Finder in Splunk Search 12-18-2023 0 6	0	6
	How to add colors to a Column Chart This is my source code</search> <option name="charting.chart">column</option> <option name="charting.dr... by avi7326 Path Finder in Splunk Search 12-18-2023 0 3	0	3
	Arranging column chart X-axis labels in static order Hi Everyone,I have a column chart for the below query. As shown in the below screenshot, the x-axis label is sorted i... by Pratyusha Engager in Splunk Search 12-17-2023 0 2	0	2
	Search data by result count I have a search that returns a list of users and the country logins have occurred from grouped by user.index=o365 Use... by balcv Contributor in Splunk Search 12-17-2023 0 2	0	2