Splunk Search

Community Activity

Field extraction showing up for different sourcetype Hello. I used the Splunk field extractor to get a field from sourcetype=sourcetype_a For some reason, when I search s... by xxkenta Explorer in Splunk Search 01-09-2018 0 3	0	3
Why is KV_MODE=xml not working in my distributed environment? Hi, i'm using a distributed splunk setup (search head with several indexers) with version 6.1.3. I'm having problems... by HansWurscht Path Finder in Splunk Search 01-09-2018 1 4	1	4
How to restrict User access to search from dashboard? I have a dashboard which uses internal index and I made it available for role "user". I couldn't get the dashboard ru... by googs524 Explorer in Splunk Search 01-09-2018 0 4	0	4
Security Key in server.conf what is the diff between the security key in the clustering stanza and the key in the general stanza in server.conf ?... by nawazns5038 Builder in Splunk Search 01-09-2018 0 1	0	1
Regex Help Hi, Struggling yet again with another regex. The sample string looks like the following: .........,"errorCode":"500... by brajaram Communicator in Splunk Search 01-09-2018 0 3	0	3
Can we find the events which are not matched by Lookup table? I have a lookup table with which I am categorizing the Error Messages received from a particulat Sourcetype "error". ... by maria2691 Path Finder in Splunk Search 01-09-2018 0 2	0	2
How to make search faster Hello, below is my search . Since i am using join , search is slow . Can i please know if there is a way to increas... by kteng2024 Path Finder in Splunk Search 01-09-2018 0 3	0	3
How to count success/fail event and group them by another field Hello everyone! My data have this form I'm trying to make table in splunk, that will aggregate data to next format... by someguy73 Explorer in Splunk Search 01-09-2018 0 4	0	4
Stacked100 with Bar total value Ciao, i'd like to apply some enhancements to a stacked100 barchart i created. In particular I'd like to modify this... by CarmineCalo Path Finder in Splunk Search 01-09-2018 0 2	0	2
How to extract the last string order a table around it ? 40.118.209.1 0x735870x1 GG46989 [21/Dec/2014:00:00:00 -0500] "GET /rest/jphutenxporter/1.0/outputformatconfig/outputf... by zacksoft Contributor in Splunk Search 01-08-2018 0 5	0	5
query to grab the metadata of the host entered by the user Hello, Can someone please help me to build a query that will display hostname , IP address , last reported by the f... by kteng2024 Path Finder in Splunk Search 01-08-2018 0 3	0	3
How to display respective entries from two different logs based on a common extracted field value? Hi All, I have two different sources of log and want to display respective entries from each source based on a extra... by amiivas Engager in Splunk Search 01-08-2018 0 5	0	5
what is meaning of communication protocols in spunk what is meaning of communication protocols in spunk by maheshsat Explorer in Splunk Search 01-08-2018 0 3	0	3
How to count daily events with specific time? Hi guys, I need to count number of events daily starting from 9 am to 12 midnight. Currently I have "earliest=@d+9h ... by auaave Communicator in Splunk Search 01-08-2018 0 10	0	10
Rename Field From Input File And Perform Search Hello! I am attempting to find events based on names in a CSV file (I am attempting to build a search to identify se... by aakashshah Explorer in Splunk Search 01-08-2018 0 11	0	11
Help with the query that works with splunk server groups Hi, Below is the query i am using to get the hostname , IP addresses and last reported to splunk . \| metadata type... by kteng2024 Path Finder in Splunk Search 01-08-2018 0 2	0	2
How to use AND operation with multivalue fields? I have a two multivalued fields 1)segment_status -with values SUCCEEDED-100 FAILED-100 2)segment_provider_id-with... by vrmandadi Builder in Splunk Search 01-08-2018 0 9	0	9
How to Build an If Statement based on if a field contains a string For every record where the field Test contains the word "Please" - I want to replace the string with "This is a test"... by katzr Path Finder in Splunk Search 01-08-2018 0 2	0	2
Hi Experts,Could you please give me the script which will work to send the SNMP traps to other systems with alert name , hostname and some other fiedls. Hi Experts, Could you please give me the script which will work to send the SNMP traps to other systems with alert n... by Nandakumar New Member in Splunk Search 01-08-2018 0 2	0	2
Search log file based on timestamp from other file Hi We have 2 files First File has only start time and end time of the test. STARTTIME ... by tushargupta1 New Member in Splunk Search 01-08-2018 0 2	0	2
How to count events from a same file with having two different raw text ? Hi Splunker, I have to count success and failure count from the same index and sourcetype on the basis of raw text i... by m7787580 Explorer in Splunk Search 01-08-2018 0 2	0	2
remove duplicate or similar event in a trasaction command from the search Hello Everybody, I want to remove similar event which are in a transaction command. In my case, I want to merge th... by amir_thales Path Finder in Splunk Search 01-08-2018 0 6	0	6
continuously DB query with overcome short date format Hello, im trying querying HIVE table via 'rising' mode. query must contain certain timestamp_1 column (otherwise no r... by OBsecurity Explorer in Splunk Search 01-08-2018 0 0	0	0
How to upload multiple files in Splunk? Is it possible to upload multiple files like 100 1MB files in Splunk at the same time? How to upload multiple files in the Splunk? by swati_sharma New Member in Splunk Search 01-08-2018 0 8	0	8
Why is using base searches causing major performance issues on my dashboard? Working on making dashboards to help report on activity. To make the dashboards as performant as possible, I'm using... by klinek Explorer in Splunk Search 01-08-2018 2 11	2	11