Splunk Search

Community Activity

How to send events in JSON format to NullQueue? Hello, We are puling JSON data from cloud, can I trim out the events with EventId=5156 and 5158 from the events with... by kiran331 Builder in Splunk Search 12-04-2017 0 5	0	5
Issue when joining results of large tstats queries over time. Hello everyone, I am currently struggling with Splunk limitations when it comes to joining two queries handling very... by moystard New Member in Splunk Search 12-04-2017 0 5	0	5
Multi-Site Cluster: What would I configure for replication and search factor with 1 peer at each site? Hi all, Am planning a multi-site (2 datacenters) installation of Splunk Enterprise v6.1.3. It will include Enterpris... by Splunker Communicator in Splunk Search 12-04-2017 1 5	1	5
Manipulating eval and stats to get desired results Hi guys, I'm trying to search our Qualys vulnerability data to the average cvss score for all vulnerabilities with ... by Robbie1194 Communicator in Splunk Search 12-04-2017 0 2	0	2
Automatic lookup and metrics index Hello, I configured an automatic lookup table to be active on a metrics index via Splunk Web (I do not have access r... by jwillaime Explorer in Splunk Search 12-04-2017 0 3	0	3
Can multiple IF statements be used I am creating a report off of logs files. In this report I am looking to list out the number of times particular act... by agreer New Member in Splunk Search 12-04-2017 0 1	0	1
Field-extraction on a JSON message with multiple delimiters? I have this: {"date": null, "facility": -1, "host": null, "level": -1, "message": "2017-11-13T03:45:00+0000 monStats... by jayakumar89 Explorer in Splunk Search 12-04-2017 0 2	0	2
How do you use a AND statement in a IF statement? I am looking through log files and building a report that will give a list of usage based off those logs. Currently ... by agreer New Member in Splunk Search 12-04-2017 0 12	0	12
Excluding a field name from fields command exclusions The fields - command expects a list of field names to exclude, and one can use wildcards in that list. But what I nee... by DUThibault Contributor in Splunk Search 12-04-2017 0 14	0	14
Can you clarify Vulnerability report SPL-144192? Vulnerability report SPL-144192 seems to have contradicting data in it. It begins by talking about being vulnerable t... by chriswilkes33 Explorer in Splunk Search 12-04-2017 2 4	2	4
serverclass and regex help for wildcard We have got few servers which could come with or without FQDN in its name. I'm not sure how Splunk UF generates the h... by koshyk Super Champion in Splunk Search 12-04-2017 0 4	0	4
Help to use join to combine based on alert field i have two tables A and B. Based on alert field value in table A a corresponding row will be generated in table B. ... by vkrishnachand New Member in Splunk Search 12-04-2017 0 7	0	7
How to use a date field that isn't _time to search HelpDesk tickets closed in the last 30 days? Hello, I am indexing HelpDesk tickets and I am trying to derive some stats about these tickets. During the indexing... by justinfranks Path Finder in Splunk Search 12-04-2017 1 4	1	4
How to write a search to convert columns to rows? I need to convert the following source data as a specified output. Source Data API SUCCESS FAIL POLICY ... by kpkvarma Engager in Splunk Search 12-04-2017 1 3	1	3
How to return search manager result as JSON I have this code to display values of the search manager in the console but in array format, var mySearch = splunkjs... by josefa123 Explorer in Splunk Search 12-04-2017 0 6	0	6
move some content/source from one index to another index Hi, Can we move only selected file content from one index to another index. I want to move only selected source/conte... by sushildabare Path Finder in Splunk Search 12-04-2017 3 10	3	10
Self defined variable format in javascript search query I found many token based variable search examples online but not on own created variable in customized Javascript. E.... by clement Explorer in Splunk Search 12-04-2017 0 5	0	5
Send Alert if one event doesn't occur in 10 min I have used transaction and non transaction method. Non transaction method yields result but the results are not bein... by syjayaraj Explorer in Splunk Search 12-03-2017 0 10	0	10
How can I exclude a list of word in a table or file from a search that shows a table result? Good morning Splunk Community I'm currently working on a way on how to use splunk so that it can show the most popul... by rasamur Engager in Splunk Search 12-03-2017 0 6	0	6
send the time value for a search range hi, I need to take the start and end time of the first dashboard, and send the variables with token from the first ... by Carolina Engager in Splunk Search 12-03-2017 0 2	0	2
95th Percentile for this Query Hello: I am extremely new to Splunk and was given a task by my manager. He provided the query below and wanted to kno... by vleCSOD Explorer in Splunk Search 12-02-2017 1 4	1	4
Search for ports by host Hi All! What search commands can I use to get results like this? by vumanhtai Path Finder in Splunk Search 12-02-2017 1 3	1	3
compare data list Assume i have two stores which must have the same items but one is missing. My search returns for example STORE=LON... by mkrauss1 Explorer in Splunk Search 12-02-2017 0 8	0	8
Test Splunk Queries I am building a Splunk app for school and one of my requirements is to test that the queries sent to splunk work and ... by reesmanp New Member in Splunk Search 12-02-2017 0 4	0	4
Injecting fields into other events? I have a set of events with the pattern that there's a single event A that pairs with many event Bs (based on a field... by doweaver Path Finder in Splunk Search 12-02-2017 0 8	0	8