Splunk Search

Community Activity

	comparing fields to find identical values I imported a csv into Splunk and now I need to compare two of the fields to find identical values. Compare the values... by aaronzabell Path Finder in Splunk Search 12-05-2023 0 10	0	10
	How to find non-monitored hosts Hey All, I’m a splunk beginner I'm looking to create a query that to be used as an alert, specifically to identify s... by Muthu_Vinith Path Finder in Splunk Search 12-05-2023 0 10	0	10
	Show a 0 if no data on a source Hello community,I'm having a problem that's probably easy to solve, but I can't figure it out.I have a query that wil... by Rajaion Path Finder in Splunk Search 12-05-2023 0 5	0	5
	How do I get a list of all my lookups with their file size? Hey Splunkers,I wanted to get a list of all the lookup files on my SH and their file sizes along with other data. I c... by BuzzLights10 Explorer in Splunk Search 12-05-2023 0 4	0	4
	StatsBuffer::read: Row is too large for StatsBuffer, resizing buffer When performing a query that creates a summary report, the associated search.log file shows:ResultsCollationProcessor... by joemcmahon Explorer in Splunk Search 12-05-2023 0 0	0	0
	Omit time range in query I am querying a change in a value each week over last 4 weeks. Ineed to know the value from the week before the searc... by dataisbeautiful Communicator in Splunk Search 12-05-2023 0 1	0	1
	How to merge two tables to get result in one table How to get a single table from this query having all the correlationId together in one table by avi7326 Path Finder in Splunk Search 12-05-2023 0 3	0	3
	field extraction How to extract field from below eventI want nname,ID,app and Time , here nname is mule_330299_prod_App01_Clt1ID=91826... by nehamvinchankar Path Finder in Splunk Search 12-04-2023 0 3	0	3
	Splunk Alert set up based on first occurrence of error Hi, I want to schedule one splunk alert , please let me know if below option is possible:When the first alert receive... by Dharani Path Finder in Splunk Search 12-04-2023 0 1	0	1
	How get reults to say N/A while using the "inputlookup" command? I'm not a programmer but I am trying to get the display of my graph to depict "No Results" or "N/A" when the Where co... by SubtotalAMG Loves-to-Learn Lots in Splunk Search 12-04-2023 0 7	0	7
	Drop XML event data via transforms.conf I need to drop EventCode 4634 and 4624 with Login_type 3, how i can use nullqueue option and write the correct REGEX ... by mjemi Loves-to-Learn Everything in Splunk Search 12-04-2023 0 1	0	1
	Background Search query Hi All, I have a Splunk search query executing the in the background(used Send to background option) while this is ru... by Siya Loves-to-Learn in Splunk Search 12-04-2023 0 3	0	3
	Issue with using "search IN" command within map Hello,I have the following issue, do you know any solution or workaround?(Or maybe I declared something wrongly...)Wh... by Kristian_86 Explorer in Splunk Search 12-04-2023 0 3	0	3
	Two time condition searches – please help. HiI’m trying to create two searches and having some problems. I hope somebody could help me with this.1. 7 or more ID... by PiotrAp Path Finder in Splunk Search 12-04-2023 0 2	0	2
	Split multivalue cell and duplicate values \| eval logMsgTimestampInit = logMsgTimestamp \| eval ID_SERVICE= mvappend(ID_SERVICE_1,ID_SERVICE_2) , TYPE= mvapp... by dcubaz91 New Member in Splunk Search 12-04-2023 0 5	0	5
	Extract execution time Hello, I've the following situation:I've inside logs the ETL logs, I've already extracted some data via search fields... by marco_carolo Path Finder in Splunk Search 12-04-2023 0 6	0	6
	How to join on optional date range without map? Hi,I am trying to report on access requests to actual logins.I have a list of events from our systems of when users h... by apps_inpaytech Explorer in Splunk Search 12-03-2023 0 4	0	4
	tstats distinct_count returns an incorrect value on high cardinality source field HeyI've been working on a distributed Splunk environment, where in one of our indexes we have a very high cardinality... by yotamros Explorer in Splunk Search 12-03-2023 0 5	0	5
	Search based on a previous conditions. Or alert that exec additional search Hello! Is it possible to implement something like this?I have 300+ devices that send logs to one index. I want to che... by Kim Explorer in Splunk Search 12-03-2023 0 0	0	0
	Can someone share documentation on the best process to verify domain controller logs in Splunk? I am very new using Splunk but I am enjoying it a lot so far.I am being tasked with writing a document on how to veri... by GIA Path Finder in Splunk Search 12-02-2023 0 3	0	3
	Extract the fields user and service account Dec 2 08:46:55 server1 sudo[3461907]: ib12345 : TTY=pts/0 ; PWD=/home/ib12345 ; USER=root ; COMMAND=/bin/su - webadmi... by Hema_Nithya Explorer in Splunk Search 12-02-2023 0 3	0	3
	How to extract a field from the text Dec 2 09:02:17 server1 sudo: ib12345 : TTY=pts/0 ; PWD=/home/ib12345 ; USER=root ; COMMAND=/bin/su - I need to extrac... by Hema_Nithya Explorer in Splunk Search 12-02-2023 0 4	0	4
	To get the list of datasources in splunk Hi,I am trying to get the information how many datasources and endpoints we have Integrated in to splunk.How can we g... by AL3Z Builder in Splunk Search 12-01-2023 0 5	0	5
	Find indexes that got events for the first time in the selected time range out of a list of all indexes Hi folks,I have been trying to create a query that would list index name and earliest event from a list of indexes th... by tkrshn Engager in Splunk Search 12-01-2023 0 2	0	2
	BotS member needed ! I don’t know if this is the right place to ask, but I’m currently looking for three members for BotS v7 coming 7th De... by Saki New Member in Splunk Search 12-01-2023 0 0	0	0