Splunk Search

Community Activity

	How to achieve conditional formatting of values with eval if and regex? Hello everyone, I have the following field and example value: sourcePort=514.000 I'd like to format these fields in s... by erikschubert Engager in Splunk Search 11-21-2023 0 3	0	3
	Remove specific strings from raw events based on other fields Firewall logs needs some purification for threat monitoring, below are couple events, From the events below action=Ac... by sandeepreddy947 Path Finder in Splunk Search 11-21-2023 0 3	0	3
	using 'values' in stats shows values merged Hello Experts, I was wondering if you can help me figure out how do I show the merged values in a field as 'unmerged'... by beriwalnishant Path Finder in Splunk Search 11-21-2023 0 4	0	4
	Need help in merging the queries Hi,i need to add two queries so that they could come in different fields in one visualization, one will be the error ... by Aj01 Path Finder in Splunk Search 11-21-2023 0 3	0	3
	Regex not workin Hi All,Here is my how my event looks like - 20/11/2023 12:47:05 (01) >> AdyenProxy::AdyenPaymentResponse::ProcessPaym... by man03359 Communicator in Splunk Search 11-21-2023 0 2	0	2
	How to build multiple timecharts in dashboard from one field? Hello All,I have a lookup file with multiple columns: fieldA, fieldB, fieldC.I need to publish timechart for each val... by Taruchit Contributor in Splunk Search 11-21-2023 0 5	0	5
	How to associate two data set when one set need to lookup for associated key but the other data set doesn't need ? Dear All,I have one index and I use this index to store messages and summary report as well.In report="report_b", it ... by Jouman Path Finder in Splunk Search 11-20-2023 0 2	0	2
	How to get the target Account Name from WinEventLog:Security This is an example of an event for EventCode=4726. As you see there are two account name fields which the Splunk App ... by rune_hellem Contributor in Splunk Search 11-20-2023 0 1	0	1
	Get Invidiual Totals when stats count has a field that logs errors Hello Experts, This is a long searches, explored query that I am getting a way around.If we do a simple query like th... by beriwalnishant Path Finder in Splunk Search 11-20-2023 0 3	0	3
	limit timechart with span and per_hour to 2 decimal values I have below query which shows values in line chart with up to 5 decimals and I want to limit it to max 2 decimals. s... by rajnsoni92 Explorer in Splunk Search 11-20-2023 0 2	0	2
	Splunk HF UI issue hello Splunk team,As picture, I found UI duplication problem in selecting data type module. I tested different browse... by yimhe Loves-to-Learn in Splunk Search 11-20-2023 0 1	0	1
	Compare values at two different timestamps and output diffs into a table Hi Folks,I am trying to figure out how to compare a single field based off another field called timestamp.I pull in d... by ch_payroc Loves-to-Learn Lots in Splunk Search 11-20-2023 0 3	0	3
	How to Combine Events with matching data Hi, I have a union'ed search where I am wanting to link different events based on fields that have matching values.My... by BlueWombat45 New Member in Splunk Search 11-20-2023 0 1	0	1
	Get the top n results when searched by count and span Hi All,I am trying to get the top n users who made calls to some APIs over a span of 5 minutes. For example:By the be... by SaiDarur New Member in Splunk Search 11-20-2023 0 5	0	5
	Want to run the splunk query exactly one week earlier than the date selected in the datetimepicker. I want to write a splunk query which will run over the same timewindow but on a different date selected in the dateti... by sahastrabuddhe Engager in Splunk Search 11-20-2023 0 1	0	1
	Using tokens in dropdown menu to create two different results I am wondering if there's a way to use the dropdown menu and tokens to display two different results. I am trying to ... by jialiu907 Path Finder in Splunk Search 11-20-2023 0 1	0	1
	Splunk query to compare a field from search with a field from lookup and find the unmatched ones Hi Can you please let me know how to frame splunk query compare a field from search with a field from lookup and find... by srivardhini92 Observer in Splunk Search 11-20-2023 0 2	0	2
	auto_generated_pool_download-trial Hi,we have the following error in one of the splunk instances:Error in 'litsearch' command: Your Splunk license expir... by maede_yavari Explorer in Splunk Search 11-20-2023 0 0	0	0
	Is there a way to get 2 nonstream Searches to run in parallel in the same SPL? Hi - Is there a way to get 2 nonstream Searches to run in parallel in the same SPL? I am using "appendcols", but I th... by robertlynch2020 Influencer in Splunk Search 11-20-2023 0 2	0	2
	Multiple time searches I have the below search and I'm trying to search for different time periods within each search. So for example msg="*... by MrJohn230 Path Finder in Splunk Search 11-19-2023 0 2	0	2
	Converting index query to data model query I have tried to simplify the query for better understanding and removing some unnecessary things.This query is to fin... by north_star Loves-to-Learn in Splunk Search 11-19-2023 0 6	0	6
	How to extract specific field values from JSON format events? I am looking to extract some information from a Values field that has two values within it. How can i specify which o... by jialiu907 Path Finder in Splunk Search 11-19-2023 0 8	0	8
	How to fix wandering trellis order? Sometimes, running the same search generates different orders when trellis visualization is used. For example, ((sou... by yuanliu SplunkTrust in Splunk Search 11-18-2023 0 2	0	2
	search two indexes specifying two matching columns I am trying to generate three reports with stats. The first is where jedi and sith have matching columns. The third i... by the_dude Engager in Splunk Search 11-18-2023 0 5	0	5
	How to change host as row and time as column Hi there, I have this query: index=_internal source="*license_usage.log" \| eval bytes=b \| eval GB = round(bytes/1024/... by Zodi_6 New Member in Splunk Search 11-17-2023 0 2	0	2