Splunk Search

Community Activity

	Omit time range in query I am querying a change in a value each week over last 4 weeks. Ineed to know the value from the week before the searc... by dataisbeautiful Communicator in Splunk Search 12-05-2023 0 1	0	1
	How to merge two tables to get result in one table How to get a single table from this query having all the correlationId together in one table by avi7326 Path Finder in Splunk Search 12-05-2023 0 3	0	3
	field extraction How to extract field from below eventI want nname,ID,app and Time , here nname is mule_330299_prod_App01_Clt1ID=91826... by nehamvinchankar Path Finder in Splunk Search 12-04-2023 0 3	0	3
	Splunk Alert set up based on first occurrence of error Hi, I want to schedule one splunk alert , please let me know if below option is possible:When the first alert receive... by Dharani Path Finder in Splunk Search 12-04-2023 0 1	0	1
	How get reults to say N/A while using the "inputlookup" command? I'm not a programmer but I am trying to get the display of my graph to depict "No Results" or "N/A" when the Where co... by SubtotalAMG Loves-to-Learn Lots in Splunk Search 12-04-2023 0 7	0	7
	Drop XML event data via transforms.conf I need to drop EventCode 4634 and 4624 with Login_type 3, how i can use nullqueue option and write the correct REGEX ... by mjemi Loves-to-Learn Everything in Splunk Search 12-04-2023 0 1	0	1
	Background Search query Hi All, I have a Splunk search query executing the in the background(used Send to background option) while this is ru... by Siya Loves-to-Learn in Splunk Search 12-04-2023 0 3	0	3
	Issue with using "search IN" command within map Hello,I have the following issue, do you know any solution or workaround?(Or maybe I declared something wrongly...)Wh... by Kristian_86 Explorer in Splunk Search 12-04-2023 0 3	0	3
	Two time condition searches – please help. HiI’m trying to create two searches and having some problems. I hope somebody could help me with this.1. 7 or more ID... by PiotrAp Path Finder in Splunk Search 12-04-2023 0 2	0	2
	Split multivalue cell and duplicate values \| eval logMsgTimestampInit = logMsgTimestamp \| eval ID_SERVICE= mvappend(ID_SERVICE_1,ID_SERVICE_2) , TYPE= mvapp... by dcubaz91 New Member in Splunk Search 12-04-2023 0 5	0	5
	Extract execution time Hello, I've the following situation:I've inside logs the ETL logs, I've already extracted some data via search fields... by marco_carolo Path Finder in Splunk Search 12-04-2023 0 6	0	6
	How to join on optional date range without map? Hi,I am trying to report on access requests to actual logins.I have a list of events from our systems of when users h... by apps_inpaytech Explorer in Splunk Search 12-03-2023 0 4	0	4
	tstats distinct_count returns an incorrect value on high cardinality source field HeyI've been working on a distributed Splunk environment, where in one of our indexes we have a very high cardinality... by yotamros Explorer in Splunk Search 12-03-2023 0 5	0	5
	Search based on a previous conditions. Or alert that exec additional search Hello! Is it possible to implement something like this?I have 300+ devices that send logs to one index. I want to che... by Kim Explorer in Splunk Search 12-03-2023 0 0	0	0
	Can someone share documentation on the best process to verify domain controller logs in Splunk? I am very new using Splunk but I am enjoying it a lot so far.I am being tasked with writing a document on how to veri... by GIA Path Finder in Splunk Search 12-02-2023 0 3	0	3
	Extract the fields user and service account Dec 2 08:46:55 server1 sudo[3461907]: ib12345 : TTY=pts/0 ; PWD=/home/ib12345 ; USER=root ; COMMAND=/bin/su - webadmi... by Hema_Nithya Explorer in Splunk Search 12-02-2023 0 3	0	3
	How to extract a field from the text Dec 2 09:02:17 server1 sudo: ib12345 : TTY=pts/0 ; PWD=/home/ib12345 ; USER=root ; COMMAND=/bin/su - I need to extrac... by Hema_Nithya Explorer in Splunk Search 12-02-2023 0 4	0	4
	To get the list of datasources in splunk Hi,I am trying to get the information how many datasources and endpoints we have Integrated in to splunk.How can we g... by Raj Builder in Splunk Search 12-01-2023 0 5	0	5
	Find indexes that got events for the first time in the selected time range out of a list of all indexes Hi folks,I have been trying to create a query that would list index name and earliest event from a list of indexes th... by tkrshn Engager in Splunk Search 12-01-2023 0 2	0	2
	BotS member needed ! I don’t know if this is the right place to ask, but I’m currently looking for three members for BotS v7 coming 7th De... by Saki New Member in Splunk Search 12-01-2023 0 0	0	0
	To set up alert using saved search and map command I have a saved search with 'n' number of results and I need to setup an alert mail for the results by creating an ale... by varsh_6_8_6 Explorer in Splunk Search 12-01-2023 0 0	0	0
	How to compare 2 lookups and highlight any changes ? Hi,Once a month we receive a file via email that we manually upload to Splunk as a lookup CSV file. The current proc... by tomapatan Contributor in Splunk Search 12-01-2023 0 0	0	0
	How to use predict command in tabular format? Hello All,I have data in the form of a table with two fields: index, sourcetype. Each row has unique pair of values f... by Taruchit Contributor in Splunk Search 12-01-2023 0 5	0	5
	How to change pie chart font color from within Splunk Studio (via Source Code or regular editing)? Good Afternoon,Currently, I'm submitting this message for help in regards to editing the font color for all labels in... by aocruz New Member in Splunk Search 11-30-2023 0 0	0	0
	Timepicker relative time in dashboard. Hi all! What I thought was going to be a fairly simple panel on a dashboard has been giving me fits. We have a globa... by jacobdavis Engager in Splunk Search 11-30-2023 0 3	0	3