Splunk Search

Community Activity

how to reduce multiple results into one based on the earliest time Hi there:I have the following query:source=accountCalc type=acct.change msg="consumed" event_id="" process_id="" po... by djoobbani Path Finder in Splunk Search 11-12-2023 0 3	0	3
Filter events in a time frame by a condition I have the query to find the response code and count vs time (in 1 minute time interval) as below. index=sample_index... by RemyaT Explorer in Splunk Search 11-12-2023 0 2	0	2
Classify into a group Example logs2022-08-19 08:10:53.0593\|Starting2022-08-19 08:10:53.5905\|fff2022-08-19 08:10:53.6061\|dd2022-08-19 08... by Kirthika Path Finder in Splunk Search 11-11-2023 0 2	0	2
How to create multiple events with different values using makeresults Hi there:I have the following makeresults query:\| makeresults count=3\| eval source="abc"\| eval msg="consumed"\| eval t... by djoobbani Path Finder in Splunk Search 11-11-2023 0 4	0	4
Calculate any Server network throughput from Cisco ASA logs. I can see logs from Cisco ASA firewall to Splunk and we are getting logs when a connection close. It have the total d... by Hami-g New Member in Splunk Search 11-10-2023 0 2	0	2
Lookup against an Array I'm trying to run a lookup against a list of values in an array. I have a CSV which look as follows:idxy123DataData2... by gbam Explorer in Splunk Search 11-10-2023 0 1	0	1
Calculating duration of several events in a row with the same field value I'm having some trouble coming up with the SPL for the following situation:I have some series of events with a timest... by Roynsky Engager in Splunk Search 11-10-2023 1 1	1	1
How do I extract multiple values for a field in the same event using field extractions? Hello, I have the following event (all lines belong to the same event): A Tue Oct 30 13:54:12:863 2018 A ** RABAX:... by damucka Builder in Splunk Search 11-10-2023 0 6	0	6
Extract and count IDs from a table Hi!  I have a fallowing table:SESSION_IDSUBMITTED_FROMSTAGE1 submit1startPagesomeStage12 submit2page1someStage12page... by wkk Explorer in Splunk Search 11-10-2023 0 4	0	4
Search peers / Replication status / Initial I'm trying to setup a distributed search. I have successfully added my search peers to the search head already. The ... by kevinsikora Explorer in Splunk Search 11-10-2023 2 4	2	4
Compare two timestamps Hello, We are implenting splunk in our environment and right now i import every 7 days our vulnerability scan to spl... by LionSplunk Explorer in Splunk Search 11-10-2023 0 5	0	5
extracting texts from a field Hello there:I have the following two events:Event #1source=foo1 eventid=abcmessage="some message dfsdfdfgfdggfg fgdfd... by djoobbani Path Finder in Splunk Search 11-09-2023 0 4	0	4
converting this search to hours instead of days Hi im trying to convert this search to show totals in hours instead of days/dates can anyone help me please?index=ana... by Peterm1993 Explorer in Splunk Search 11-09-2023 0 6	0	6
How can I find an event count of event that are less than a p95 duration? I need to identify the count of events that have a duration that is less than the p95 value.Sample searchindex=xyz st... by mark_groenveld Path Finder in Splunk Search 11-09-2023 0 7	0	7
Working with OpenTelemetry Cumulative Histogram Bucket with Calculations Hi, I am new to Splunk and couldn't figure out how to work with OpenTelemetry's histogram bucket in Splunk. I have a ... by cchan Loves-to-Learn in Splunk Search 11-09-2023 0 0	0	0
MLTK import error- Does anyone have suggestions? initially MLTK was working fine but now I started getting this error "Error in 'fit' command: (ImportError) DLL load ... by badrinath Path Finder in Splunk Search 11-09-2023 0 1	0	1
how to join 2 lookup files to combine all the rows. how to join 2 lookup files to combine all the rows. I used this query but not giving proper values and used join/appe... by Anud Path Finder in Splunk Search 11-09-2023 0 7	0	7
Splunk Search results limit 4999 Hello, Currently, I am using the append command to combine two queries and tabulate the results, but I see only 4999 ... by kc_prane Communicator in Splunk Search 11-09-2023 0 4	0	4
search query Hi there:I have two events shown below:Event #1source=foo1eventid=abcdEvent #2source=foo2event_id=abcdI am trying to ... by djoobbani Path Finder in Splunk Search 11-09-2023 0 1	0	1
Better PDF report visualization Hello, i am reaching out to ask if there is any way to make the chart that was generated with the scheduled PDF repor... by Abass42 Communicator in Splunk Search 11-09-2023 0 0	0	0
grouping count by multiple field substrings Hi,We currently have events where identifying the app that makes the event depends multiple fields, as well as substr... by OrionCulver Explorer in Splunk Search 11-09-2023 0 5	0	5
Automated lookup using KVstore lookup I have a KV store collection that is populated. I have a lookup definition pointing to the KV store. If you use the... by coreyCLI Communicator in Splunk Search 11-09-2023 0 6	0	6
Encrypt the Source data Hi All, My requirement is source data records data need to be encrypted. What does process need to follow? Is there a... by vijreddy30 Loves-to-Learn Everything in Splunk Search 11-09-2023 0 3	0	3
How to apply eval to fields with complex names? I am basically faced with this problem: \| makeresults count=3 \| streamstats count \| eval a.1 = case(count=1, 1, coun... by duesser Path Finder in Splunk Search 11-09-2023 0 1	0	1
Trying to create a custom Field Extraction I am trying to write a regex to extract a field called "registrar" from some data like i have below. Can you please h... by scout29 Path Finder in Splunk Search 11-08-2023 0 4	0	4