Splunk Search

Community Activity

Not all fields in log line extracted Hi, I have two problems with a log line. 1) I have a log line that occasionally is inserted. It is a schedule, and i... by ssaenger Communicator in Splunk Search 11-21-2023 0 3	0	3
I have a field from one query that gets appended with another field coming from second query.How do I filter those value I am appending results from below query,which will display difererent objectypesuppliedMaterial: index="" sourc... by nithys Communicator in Splunk Search 11-21-2023 0 3	0	3
long base search does not work in drop down list? Hello,Why does long base search not work in drop down list?For example if the base query on id="StudentName" has a lo... by LearningGuy Motivator in Splunk Search 11-21-2023 0 2	0	2
Email count How do I count the number of emails from a search but only get recipients that received ten or more emails? by Benny611 Engager in Splunk Search 11-21-2023 0 1	0	1
Incomplete UserID How to I eliminate partial user id characters coming out of a search query? Here are examples of incomplete userIDs... by sgabriel1962 Explorer in Splunk Search 11-21-2023 0 8	0	8
can we increase lookup table maximum matches to 2000? Lookup table max match can be 1 to 1000, I want to increase it to 2000. Is it possible? When I increase the max_match... by rajchi Explorer in Splunk Search 11-21-2023 1 8	1	8
How to apply regex to lookup table field? Hello All,I have a lookup file with multiple fields. I am reading it using inputlookup command and implementing some ... by Taruchit Contributor in Splunk Search 11-21-2023 0 4	0	4
How to achieve conditional formatting of values with eval if and regex? Hello everyone, I have the following field and example value: sourcePort=514.000 I'd like to format these fields in s... by erikschubert Engager in Splunk Search 11-21-2023 0 3	0	3
Remove specific strings from raw events based on other fields Firewall logs needs some purification for threat monitoring, below are couple events, From the events below action=Ac... by sandeepreddy947 Path Finder in Splunk Search 11-21-2023 0 3	0	3
using 'values' in stats shows values merged Hello Experts, I was wondering if you can help me figure out how do I show the merged values in a field as 'unmerged'... by beriwalnishant Path Finder in Splunk Search 11-21-2023 0 4	0	4
Need help in merging the queries Hi,i need to add two queries so that they could come in different fields in one visualization, one will be the error ... by Aj01 Path Finder in Splunk Search 11-21-2023 0 3	0	3
Regex not workin Hi All,Here is my how my event looks like - 20/11/2023 12:47:05 (01) >> AdyenProxy::AdyenPaymentResponse::ProcessPaym... by man03359 Communicator in Splunk Search 11-21-2023 0 2	0	2
How to build multiple timecharts in dashboard from one field? Hello All,I have a lookup file with multiple columns: fieldA, fieldB, fieldC.I need to publish timechart for each val... by Taruchit Contributor in Splunk Search 11-21-2023 0 5	0	5
How to associate two data set when one set need to lookup for associated key but the other data set doesn't need ? Dear All,I have one index and I use this index to store messages and summary report as well.In report="report_b", it ... by Jouman Path Finder in Splunk Search 11-20-2023 0 2	0	2
How to get the target Account Name from WinEventLog:Security This is an example of an event for EventCode=4726. As you see there are two account name fields which the Splunk App ... by rune_hellem Contributor in Splunk Search 11-20-2023 0 1	0	1
Get Invidiual Totals when stats count has a field that logs errors Hello Experts, This is a long searches, explored query that I am getting a way around.If we do a simple query like th... by beriwalnishant Path Finder in Splunk Search 11-20-2023 0 3	0	3
limit timechart with span and per_hour to 2 decimal values I have below query which shows values in line chart with up to 5 decimals and I want to limit it to max 2 decimals. s... by rajnsoni92 Explorer in Splunk Search 11-20-2023 0 2	0	2
Splunk HF UI issue hello Splunk team,As picture, I found UI duplication problem in selecting data type module. I tested different browse... by yimhe Loves-to-Learn in Splunk Search 11-20-2023 0 1	0	1
Compare values at two different timestamps and output diffs into a table Hi Folks,I am trying to figure out how to compare a single field based off another field called timestamp.I pull in d... by ch_payroc Loves-to-Learn Lots in Splunk Search 11-20-2023 0 3	0	3
How to Combine Events with matching data Hi, I have a union'ed search where I am wanting to link different events based on fields that have matching values.My... by BlueWombat45 New Member in Splunk Search 11-20-2023 0 1	0	1
Get the top n results when searched by count and span Hi All,I am trying to get the top n users who made calls to some APIs over a span of 5 minutes. For example:By the be... by SaiDarur New Member in Splunk Search 11-20-2023 0 5	0	5
Want to run the splunk query exactly one week earlier than the date selected in the datetimepicker. I want to write a splunk query which will run over the same timewindow but on a different date selected in the dateti... by sahastrabuddhe Engager in Splunk Search 11-20-2023 0 1	0	1
Using tokens in dropdown menu to create two different results I am wondering if there's a way to use the dropdown menu and tokens to display two different results. I am trying to ... by jialiu907 Path Finder in Splunk Search 11-20-2023 0 1	0	1
Splunk query to compare a field from search with a field from lookup and find the unmatched ones Hi Can you please let me know how to frame splunk query compare a field from search with a field from lookup and find... by srivardhini92 Observer in Splunk Search 11-20-2023 0 2	0	2
auto_generated_pool_download-trial Hi,we have the following error in one of the splunk instances:Error in 'litsearch' command: Your Splunk license expir... by maede_yavari Explorer in Splunk Search 11-20-2023 0 0	0	0