Splunk Search

Community Activity

	search two indexes specifying two matching columns I am trying to generate three reports with stats. The first is where jedi and sith have matching columns. The third i... by the_dude Engager in Splunk Search 11-18-2023 0 5	0	5
	How to change host as row and time as column Hi there, I have this query: index=_internal source="*license_usage.log" \| eval bytes=b \| eval GB = round(bytes/1024/... by Zodi_6 New Member in Splunk Search 11-17-2023 0 2	0	2
	Want to replace the field value name Nameskukit NAC-D-CDSK-DLS-05.90NAC-DHJA-JEOE-DNDN-94.4.0 This my data, I want to replace with NAC-D to ANT-P for mul... by ramkyreddy Explorer in Splunk Search 11-17-2023 0 3	0	3
	Outputting data with spath in search I am trying to output two rows of data with them being "read" and "write" with both of them having min,max, and avg o... by jialiu907 Path Finder in Splunk Search 11-17-2023 0 3	0	3
	Create pie Chart from stats command I am trying to create a pie chart of success vs. failure with stats command with the following:search \| stats c(assig... by etherdoggy Loves-to-Learn in Splunk Search 11-17-2023 0 2	0	2
	Using lookup table with host-ip association Hi, I would like to ask a question regarding the lookups table.I am managing logs about login and I want to be sure t... by User2 Engager in Splunk Search 11-17-2023 0 1	0	1
	How To Determine When a Host Stops Sending particular type of Logs to Splunk Hi all,I have facing an issue where exactly we can troubleshoot when a Host Stops Sending cmd Logs to Splunk. Thanks... by AL3Z Builder in Splunk Search 11-16-2023 0 4	0	4
	Using multiple lookup tables in a query index=netlogs [\| inputlookup baddomains.csv \| eval url = ".domain."" \| fields url] NOT [\| inputlookup good_domains.... by MM0071 Path Finder in Splunk Search 11-16-2023 0 2	0	2
	Splunk API Script Help All,Leveraging the following article (https://community.splunk.com/t5/Other-Usage/How-to-export-reports-using-the-RES... by qcjacobo2577 Path Finder in Splunk Search 11-16-2023 0 1	0	1
	Search and count by multiple specific substrings in a field Hello. I have logs which contains field "matching" which is a String type. This field contains this kind of informat... by chimuru84 Path Finder in Splunk Search 11-16-2023 0 17	0	17
	Need help with nested json and spath I've seen a few of the spath topics around, but wasn't able to understand enough to make it work for my data. I have ... by manderson7 Contributor in Splunk Search 11-16-2023 0 2	0	2
	How to calculate percentrank in Splunk? How to calculate percentrank in Splunk?I appreciate your helpBelow is the expected result: Percentrank exc and Perc... by LearningGuy Motivator in Splunk Search 11-16-2023 0 12	0	12
	I need to add filter to error query into total transaction query so that i can get filtered error counts as well as Hi, i need to add filter to error query into total transaction query so that i can get filtered error counts as well ... by Aj01 Path Finder in Splunk Search 11-16-2023 0 1	0	1
	how to extract field from csv raw data below csv file getting generated which is ingested into splunk. These are the file counts created date wise on differ... by ravir_jbp Explorer in Splunk Search 11-16-2023 0 4	0	4
	Splunk left join not returning as expected I have the below code. I know that values exist under the subsearch which are not returning when I run the below quer... by MrJohn230 Path Finder in Splunk Search 11-16-2023 0 6	0	6
	How to display one row table in a pie chart? How to display one row table in a pie chart?Thank you for your help.index=test---- Score calculation -----\| table Sco... by LearningGuy Motivator in Splunk Search 11-16-2023 0 3	0	3
	Line graph by instance and time Hello, I have the below Splunk search and I want to put the results into a line graph so I can compare all of the dis... by danroberts Explorer in Splunk Search 11-15-2023 0 1	0	1
	optimize lookup search I have a lookup file with 50,000 records. When I want to do a search, it takes a lot of time to find my results. Is t... by badoomi New Member in Splunk Search 11-15-2023 0 5	0	5
	Automatic lookup during data ingestiont (Splunk cloud) Hi folksI've a KVstore containing the following values: hostname, IP address.This KVstore is updated every hour to en... by pslacik Splunk Employee in Splunk Search 11-15-2023 0 0	0	0
	How to extend Splunk log retention to forever? We use splunk for data analysing and monitoring. We have the Service Now add in to collect CMDB data. It goes back an... by johnrbhancock Engager in Splunk Search 11-15-2023 0 3	0	3
	Joining two events and compare to needed result Hi , I am trying to find the list of ids that fail from my logs. Say I have 2023-11-14T10:30:30,118 INFO Operation fa... by dharbhm New Member in Splunk Search 11-15-2023 0 6	0	6
	inputlookup - count of values including Null Hello,I have a lookup file and I would like to use it to search a dataset and return a table showing each entry in th... by warren Explorer in Splunk Search 11-15-2023 0 4	0	4
	Remote desktop user Hi,The code is likeindex=main host=server10 (EventCode=4624 OR EventCode=4634) Logon_Type=3 NOT user="*$" NOT user "... by gjhaaland Explorer in Splunk Search 11-15-2023 0 2	0	2
	Alternative/Compliment to stats first() \| makeresults \| eval _raw="id;x;y;z;k a;1;;; a;;1;; a;;;1; a;2;;; a;;2;; a;;;;1 b;1;;; b;;1;; b;;;1; b;2;;; b;;2;; b... by duesser Path Finder in Splunk Search 11-15-2023 0 3	0	3
	Join 2 searches which has common fields as 2 different field name with same value Hi, My main goal is to find user id.Index=A sourcetype=signlogs outcome=failureThe above search has a field name call... by Dharani Path Finder in Splunk Search 11-15-2023 0 3	0	3