Splunk Search

Community Activity

	Unable to mask PII data on JSON at indexer Hello friends, My data is in json format and i have credit card info which i need to mask at indexer level. I tried b... by mehala12 Explorer in Splunk Search 06-15-2017 0 6	0	6
	Using eval to set token in drilldown does not work I have a row in a table called DMPrice <set token="dmp">$row.DMPrice$</set> this works, however, if there is no DM... by bowesmana SplunkTrust in Splunk Search 06-15-2017 0 2	0	2
	How to use stats command after top command. Hi all I am trying to do the following search. which would result in Top 5 apiname values along with their apitime(a... by rakshithreddy Explorer in Splunk Search 06-15-2017 0 4	0	4
	Event sampling with specific event gaps for multiple hosts I have multiple hosts in my result table and there is no specific sampling interval for each. However it is sure that... by AshimaE Explorer in Splunk Search 06-15-2017 0 3	0	3
	Correlate received Up down Traps in Splunk Looking for ideas on how to correlate between an updown trap event like the one shown below - would be nice to have t... by Esky73 Builder in Splunk Search 06-15-2017 0 1	0	1
	remove URL from search result is not working My Splunk Query index= index1 sourceType=source1 "Error" OR requestURl != "/test/abc" OR requestURI != "/person" ... by jw44250 New Member in Splunk Search 06-15-2017 0 4	0	4
	How to generate a search for specific words in row data? My search result is like this : result 1 . message hello test helo test result 2 . message hello test helo tes... by jw44250 New Member in Splunk Search 06-15-2017 0 13	0	13
	lookup using 2 search results hi, from 1 search i got below results. txn ref no \|amount\|date and another search got the below. acct no\|txn ref... by nvegesn222 New Member in Splunk Search 06-15-2017 0 2	0	2
	How to combine multiple searches into 1 related table/graph? I have two searches something like this: "ns=my_project" message="RESPONSE_CODE=200" OR "RESPONSE_CODE=400" METH... by lordhans Explorer in Splunk Search 06-15-2017 0 2	0	2
	how to tell splunk automatically extract fields with symbols besides "=" Splunk can extract fields when events contain "key=value" strings Could I tell splunk to extract fields automatically... by crazyeva Contributor in Splunk Search 06-15-2017 0 6	0	6
	Is it possible to set up a multidimensional CSV lookup? Hello, I'd like to setup a lookup table to provide additional static information for a set of known parameters. How... by brcrommett Engager in Splunk Search 06-15-2017 0 5	0	5
	Do two joins matching inputlookup data to build table I have a lookup - ips.csv - formated like... ip,name 1.2.3.4,server1 2.3.4.5,server2 My indexed data is source, de... by yacht_rock Explorer in Splunk Search 06-15-2017 0 1	0	1
	How to find the difference between time stamps in 2 different events? Hello! I am have a bunch of logs stating when a job has started and finished. I have been asked to find a way to tel... by MWAKburns Engager in Splunk Search 06-15-2017 0 1	0	1
	How to reduce the DNS logs using regex? Hi I have the DNS debug logs enabled, is there a way to index only failures ignoring the successful one's? I have m... by kiran331 Builder in Splunk Search 06-15-2017 0 2	0	2
	How to generate a search to find the number of days that exceeds mean by certain ranges? Hello all! I'm trying to find the number of days that the daily count of my event exceeds the daily mean + standard ... by jrnastase Explorer in Splunk Search 06-15-2017 0 3	0	3
	How to make empty fields display as Null I am trying to display results that simply report if a certain field contains information or not. My search is as f... by mihall Path Finder in Splunk Search 06-15-2017 0 1	0	1
	How to extract a date from a string? Hi, I have a string 'ABC_GFD_NOCS_RPT_HIST_2017-05-12_5min.csv' How do I extract '2017-05-12' from 'ABC_GFD_NOCS_R... by rmuraly Explorer in Splunk Search 06-15-2017 0 5	0	5
	How to generate a search for the creation of admin accounts? need a search for creation of admin accounts. For both Windows and Linux. Domain-level accounts. Thanks by MastaMia New Member in Splunk Search 06-15-2017 0 3	0	3
	Multiple Timestamp Aggregation in Reports: How to have a single report for a user with the timestamp for each login/logout session? We are logging information from a network security device that has multiple fields of interest. LOGIN, LOGOUT, START,... by phillipmadm Explorer in Splunk Search 06-15-2017 0 4	0	4
	Hi, Want to extract timestamp for below log using props.conf . Any Suggestion 2017-04-02 so-splunky.local 22:45:19.023 -0600 sshd[68061]: Accepted keyboard-interactive/pam for sowings from xx.xx.... by shinde0509 Explorer in Splunk Search 06-15-2017 0 1	0	1
	can we delay panel population until query has fully ran Do we have any functionality in splunk to make panels populate data once post processing of queries is done.? by architkhanna Path Finder in Splunk Search 06-15-2017 0 2	0	2
	Search is returning unwanted data. index=myindex server="server1234" OR "server1235" OR "server1236" OR "server1237" OR "server1238" \| stats count(_raw)... by jsven7 Communicator in Splunk Search 06-15-2017 0 6	0	6
	Extract a number from event message field Hi Guys, I have been trying to extract the number at the end of EVENT_MESSAGE field. Text sample: SERVER=SERVERNA... by codebased Explorer in Splunk Search 06-15-2017 0 9	0	9
	Help with Regex Hi All, Need help with regex for extracting desired output from below patterns. I have ecommerce site where we want... by newbie2tech Communicator in Splunk Search 06-15-2017 0 8	0	8
	How to create a conditional search if license usage is above 80%, then show top 10 hosts? There is default license alert when license usage is greater 80%, then you will get email notification. The alert is... by fli Explorer in Splunk Search 06-15-2017 0 3	0	3