Splunk Search

Community Activity

"transaction" command: have four "startswith" and two "endswith" patterns for the same transaction I need to run a Splunk search with "transaction" command and I have four pattern variations for the start of the tran... by sp Loves-to-Learn in Splunk Search 11-07-2023 0 2	0	2
Stats and Look up Dear All,I have look up file with Transaction details and Transaction Name Like below. Will be great if someone sugge... by Satyapv Engager in Splunk Search 11-07-2023 0 8	0	8
I have a query to fetch Kernel version from all the Linux servers I have a query to fetch Kernel version from all the Linux servers . We update the Kernel Patch every quarter . I have... by Hema_Nithya Explorer in Splunk Search 11-07-2023 0 1	0	1
Highlight empty fields in color How to highlight empty fields in the dashboard in colours . Simple step pls by Hema_Nithya Explorer in Splunk Search 11-07-2023 0 3	0	3
To extract the timestamp for the events Hi everyoneI need to grouping the below 3 events with correlation ID. I have tried transaction cmd below but it is no... by parthiban Path Finder in Splunk Search 11-07-2023 0 18	0	18
Find three different events within a timeframe for the same user In this dataset, transactions (#3 + #9 + #10 - Mike), and (#5 + #7 +#11 - Alex) -- Would be displayed.#TimeUserTrans... by mlorrette Path Finder in Splunk Search 11-07-2023 0 2	0	2
lookup data not population in final part of query Hi alli have the below query where i have a lookup file with Error messages im trying to match the error messages in... by vk1544 Explorer in Splunk Search 11-07-2023 0 1	0	1
How to get the min, average, max, median event size, standard deviation of event size by sourcetype How to Inspect each feed by different criteria:Average ingestion rate per day, Minimum event size, 24 hour periodAver... by harishsplunk7 Explorer in Splunk Search 11-07-2023 0 3	0	3
Search a particular time of day across multiple days Hello, I'm trying to map out usage by time of day: Morning (6am-8am) Day Off Peak (8am-6pm) Prime Time (6pm-11pm) N... by sambiggins Explorer in Splunk Search 11-07-2023 1 9	1	9
Filtering data using a second query I have data in two different applications. I need to get fields from one query to use as filters for another, like th... by jacu86 Engager in Splunk Search 11-07-2023 0 1	0	1
Convert date and time bunched together to a readable date In my splunk search for getting the date of Nessus plugins feed version used in a scan I get the number returned in t... by splunkthat Engager in Splunk Search 11-07-2023 0 1	0	1
What do "total_slices" represent in the audittrail? I have been investigating a particular search an api user runs which has become markedly slower past a specific date.... by briancronrath Contributor in Splunk Search 11-07-2023 0 4	0	4
help correct eval command Please help me correct the command below. It keeps returning all the devices as no even though the app is installed.i... by olawalePS Path Finder in Splunk Search 11-06-2023 0 7	0	7
how to find what commands in the search language are being used I want to list what commands in the search language are being used. I think its possible in the same _audit index an... by harishsplunk7 Explorer in Splunk Search 11-06-2023 0 4	0	4
index query results against inputlookup return stats/multiple stats Hello and thank you for your time.I would like to run a search in splunk, using the results against inputlookup lists... by DanWilkinson Engager in Splunk Search 11-06-2023 0 2	0	2
Dropdown populated by search ok, now how to set a token based on an alternate field <input type="dropdown" token="tok_choice" searchWhenChanged="true"> <fieldForLabel>host</fieldForLabel> <fieldForVa... by dural_yyz Motivator in Splunk Search 11-06-2023 0 2	0	2
Does Splunk meet 800-53 Audit Reduction requirements and a common Date-Time Stamp capability? I am having trouble finding documentation that explicitly states Splunk's ability to perform audit reduction. I am a... by rotht New Member in Splunk Search 11-06-2023 0 2	0	2
Input on how to perform a search, field extraction and calculation ? Here is what I am attempting to do:I am trying to calculate the distinct count of the 'type' of users that are active... by sjringo Contributor in Splunk Search 11-06-2023 0 3	0	3
Query Pivot multiple columns Hello, I have the below code. I'm trying to create a new column that extracts and pivots CareCnts, CoverCnts, NonCove... by MrJohn230 Path Finder in Splunk Search 11-06-2023 0 3	0	3
Lookup Table with CIDR, running but no matches Hello, I think this is a simple answer but I'm not able to find a solution. I created a lookup table that looks like... by yoshileigh66 Explorer in Splunk Search 11-06-2023 0 6	0	6
Return "Yes" if field exists in another field in the table Hello! I have run a search which results in displaying a table. In this table, I would like to check if a combination... by nanuli Engager in Splunk Search 11-06-2023 0 4	0	4
How to count valuse and display againts another field? Sorry, I am unsure how to describe what I am looking for using Splunk terminology, and I am sure that is why I am hav... by Matrix20085 Explorer in Splunk Search 11-06-2023 0 4	0	4
rare command hello!I have this search, and I want to add more parameters like time etc.the thing is - when I'm using rare its show... by Shakira1 Explorer in Splunk Search 11-06-2023 0 5	0	5
Strptime() Eval command returning empty What is wrong with the query below, it does not return any value in the timestamp field. The attached image shows a r... by olawalePS Path Finder in Splunk Search 11-06-2023 0 3	0	3
visualize stats(sum) Hello SplunkersI can use stats count and visualize the output as a single value so its nice and big in that panel in ... by splunk_novice99 Explorer in Splunk Search 11-05-2023 0 4	0	4