Splunk Search

Community Activity

	Extraction of Multiple events (URLS and IP addresses) from text files Hi, We receive daily emails with lists of IOC's for malware and phishing alerts, each email may contain multiple ip a... by capilarity Path Finder in Splunk Search 11-02-2023 0 1	0	1
	How to apply predict command on multiple fields returned by timechart command? Hello @kamlesh_vaghela,This is with regards to your solution posted on the below thread: -https://community.splunk.co... by Taruchit Contributor in Splunk Search 11-02-2023 0 1	0	1
	Search in square brackets I don't understand how this works, what should replace the square brackets in this situation or what does the search ... by vanheer Explorer in Splunk Search 11-02-2023 0 2	0	2
	Passing Multiselect macro input token to search Hi Splunkers! I would like to pass two macros as a token to a base search when multiple values in multiselect is sel... by smanojkumar Contributor in Splunk Search 11-02-2023 0 0	0	0
	Performant way to use "dedup" with group by I basically have the opposite question as can be seen here:https://community.splunk.com/t5/Splunk-Search/How-to-use-t... by duesser Path Finder in Splunk Search 11-02-2023 0 4	0	4
	what is the difference between summary indexing and data models? Hi  i'm new hier and i still don't understand the difference between summary indexing and data modeling.When should ... by Day Engager in Splunk Search 11-02-2023 0 3	0	3
	How extract the lines as failures from logs using splunk index=os source="/var/log/bitbucket" host=servera* Failedand evaluate them as failed packages to install. Failed:pyt... by Hema_Nithya Explorer in Splunk Search 11-02-2023 0 1	0	1
	How to display panels dynamically depends on selection ? Hi All,I am working on analyzing processing time among 10 devices and categorize all the evnets into 3 categories, in... by Jouman Path Finder in Splunk Search 11-02-2023 0 11	0	11
	How to calculate distinct count with condition? Hello,How to calculate distinct count with condition?How to calculate unique vuln that has score >0, group by ip?Befo... by LearningGuy Motivator in Splunk Search 11-02-2023 0 5	0	5
	How to hide a field of a table but keep it for separate search? How to hide a field of a table but keep it for separate search? Thank you for your helpFor example: field "id" exi... by LearningGuy Motivator in Splunk Search 11-02-2023 0 6	0	6
	Extracting sub fields or sub string in multiline log. Good mornign All,I have several logs with fields which have sibfield. I would like to be able to extract the subfield... by BoscoBaracus Engager in Splunk Search 11-01-2023 0 2	0	2
	Need an SPL to find the threshold for the domain Hi,I need an spl to find the threshold for the respective domains.index=ss group="Threat Intelligence"\| stats values... by AL3Z Builder in Splunk Search 11-01-2023 0 10	0	10
	Count distinct instances of a field which is an arbitrary structure Say I have events of the form:{<!-- --> something: "cool", subfield: {<!-- --> this: "may contain", arbitrary: ["... by ojensen Explorer in Splunk Search 11-01-2023 0 1	0	1
	Frequency analysis on names in splunk Is there a built-in solution in splunk that does the frequency analysis (for ex. on domain names) ?There is a solutio... by hmi79 Loves-to-Learn in Splunk Search 11-01-2023 0 1	0	1
	Need to remove T and Z from output timestamp I am trying to remove T and Z from the output timestamp results. Can you please help me with the query to remove and... by ravir_jbp Explorer in Splunk Search 11-01-2023 0 4	0	4
	Calculate duration sum of consecutive events with other events in between. Haven't been able to find this, but I want to basically calculate up time percentage for a host based on 2 unique eve... by smahoney Path Finder in Splunk Search 11-01-2023 0 7	0	7
	Set up an alert whenever a host stops sending logs to Splunk Hello,I have a lookup where all the hostnames are available under the field called "title" with respect to teams.I wo... by Roy_9 Motivator in Splunk Search 11-01-2023 0 9	0	9
	Remove only fields that do not have suffix Basically I have a search with a lot of fields, similar to this example: \| makeresults \| eval aa1=1, aa2=2, aa1x=3, ... by duesser Path Finder in Splunk Search 11-01-2023 0 3	0	3
	help on splunk field aliases not visible hello I have a admin role when I create a field alias, I can see it in the props.conf file but when I run the searc... by jip31 Motivator in Splunk Search 11-01-2023 0 2	0	2
	Drop some json fields according to their values Hi all,I have a forwarder in my cluster and it sends events to the indexers. The events are json formatted and I want... by sigma Path Finder in Splunk Search 11-01-2023 0 1	0	1
	Splunk GUI seperating event From splunk user we are receiving logs but when it comes to Splunk search head its splitting into different events Ex... by Komal0113 Loves-to-Learn in Splunk Search 11-01-2023 0 3	0	3
	Activating Hyperlinks in a table based on the fields of the table (Dashboard Studio) Hello, I have a table with a column recording the ID, I want to make each ID in the table a Hyperlink and click on... by leenaut Loves-to-Learn in Splunk Search 10-31-2023 0 0	0	0
	Algorithm to search multiple related events based on set of words Hello Splunkers,I’m looking for the best algorithm to search for events. with the below criteria.I have a lookup with... by VatsalJagani SplunkTrust in Splunk Search 10-31-2023 0 2	0	2
	Extract jSON formated data below is the sample json log content the main filelds are default extracts but the nested aren't. Please help to extr... by sathiyasun Explorer in Splunk Search 10-31-2023 0 2	0	2
	I need help with rex ad DN field. my DN field value "cn=jsuwus, jkhzdhkjc,ou=sdsfefv accounts,ou=ffdsrew users,dc=hgsywy,dc=tre,dc=hyt,dc=kuhytr"I need... by karu0711 Communicator in Splunk Search 10-31-2023 0 2	0	2