Splunk Search

Community Activity

What happened to the entropy command? Maybe I'm missing something here, but at some point in my career the "entropy" command did something. Now when I try ... by thisissplunk Builder in Splunk Search 05-12-2017 0 4	0	4
Why the second csv cannot be read with inputlookup commond? I have 1.csv which can by read by splunk with \|inputlookup 1.csv Now I uploaded 2.csv. When I enter \|inputlookup 2.c... by xiyangyang Path Finder in Splunk Search 05-11-2017 0 17	0	17
Timestamp set to Midnight The timestamp of an application log file is always being set to midnight, an example line in the logs is: 02/05/17 1... by romeoszakal New Member in Splunk Search 05-11-2017 0 29	0	29
How to generate a search to find the wrong user login attempts? I have user "abc" in the log and "password invalid" in log . I want to find out how many times this user entered the ... by kteng2024 Path Finder in Splunk Search 05-11-2017 0 2	0	2
HELP! Merging results from a search into a bar chart Hello, I am trying to merge/concatenate the results of a field with a wild card into one. Your help is greatly appr... by leomedina Explorer in Splunk Search 05-11-2017 0 15	0	15
How to generate an alert for every source accessing multiple distinct destinations within a 30 seconds window? I have a set of sources that access multiple destinations(IPs) New to Splunk The query has to be set in such a way ... by 512anagha New Member in Splunk Search 05-11-2017 0 9	0	9
splunk LDAP connection hi, Can someone please explain me how to splunk communicates with LDAP . Will splunk stores the user data in its cac... by kteng2024 Path Finder in Splunk Search 05-11-2017 0 1	0	1
How to edit my rex command to replace a string? Hi, I want to replace the string "\x00" with spaces. "CP REQUESTED \x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x... by chintan_shah Path Finder in Splunk Search 05-11-2017 0 2	0	2
How to remove Windows subfolders from search results by using regular expression? I have a search which produces c:\folder\folder\folder\folder\file.exe as results. I want to remove all of the c:\f... by erictodor New Member in Splunk Search 05-11-2017 0 1	0	1
How to display valid values in lookup against each calendar date? Hi, I have a requirement where I need to calculate location wise weekly, monthly and total expected revenue for the ... by hwakonwalk Path Finder in Splunk Search 05-11-2017 0 3	0	3
How to add daily average response time to hourly average response timechart? In order to meet customer reporting requirements I need the average response time per hour and per day across all day... by lostbeatnik01 Explorer in Splunk Search 05-11-2017 0 5	0	5
Can Customer Command use import a local python module? I'm now use splunk-sdk-python-1.5.0 to create a search command. How can I add a python module that is not included i... by shenjunwei New Member in Splunk Search 05-11-2017 0 1	0	1
How to edit my search to make an IF statement filter out IPs? Hey guys! I'm trying to filter out a few IPs from certain Categories and i just can't manage, something like: IF ca... by DrSplunkenstein Engager in Splunk Search 05-11-2017 0 5	0	5
How to remove consecutive repeat events by an unique user? How can I remove events that are repeated consecutively? For example, my logs shows: Timestamp 1 \| Event A \| User 1 ... by tanyongjin Explorer in Splunk Search 05-11-2017 0 2	0	2
Help with transaction ! Hi , I have following query written but it is not giving me correct output. So my logs would look like this subje... by dmenon84 Path Finder in Splunk Search 05-11-2017 0 7	0	7
Query string method not working for HEC on Cloud I have a splunk cloud stack which has HEC enabled on it and I am referring following page to send data via HEC: http:... by naiktej13 Engager in Splunk Search 05-11-2017 0 1	0	1
How to edit the table format in my email alert so that each item starts a new line? Hi Splunkers and Happy Friday I am trying to put together an email that looks something like this: However when I... by omuelle1 Communicator in Splunk Search 05-11-2017 1 3	1	3
How to use predict command? Date ALLOCATED_GB USED_GB Difference 20/08/2016 580.22 566.57 13.65 21/08/2016 580.22 106.6 473.62 2... by m7787579 New Member in Splunk Search 05-11-2017 0 2	0	2
Rex vs field extraction with very large multiline events, latter not working properly? Hi, I'm importing some very large multi-line events into Splunk and trying to extract fields from them. The events l... by Whistler Engager in Splunk Search 05-11-2017 0 1	0	1
I have one server with 24 jvms.I need to write query for jvm down .I tried using inputlookup? I have one server with 24 jvms.I need to write query for jvm down .I tried using inputlookup? \|inputlookup sample.cs... by karthi2809 Builder in Splunk Search 05-10-2017 0 4	0	4
How to change time into seconds? Hi Everyone, Please help me out to convert time format into seconds. My time field has values like :07, 7:45. Exam... by nilaksh92 Path Finder in Splunk Search 05-10-2017 0 5	0	5
How to define splunk workflow actions URI with special characters Hi, How can i define a link configuration with e.g. # in the uri like the following request? hxxps://www.robtex.com/... by neo888 New Member in Splunk Search 05-10-2017 0 1	0	1
How to find missing field values I want to use Splunk to tell me when a process is missing from a list of expected processes. I have tried using eval... by jdonn_splunk Splunk Employee in Splunk Search 05-10-2017 1 1	1	1
How to filter out events before/after a specific event Hi, I want to filter out an event that occurs just before/after all the occurrence of a specific event, 'X". How ca... by tanyongjin Explorer in Splunk Search 05-10-2017 0 2	0	2
Adding indentifier field to stats output I have an index: base_data The index has data added on a weekly basis. I would like to identify the instances of f... by gyphawk New Member in Splunk Search 05-10-2017 0 2	0	2