Splunk Search

Community Activity

Calculate average, min, max time in ms based on string in event log I am a beginner in Splunk queries. I might would be asking for some simple query but I am not able to construct it af... by rajnsoni92 Explorer in Splunk Search 11-08-2023 0 2	0	2
Where/Search clause does not work with lookup. I am having trouble comparing the columns age and expectedAge, where the column expectedAge is a result of a lookup ... by sherwin_r Explorer in Splunk Search 11-08-2023 0 3	0	3
regex skipping items with square brackets My regular expression has been working fine.. but now theres data with "[]" and it is being skipped here is the reg... by sphiwee Contributor in Splunk Search 11-08-2023 0 1	0	1
Create a dashboard with timepicker for a field with date/time Hi All,I have a search query that allows me to pull results from an index summary.One of the fields is a time/date fi... by ssaenger Communicator in Splunk Search 11-08-2023 0 14	0	14
Panel loading without submit button Hello,I have below code for a dropdown menu and the problem is the moment i select any of the value from drop down de... by Satyapv Engager in Splunk Search 11-08-2023 0 3	0	3
Why does this work: lookup, outputnew Apparently my Google-Fu isn't the best and I can't find an explanation. Can someone please enlighten me? I have a loo... by yoshileigh66 Explorer in Splunk Search 11-08-2023 0 3	0	3
Correlating Data from 3 Indexes (Match Destination IP from Firewall & Resolve Hostnames using Symantec & Windows Logs) Hi All,I want to create an SPL query that first returns data by matching the destination IP address from Palo Alto lo... by neokevin Engager in Splunk Search 11-08-2023 0 3	0	3
Saved search query got auto deleted Hi,I have 2 saved searches that fetch data from datamodel (pivot table) and the result of these savedsearch is storin... by Lavender Loves-to-Learn Everything in Splunk Search 11-07-2023 0 0	0	0
subsearch query Can someone please help me with this.So I have the following query:source=abc type=Change msg=" consumed" event_type=... by djoobbani Path Finder in Splunk Search 11-07-2023 0 18	0	18
"transaction" command: have four "startswith" and two "endswith" patterns for the same transaction I need to run a Splunk search with "transaction" command and I have four pattern variations for the start of the tran... by sp Loves-to-Learn in Splunk Search 11-07-2023 0 2	0	2
Stats and Look up Dear All,I have look up file with Transaction details and Transaction Name Like below. Will be great if someone sugge... by Satyapv Engager in Splunk Search 11-07-2023 0 8	0	8
I have a query to fetch Kernel version from all the Linux servers I have a query to fetch Kernel version from all the Linux servers . We update the Kernel Patch every quarter . I have... by Hema_Nithya Explorer in Splunk Search 11-07-2023 0 1	0	1
Highlight empty fields in color How to highlight empty fields in the dashboard in colours . Simple step pls by Hema_Nithya Explorer in Splunk Search 11-07-2023 0 3	0	3
To extract the timestamp for the events Hi everyoneI need to grouping the below 3 events with correlation ID. I have tried transaction cmd below but it is no... by parthiban Path Finder in Splunk Search 11-07-2023 0 18	0	18
Find three different events within a timeframe for the same user In this dataset, transactions (#3 + #9 + #10 - Mike), and (#5 + #7 +#11 - Alex) -- Would be displayed.#TimeUserTrans... by mlorrette Path Finder in Splunk Search 11-07-2023 0 2	0	2
lookup data not population in final part of query Hi alli have the below query where i have a lookup file with Error messages im trying to match the error messages in... by vk1544 Explorer in Splunk Search 11-07-2023 0 1	0	1
How to get the min, average, max, median event size, standard deviation of event size by sourcetype How to Inspect each feed by different criteria:Average ingestion rate per day, Minimum event size, 24 hour periodAver... by harishsplunk7 Explorer in Splunk Search 11-07-2023 0 3	0	3
Search a particular time of day across multiple days Hello, I'm trying to map out usage by time of day: Morning (6am-8am) Day Off Peak (8am-6pm) Prime Time (6pm-11pm) N... by sambiggins Explorer in Splunk Search 11-07-2023 1 9	1	9
Filtering data using a second query I have data in two different applications. I need to get fields from one query to use as filters for another, like th... by jacu86 Engager in Splunk Search 11-07-2023 0 1	0	1
Convert date and time bunched together to a readable date In my splunk search for getting the date of Nessus plugins feed version used in a scan I get the number returned in t... by splunkthat Engager in Splunk Search 11-07-2023 0 1	0	1
What do "total_slices" represent in the audittrail? I have been investigating a particular search an api user runs which has become markedly slower past a specific date.... by briancronrath Contributor in Splunk Search 11-07-2023 0 4	0	4
help correct eval command Please help me correct the command below. It keeps returning all the devices as no even though the app is installed.i... by olawalePS Path Finder in Splunk Search 11-06-2023 0 7	0	7
how to find what commands in the search language are being used I want to list what commands in the search language are being used. I think its possible in the same _audit index an... by harishsplunk7 Explorer in Splunk Search 11-06-2023 0 4	0	4
index query results against inputlookup return stats/multiple stats Hello and thank you for your time.I would like to run a search in splunk, using the results against inputlookup lists... by DanWilkinson Engager in Splunk Search 11-06-2023 0 2	0	2
Dropdown populated by search ok, now how to set a token based on an alternate field <input type="dropdown" token="tok_choice" searchWhenChanged="true"> <fieldForLabel>host</fieldForLabel> <fieldForVa... by dural_yyz Motivator in Splunk Search 11-06-2023 0 2	0	2