Splunk Search

Community Activity

	Splunk Table Query These are the sample parameters for index, host, sourceindex="production"host="abc.com-i-1234"source="Log-*-3333-abc4... by Awanish1212 Explorer in Splunk Search 10-24-2023 0 2	0	2
	Can multiple wildcards be used in serverclass.conf whitelist Can multiple wildcards be used in serverclass.conf whitelist file? whitelist.from_pathname = /lookup/host.txt Example... by cloroxx Explorer in Splunk Search 10-24-2023 0 2	0	2
	Host Metrics with associated indexes We're using this query to retrieve metrics on our hosts: index=_internal source=*metrics.log group=tcpin_connections ... by WebNerdNick Engager in Splunk Search 10-24-2023 0 6	0	6
	How to get a list of all hosts across all indexes if we cannot use index=* (restricted by workload rule) Hi,We need to find all the hosts across all the indexes , but we cannot use index=* anymore, as it's use is restrict... by mlevsh Builder in Splunk Search 10-24-2023 0 3	0	3
	How to format table range per week automatically? Reading through the documentation here: http://docs.splunk.com/Documentation/Splunk/7.0.2/Viz/TableFormatsFormatting ... by efavreau Motivator in Splunk Search 10-24-2023 0 7	0	7
	Stats command error index=abcd \| stats count(eval(searchmatch(''https://drive.google.com/uc?export=download&id=1HGFF5ziAFGn8161CKQC$Xyuhn... by yasit Explorer in Splunk Search 10-24-2023 0 6	0	6
	filter a table result Hi - i'm not great at Splunk and am struggling with this one:I have this search result in table formNameStatusServer1... by trifledalliance Engager in Splunk Search 10-24-2023 0 2	0	2
	Splunk Head command Hi All, Splunk "head" command by default retrieves top 10 columns and 10 results. may i know if we can control the nu... by SplunkSN Loves-to-Learn Everything in Splunk Search 10-24-2023 0 3	0	3
	How to get latest upload data.I am uploading csv file into splunk. I am uploading csv file format data into splunk. every time I make change to the data or add any info I will update t... by abi2023 Path Finder in Splunk Search 10-23-2023 0 5	0	5
	How to fix Error inputlookup? I have an issues with lookup, i create a table I want to exclude path in lookup table from my search, so i try this... by abazgwa21cz Explorer in Splunk Search 10-23-2023 0 7	0	7
	How to create total average/median/max of field in a separate table? How to create total average/median/max of field in a separate table?Thank you in advance\| index=testindex\| table comp... by LearningGuy Motivator in Splunk Search 10-23-2023 0 6	0	6
	Is it possible to make y-axis labels display "on" and "off" instead of numerical values on my chart? I have the following graph: On the y-axis, 0 is on and 10 is off. Can I label it accordingly, but still present it... by HattrickNZ Motivator in Splunk Search 10-23-2023 0 4	0	4
	Need help on splunk search to get process status when stopped by using PID Hi All,i am using below search to monitor a status of process based on PID and usage we have tried by stopping the se... by sekhar463 Path Finder in Splunk Search 10-23-2023 0 5	0	5
	Check if domain is found in local lookup file containing over 10 000 entries Hi all,I been working on new rule and I just can't get it work fully. I know that there are many similar questions/an... by licroBI_0x1 Explorer in Splunk Search 10-23-2023 0 2	0	2
	Error Search Hi guys , I just install misp42 app in my splunk , and add misp instance to splunk , it work But i want compare fro... by abazgwa21cz Explorer in Splunk Search 10-23-2023 0 0	0	0
	Stats on 2 indexes Hello,I have 2 distinct indexes with distinct values.Want to create one final stats query from select fields of both ... by Satyapv Engager in Splunk Search 10-22-2023 0 3	0	3
	Time format conversion from UTC to SGT time Hi Team,I'm currently receiving AWS CloudWatch logs in Splunk using the add-on. I'm developing a use case and need to... by NitishUa Loves-to-Learn Lots in Splunk Search 10-22-2023 0 2	0	2
	Why is daily EPS get less? Hi, May I know, why is daily EPS on specific date get less than usually? Is there any factor or cause to the less EPS... by Mien New Member in Splunk Search 10-22-2023 0 3	0	3
	How to count total row number of non-zero field? How to count total row number of non-zero field?Thank you in advanceBelow is the data set:ipVulnerabilityScoreip1Vuln... by LearningGuy Motivator in Splunk Search 10-22-2023 0 2	0	2
	Extract fields from JSON response I am new to Splunk and I have the following message which I would like to parse into a table of columns: {dt.trace_i... by Naji Explorer in Splunk Search 10-22-2023 0 4	0	4
	Why need curly braces {} at the end of field I have a data like:{"adult": false, "genre_ids": [16, 10751], "id": 1135710, "original_language": "sv", "original_ti... by herrypeterlee New Member in Splunk Search 10-22-2023 0 2	0	2
	How to group by by email and badge type , then locate the highest level badge & expiry date? Cheers,I am hoping to get some help on a splunk search to generate a badging report.I'll explain further.There are tw... by oneemailall Engager in Splunk Search 10-22-2023 0 6	0	6
	How to run searches stored in lookup file? Hello All,I have a lookup file which stores a set of SPLs and it periodically gets refreshed.How to build a search qu... by Taruchit Contributor in Splunk Search 10-22-2023 0 3	0	3
	Splunk Query Help Hi allI have a combined lookup data with a fields containing various values like aaa acc aan, and more. I'm looking t... by Muthu_Vinith Path Finder in Splunk Search 10-22-2023 0 1	0	1
	How do I extract non-blank lines from Windows Event 4738 ? I am trying to write a Report which queries our Windows Security Event logs for event # 4738, "user account was chang... by ttovarzoll Path Finder in Splunk Search 10-21-2023 0 8	0	8