Splunk Search

Community Activity

timeseries using an OR text search So I have the following search and I want to create a dashboard with separate columns for "Hits" and "Misses". Seems ... by chadwell Explorer in Splunk Search 10-17-2023 0 1	0	1
Autochoose dropdown (dropdown2) Item from another dropdown (dropdown1) Hello,How can I implement this one. to autochoose category dropdown from ingredient dropdown. FOr example, If I choos... by cdr01 Loves-to-Learn Lots in Splunk Search 10-17-2023 0 2	0	2
Extract a specific value and make a visualization with time I have regular traffic passing through my server. The server has the IP 10.41.6.222My goal is to extract the Rate /se... by john_snow00 Observer in Splunk Search 10-17-2023 0 4	0	4
To find the day for include/exclude weekends in search Hi There! I would like to include/exclude weekend in the search, So i had created the dropdown for that, I'm gettin... by smanojkumar Contributor in Splunk Search 10-17-2023 0 2	0	2
Update lookup file values dynamically I have a lookup file. Lookup has "host", "count", "first_event" and "last_event" fields. I want to run a search hou... by bt149 Path Finder in Splunk Search 10-17-2023 0 1	0	1
How to read a field value which field name is in another field? We have this table: And we want to have a field (for example, named "value") that gets the value of the field which ... by mseijos Engager in Splunk Search 10-17-2023 3 8	3	8
Record Numbers I'm going crazy with this, would appreciate some help.I'm pretty sure the record numbers were not being shown to me. ... by vikas1 Engager in Splunk Search 10-16-2023 0 3	0	3
Syntax Error while using "distance" command Hi peeps,I receive below error while running a query.below is my query;eventtype=sfdc-login-history \| iplocation allf... by syazwani Path Finder in Splunk Search 10-16-2023 0 4	0	4
I want create table view I have SPLindex=main state=open \| stats count(state) as open by risk_rating \| rename risk_rating as state \| addtotals... by abi2023 Path Finder in Splunk Search 10-16-2023 0 1	0	1
AWS User last login Hi.I want to create a search that checks for last user login date in AWS.I can see them in AWS IAM and there are bunc... by msilins Engager in Splunk Search 10-16-2023 0 1	0	1
Filtering 2 fields with multiple values Hello , i am new in Splunk and need help i get every week a vulnerability scan log with 2 main fields: "extracted_Ho... by LionSplunk Explorer in Splunk Search 10-16-2023 0 5	0	5
rex from the multivalue fields and get one particular value I have this multivalue fields where i am tring to rex and get particular field value like "value":"ESC1000", but ins... by mikeyty07 Communicator in Splunk Search 10-16-2023 0 6	0	6
How do I search for Filed Values in a Different Multi-Value Field I have two fields: DNS and DNS_Matched. The latter is a multi-value field. How can I see if a field value in DNS is i... by atebysandwich Path Finder in Splunk Search 10-16-2023 0 10	0	10
Find days with no events hello, i would like to find days in which a particular sourcetype is missing. With this, i'll drive an alert. for no... by johnnymc Path Finder in Splunk Search 10-16-2023 1 12	1	12
Splunk Condition Search Let's say im running a search where I want to look at domains traveled to.index=web_traffic sourcetype=domains domain... by MM0071 Path Finder in Splunk Search 10-16-2023 0 9	0	9
non-compliant naming convention for workstations Hello,I want to detect workstations authenticated to the active directory that are not compliant with our naming conv... by karimoss Loves-to-Learn in Splunk Search 10-16-2023 0 4	0	4
ERROR Unable to get apikey from firewall: local variable 'username' referenced before assignment I am trying to use my windows event data to update users ID on panorama, however, running the below query in my es en... by Yusuf Observer in Splunk Search 10-16-2023 0 0	0	0
SPL to find the src to dest traffic Hi,Need an spl from src_ip to dest_ip would like to know the dest_url, logs and outbound traffic size. by AL3Z Builder in Splunk Search 10-16-2023 0 3	0	3
Splunk search - logs retrieval limitation While doing a splunk search using a splunk query and retrieving logs in an automated matter, the job extraction only ... by nivi New Member in Splunk Search 10-16-2023 0 2	0	2
How to get matching AND non matching events with left join Hi I have the use case that i need to find some direct links between different events of the same index and sourcetyp... by claudiaG Engager in Splunk Search 10-15-2023 0 2	0	2
splunk subsearch question Hello, Im trying to use the data from one search in another search. This is what I'm trying to do:-index=index_examp... by splunk_novice99 Explorer in Splunk Search 10-14-2023 0 2	0	2
Calculating Duration of Extracted Fields I'm having trouble getting a duration between two timestamps from some extracted fields.My search looks like this: My... by pgates Explorer in Splunk Search 10-14-2023 0 4	0	4
Rex Field Extraction Hi @All , I want to extract the correlation_id for the below payload, can anyone help me to write rex command.{"messa... by parthiban Path Finder in Splunk Search 10-14-2023 0 4	0	4
Trying to Find All Names that Match a Name in a Field I have a field called DNS whos field values contain the hostname in the lookup. There is also another field called Id... by atebysandwich Path Finder in Splunk Search 10-14-2023 0 2	0	2
stats query help ! Hello, I am searching to get results for each hour top 1 max URL hits. Iam using the below search but not getting ... by kc_prane Communicator in Splunk Search 10-14-2023 0 3	0	3