Splunk Search

Community Activity

	Calculating Duration of Extracted Fields I'm having trouble getting a duration between two timestamps from some extracted fields.My search looks like this: My... by pgates Explorer in Splunk Search 10-14-2023 0 4	0	4
	Rex Field Extraction Hi @All , I want to extract the correlation_id for the below payload, can anyone help me to write rex command.{"messa... by parthiban Path Finder in Splunk Search 10-14-2023 0 4	0	4
	Trying to Find All Names that Match a Name in a Field I have a field called DNS whos field values contain the hostname in the lookup. There is also another field called Id... by atebysandwich Path Finder in Splunk Search 10-14-2023 0 2	0	2
	stats query help ! Hello, I am searching to get results for each hour top 1 max URL hits. Iam using the below search but not getting ... by kc_prane Communicator in Splunk Search 10-14-2023 0 3	0	3
	How to extract a alphanumeric values with special characters I want to extract Sample ID field value"Sample ID":"020ab888-a7ce-4e25-z8h8-a658bf21ech9" by av_ Path Finder in Splunk Search 10-14-2023 0 2	0	2
	Not able to use lookup for search in SPATH command My data is coming for 0365 as JSON, I am using SPath to get the required fields after that i want to compare the data... by mohammadsharukh Path Finder in Splunk Search 10-13-2023 0 3	0	3
	Active Directory security group changes Hello all, I could use some help here with creating a search. Ultimately I would like to know if a user is added to ... by tkerr1357 Path Finder in Splunk Search 10-13-2023 0 3	0	3
	calculate a weighted average Hello, I would like to calculate a weighted average on an average call time.The logs I have available are of this typ... by anissabnk Path Finder in Splunk Search 10-13-2023 0 1	0	1
	assign value from another eval param How to assign the value of param name original to the source in the \| collect statementindex=123 \| eval original=abcd... by eranhauser Path Finder in Splunk Search 10-13-2023 0 5	0	5
	How to group different errors based on error types from the logs to create alert for continuous errors I am creating a continuous error alert in Splunk. I have been working on constructing a search query to group differe... by lladi Loves-to-Learn Lots in Splunk Search 10-13-2023 0 8	0	8
	Json duplication fields on a clustered set up environment Afternoon,We are currently having issues with duplicate JSON entries on our search heads which operate in a clustered... by emcglade Engager in Splunk Search 10-13-2023 0 0	0	0
	How to show custom time for PDF schedule report? Dashboard xml:I am using this dashboard to Schedule PDF report, and all panels are showing data for 7 days.I need to... by mahesh27 Communicator in Splunk Search 10-13-2023 0 5	0	5
	How do I Search a Multi-Value Field? I need to search a field called DNS_Matched, that has multi-value fields, for events that have one or more values tha... by atebysandwich Path Finder in Splunk Search 10-12-2023 0 2	0	2
	List of Idemia machines that are on Cisco and Pulse for the past 10 days. Can someone help me with the Splunk code that would be necessary to search for the Idemia Machines?Thank youAnthony by Anthony3rd Explorer in Splunk Search 10-12-2023 0 1	0	1
	Does Splunk support chatbot? Is it possible to have a chatbot answering using Splunk search? by Deepika_R Engager in Splunk Search 10-12-2023 0 2	0	2
	Howcome additional condition increases result count? my question is very simple. This returns nothing: sourcetype=my_sourcetype This returns X amount of events (same amou... by shai Explorer in Splunk Search 10-12-2023 0 7	0	7
	search to get an overview of all dashboards and apps with authorizations I have a search to get an overview of all users with their authorizations: roles, capabilities, indexes (search found... by rrovers Contributor in Splunk Search 10-12-2023 0 5	0	5
	How to limit results to one (1) for each host? Hi,How do I limit the results per host? I have any (random) search query. I have 10 hosts. For each hosts, hundreds o... by Bleepie Communicator in Splunk Search 10-12-2023 0 1	0	1
	Matched IP from 2 different lookup with condition Hi, i have 2 lookup tables, which are lookup A and B. Both of the lookups contain field Hostname and IP.There is some... by Akmal57 Path Finder in Splunk Search 10-12-2023 0 3	0	3
	Search logs in Splunk Cloud using API Hi,How are you? Thank you for the community! I have tried to search logs using API as per Creating searches using the... by tiago New Member in Splunk Search 10-12-2023 0 0	0	0
	splunk I want to see 100% when the "No results found. " message comes. by Siddharthnegi Contributor in Splunk Search 10-11-2023 0 4	0	4
	Identify duplicate values in a field Hi,I am new to Splunk and am looking for a search that is able to identify duplicate field values. We have an issue i... by azulueta New Member in Splunk Search 10-11-2023 0 1	0	1
	License Usage Calculation for a Particular Event ID Hi Team,I want to find the license usage in GB for last 30 days for a particular Event ID for index=wineventlog so ki... by anandhalagaras1 Contributor in Splunk Search 10-11-2023 0 10	0	10
	Hide/unhide legend values by clicking on it On a Column Chart is it possible to hide/unhide legend values by clicking on it?For eg. if I click on www3 in legend ... by pero1234 Path Finder in Splunk Search 10-11-2023 0 1	0	1
	How to calculate total when aggregating using stats max(field)? How to calculate total when aggregating using stats max(field)?Thank you for your help. Max Total Score is the total ... by LearningGuy Motivator in Splunk Search 10-11-2023 0 7	0	7