Splunk Search

Community Activity

	How to fix Error inputlookup? I have an issues with lookup, i create a table I want to exclude path in lookup table from my search, so i try this... by abazgwa21cz Explorer in Splunk Search 10-23-2023 0 7	0	7
	How to create total average/median/max of field in a separate table? How to create total average/median/max of field in a separate table?Thank you in advance\| index=testindex\| table comp... by LearningGuy Motivator in Splunk Search 10-23-2023 0 6	0	6
	Is it possible to make y-axis labels display "on" and "off" instead of numerical values on my chart? I have the following graph: On the y-axis, 0 is on and 10 is off. Can I label it accordingly, but still present it... by HattrickNZ Motivator in Splunk Search 10-23-2023 0 4	0	4
	Need help on splunk search to get process status when stopped by using PID Hi All,i am using below search to monitor a status of process based on PID and usage we have tried by stopping the se... by sekhar463 Path Finder in Splunk Search 10-23-2023 0 5	0	5
	Check if domain is found in local lookup file containing over 10 000 entries Hi all,I been working on new rule and I just can't get it work fully. I know that there are many similar questions/an... by licroBI_0x1 Explorer in Splunk Search 10-23-2023 0 2	0	2
	Error Search Hi guys , I just install misp42 app in my splunk , and add misp instance to splunk , it work But i want compare fro... by abazgwa21cz Explorer in Splunk Search 10-23-2023 0 0	0	0
	Stats on 2 indexes Hello,I have 2 distinct indexes with distinct values.Want to create one final stats query from select fields of both ... by Satyapv Engager in Splunk Search 10-22-2023 0 3	0	3
	Time format conversion from UTC to SGT time Hi Team,I'm currently receiving AWS CloudWatch logs in Splunk using the add-on. I'm developing a use case and need to... by NitishUa Loves-to-Learn Lots in Splunk Search 10-22-2023 0 2	0	2
	Why is daily EPS get less? Hi, May I know, why is daily EPS on specific date get less than usually? Is there any factor or cause to the less EPS... by Mien New Member in Splunk Search 10-22-2023 0 3	0	3
	How to count total row number of non-zero field? How to count total row number of non-zero field?Thank you in advanceBelow is the data set:ipVulnerabilityScoreip1Vuln... by LearningGuy Motivator in Splunk Search 10-22-2023 0 2	0	2
	Extract fields from JSON response I am new to Splunk and I have the following message which I would like to parse into a table of columns: {dt.trace_i... by Naji Explorer in Splunk Search 10-22-2023 0 4	0	4
	Why need curly braces {} at the end of field I have a data like:{"adult": false, "genre_ids": [16, 10751], "id": 1135710, "original_language": "sv", "original_ti... by herrypeterlee New Member in Splunk Search 10-22-2023 0 2	0	2
	How to group by by email and badge type , then locate the highest level badge & expiry date? Cheers,I am hoping to get some help on a splunk search to generate a badging report.I'll explain further.There are tw... by oneemailall Engager in Splunk Search 10-22-2023 0 6	0	6
	How to run searches stored in lookup file? Hello All,I have a lookup file which stores a set of SPLs and it periodically gets refreshed.How to build a search qu... by Taruchit Contributor in Splunk Search 10-22-2023 0 3	0	3
	Splunk Query Help Hi allI have a combined lookup data with a fields containing various values like aaa acc aan, and more. I'm looking t... by Muthu_Vinith Path Finder in Splunk Search 10-22-2023 0 1	0	1
	How do I extract non-blank lines from Windows Event 4738 ? I am trying to write a Report which queries our Windows Security Event logs for event # 4738, "user account was chang... by ttovarzoll Path Finder in Splunk Search 10-21-2023 0 8	0	8
	How can I do sum of a time field? Hi I'm new to Splunk and currently trying to understand how the search function work. How could I get Splunk to displ... by tamduong16 Contributor in Splunk Search 10-20-2023 0 9	0	9
	email partial match for my mail logs in JSON format, with my splunk query I created below tablemail frommail submail toABCaccount created... by ritzz Loves-to-Learn Lots in Splunk Search 10-20-2023 0 2	0	2
	Filtering events using a lookup table How do I use a lookup table to filter events based on a list of known malicious IP addresses (in CIDR format), or to ... by waJesu Path Finder in Splunk Search 10-20-2023 0 3	0	3
	how can i set a variables to each jsonarray object? _Raw json format is below{<!-- -->"test-03": {<!-- -->"field1": 97869,"field2": 179771,"field3": "test-03","traffics": 1070140210},"t... by ktaeil Engager in Splunk Search 10-20-2023 0 1	0	1
	Left Outer Join in Splunk Below is our RequirementLookup file has just one column DatabaseName, this is the left datasetDatabaseNameABC My Sear... by yaswanth1992 New Member in Splunk Search 10-19-2023 0 4	0	4
	Why is checkbox not working? Hi, I have created a dashboard to filter firewall statuses. One of the inputs I need is a checkbox to eliminate dupli... by POR160893 Builder in Splunk Search 10-19-2023 0 10	0	10
	How to force chart over _time to show trailing zero buckets? When I use timechart, if some trailing buckets have zero count, they are displayed as zero on the time axis that exte... by yuanliu SplunkTrust in Splunk Search 10-19-2023 0 2	0	2
	which is more better structure when use json array when i made a log for HEC with json array, im not sure what is more better way to use spl.can someone advise me pleas... by ktaeil Engager in Splunk Search 10-19-2023 0 1	0	1
	Need help in regex Above is the event, not sure why this is showing up as two different events. Anyways, I have written a splunk query ... by bmanikya Loves-to-Learn Everything in Splunk Search 10-19-2023 0 9	0	9