Splunk Search

Community Activity

	How to convert json events results into one json event? My query returns many events, each event is in a form of a json i.e. { "key1": "val1", "key2":"val2"}I would like to ... by eranhauser Path Finder in Splunk Search 10-09-2023 0 6	0	6
	Why no events returned if using "" to search instead of "index=" Hi,From the context menu of a "username" field value I choose "new search", then the below SPL was automatically adde... by TrangCIC81 Communicator in Splunk Search 10-08-2023 0 2	0	2
	Arranging the tabular columns and removing the empty fields in the table Hi,I am working on a query where i need to display the table based on the multiselect input.multi-select input option... by KR1 Loves-to-Learn Lots in Splunk Search 10-08-2023 0 3	0	3
	Support for the current PowerShell module for Splunk Is there no current PowerShell module support for Splunk? I am only finding old articles on this and various sites. by jbruns2023 New Member in Splunk Search 10-08-2023 0 6	0	6
	Analyzing PowerShell logs in Splunk Hello everyone. I'm currently working on a lab assignment and I'm having trouble understanding the meaning of two spe... by quangnm21 Explorer in Splunk Search 10-07-2023 0 2	0	2
	Moving fields from a subsearch I have a search and subsearch that is working as required but there is a field in the subsearch that I want to displa... by balcv Contributor in Splunk Search 10-07-2023 0 3	0	3
	assign value to earliest How I can assign a value to the earliest argument in my query which is the rounded to the last 10 minutes?when I try ... by eranhauser Path Finder in Splunk Search 10-06-2023 0 6	0	6
	How to capture x,y data from stacked charts for drill down option Is there a way of capturing the x, y and z data from a stacked chart? At the moment, my x and y are as followsx = bu... by GaryZ Path Finder in Splunk Search 10-06-2023 0 8	0	8
	Average count of events per field grouped by another field Hello All,I'm a relative newbie and hoping the community can help me out. I'm kind of stuck on a query and I can't fi... by rmm1982 New Member in Splunk Search 10-06-2023 0 2	0	2
	Show/filter only events that existed 24 hours ago I have the following searchindex=cisco sourcetype=cisco:wlc snmpTrapOID_0="CISCO-LWAPP-AP-MIB::ciscoLwappApRogueDetec... by st1 Path Finder in Splunk Search 10-06-2023 0 4	0	4
	How to spot any changes to the value of a field Hello,I have an index where data is ingested once a week. Objective of ingesting this data is to identify if there is... by ByteKnight101 New Member in Splunk Search 10-06-2023 0 1	0	1
	chart Hi,I have total four fields lets say a,b,c and d. i want to show 'a' as a separate column and 'b','c' and 'd' as stac... by smanojkumar Contributor in Splunk Search 10-06-2023 0 1	0	1
	Check lookup table for old/expired entries Hi All I need to do some lookup table maintenance and would like to know which hosts are not being monitored but stil... by JTS911 Explorer in Splunk Search 10-06-2023 0 4	0	4
	Adding fields in stats command Hi Splunkers! Good day! I would like to add event and detection fields in stats command, after adding in stats co... by smanojkumar Contributor in Splunk Search 10-06-2023 0 2	0	2
	Splunk search for range of characters Hi All.. how can I search a range of characters in splunk.. example I want to search name of people whose name starts... by dvohra Explorer in Splunk Search 10-06-2023 0 2	0	2
	Apply condition and filter results Kindly help me with a new SPLIn am getting results for the existing below SPL.I tried applying a new condition in exi... by alex4 Loves-to-Learn Lots in Splunk Search 10-06-2023 0 3	0	3
	help on could not load lookup message HelloWhen I run a search i have the message "could not load lookup" with different lookup nameFor example :Could not ... by jip31 Motivator in Splunk Search 10-05-2023 0 2	0	2
	time chart to show the number of widgets manufactured per reporting period Have a log with related eventOne event has the number widgets made in the period and another event has the actual tim... by jhuysing Explorer in Splunk Search 10-05-2023 0 1	0	1
	Splunk UI query start and end time How can one add to the result of a Splunk query running on Splunk UI the time span i.e. the values one can put in ear... by eranhauser Path Finder in Splunk Search 10-05-2023 0 5	0	5
	Stats Count by day ? I have a query that gives me four totals for a month. I am trying to figure out how to show each four total for each... by sjringo Contributor in Splunk Search 10-05-2023 0 3	0	3
	How to use mstats and inputlookup command Hi,I have a alert query that uses mstats, I want this query to not throw alert during public holidays (from 9 AM to 5... by abhi04 Communicator in Splunk Search 10-05-2023 0 3	0	3
	Search time parsing for nested json logs Hi,I am looking to parse the nested JSON events. basically need to break them into multiple events.I an trying some t... by AKG11 Path Finder in Splunk Search 10-05-2023 0 2	0	2
	Finding Anomalies or Outliers Trying to find anomalies for events. I have multiple services and multiple customers. I have an error "bucket" that i... by irkey Explorer in Splunk Search 10-05-2023 0 4	0	4
	Why is the ratio calculation of two fields returning wrong results? HelloI'm trying to calculate ratio of two fields but im getting wrong resultsif i'm calculating each one of them sepa... by sarit_s Communicator in Splunk Search 10-05-2023 0 8	0	8
	Splunk search comparing avg I/O and avg load but not giving results This splunk search is not showing any result. index=os OR index=linux sourcetype=vmstat OR source=iostat [\| input loo... by Muditks Observer in Splunk Search 10-05-2023 0 1	0	1