Splunk Search

Start a Conversation

Discussions

Start a Conversation

Thread Info

How to get count of repeated, unique and total values by group?

Hi I am working on query to retrieve count of repeated, unique and total visits by user through different channels....

by Engager in

Using results of join in eval if

Hello, i have a question regarding the usage of the results of a join within an eval if. I have a couple of respon...

by Path Finder in

Search with _time

Hello, I am monitoring a csv file using universal forwarder and the first column in the csv file is Last_Updated_Da...

by Communicator in

csvfile search in values

Hi, I have csv file containing emailID and domain and I would like to search the email exchanges between these two...

by Explorer in

Looking for regex help in parsing data from curl output

I'm using curl in Spluk to download some data from an API and to build a lookup of the downloaded data. The data come...

by SplunkTrust in

Blacklist line not blacklisting events

Hi Everyone. I'm expanding my blacklist and i'm having issues with a seemingly simple blacklist line. Here is my c...

by Loves-to-Learn Everything in

Removing field from _raw field generated by collect for summary index

I am using a scheduled report to save data to a summary index with the following query: index=_internal | stats cou...

by Explorer in

How to develop Regex to find invalid pattern in a skill level expression string.

Hi， Splunkers， I have some skill expression as below: Orange > 5 & apple < 0 & ( Peach = 0 | Tomato >) & (Straw...

by Path Finder in

Error of Problem replicating config (bundle) to search peer ' 10.10.x.79:8089 ',

Greetings!! I need help!!! am experiencing an error while am doing search, the error is: Search peer Splkidx0...

by Communicator in

multivalue fields

Hi I'm trying to count the number of times of a specific values "not match" exist in a multi-value field, search for ...

by New Member in

How do I group 2 attributes for line graph Splunk

I'm trying to do a line graph using this command: source="filename.csv" sourcetype="csv" | stats sum(intake), value...

by Engager in

Human or Google web requests

We use Palo Alto, Barracuda, and McAfee WGs. All perform some form of Web Filtering / Blocking, which I'm now being...

by Explorer in

Look up value from one log line in another log line

I have a log line for when the ip is added to the blacklist and another log line with ips that were removed from the ...

by Explorer in

Excluding internal to addresses from the from field using regex

I am trying to create a dash which uses tokens for different clients capturing any attachments sent externally. ...

by Engager in

Create dashboard for hosts that have no results from a specific sourcetype

Hey guys I'm trying to create a dashboard that shows any host with a group of specified hosts that are not returning ...

by Engager in

Character limit of alert/correlation name?

What is the character limit of an alert name in splunk ES?

by Explorer in

Measure time between two log events

Hi, I have an SBC (Session Board Controller) which is doing LDAP search and write the syslog of that. I'm trying to...

by Explorer in

Find Any windows login from a source IP other than the known one

Hi , I have a list of allowed IP addresses and want to use splunk to find any windows login from a source Ip other th...

by Engager in

split string with square brackets into individual fields

Hello, I'm new to Splunk and I'm looking for some advice. My search, e.g. <mysearch> | table attrib...

by Explorer in

How to match on value NOT in lookup table

I have a list of IP addresses in a lookup table that are network scanners. I am trying to build a search that exclu...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

How to get count of repeated, unique and total values by group?

Using results of join in eval if

Search with _time

csvfile search in values

Looking for regex help in parsing data from curl output

Blacklist line not blacklisting events

Removing field from _raw field generated by collect for summary index

How to develop Regex to find invalid pattern in a skill level expression string.

Error of Problem replicating config (bundle) to search peer ' 10.10.x.79:8089 ',

multivalue fields

How do I group 2 attributes for line graph Splunk

Human or Google web requests

Look up value from one log line in another log line

Excluding internal to addresses from the from field using regex

Create dashboard for hosts that have no results from a specific sourcetype

Character limit of alert/correlation name?

Measure time between two log events

Find Any windows login from a source IP other than the known one

split string with square brackets into individual fields

How to match on value NOT in lookup table

Register to Attend BSides SPL 2022 - It's all Happening October 18!

What's New in Splunk Cloud Platform 9.0.2208?!

Admin Console: A Single, Unified Interface for All Your Cloud Admin Needs

Event sampling and Count - accuracy?

Why the error "sh: /opt/container_artifact/splunk-...

Why the error "sudo: unable to send audit message:...

Is it possible to turn 8 product charts into one t...

What's the meaning and mechanism of form.multisele...