Splunk Search

Community Activity

Select the right index based on value in Dropdown I have a dropdown with two values PROD and TEST. Based on my selection in my panels in the dashboard I have to choose... by sandmountain Explorer in Splunk Search 09-28-2023 0 3	0	3
How to get change events only? I have events with the following keys: key1, key2 & key3. I would like to get the change events i.e. events that the... by eranhauser Path Finder in Splunk Search 09-28-2023 0 5	0	5
Regex that matches all characters including newline What's the simplest regex that will match any character including newline? I want to be able to match all unknown con... by jbrenner Path Finder in Splunk Search 09-28-2023 0 2	0	2
What is the fastest way to run a query to get an event count on a timechart per host? What is the fastest way to run a query to get an event count on a timechart per host? This is for windows events and ... by Splunk77 Explorer in Splunk Search 09-28-2023 0 1	0	1
Splunk App for Anomaly Detection - "Could not load lookup=LOOKUP-HTTP_STATUS No matching fields exist." In Step 2 "Add the Dataset" of "Create Anomaly Job" within the Splunk App for Anomaly Detection, when running the fol... by danielbb Motivator in Splunk Search 09-28-2023 0 4	0	4
How to subtract total values of 2 fields in a dashboard? Hi there, I have a dashboard and I want to subtract the total number of events of 2 queries but not sure how to do it... by vishalduttauk Communicator in Splunk Search 09-28-2023 0 6	0	6
Lookup and setting default values using a variable if an entry is not found in the lookup table I have the following Query:index=obh_prod sourcetype=obh:edge:api proxy!="ow*" \|lookup blink_six_providers ProviderId... by sandmountain Explorer in Splunk Search 09-28-2023 0 1	0	1
How to index data from zigbee2mqtt? can't figure out how to indexing my data from zigbee2mgtt. The logs are exported from Home assistance via syslog, as... by swejoos Observer in Splunk Search 09-28-2023 0 4	0	4
What's best way to count calls from main search excluding sub search results? Greetings. I'm trying to count all calls in this:index="my_data" resourceId="sip*" "CONNECTED"Where not in this:index... by loganramirez Path Finder in Splunk Search 09-27-2023 0 3	0	3
run different filter in an index search based on a condition in dropdown Is it possible to run different filter in an index search based on a condition in dropdown below?The second filter wo... by LearningGuy Motivator in Splunk Search 09-27-2023 0 10	0	10
Need help with python script to log into Splunk Cloud I have the following script, but it keeps erroring out.def connect_to_splunk(username,password,host='http://xxxxxxxx.... by NanSplk01 Communicator in Splunk Search 09-27-2023 0 4	0	4
Using comparison function within mstats Hello fellow Splunkthiasts!I need some insights to understand how comparison functions in mstats could be used. Consi... by eregon Path Finder in Splunk Search 09-27-2023 0 0	0	0
Capture multiple values of same pattern in an event How do we capture multiple URLs in a single event?Log1:type=EXECVE msg=audit(1695798790.101:25214323): argc=17 a1="ht... by nihvk Explorer in Splunk Search 09-27-2023 0 4	0	4
Getting a count of the number of fields associated with a sourcetype I've done a little looking and poking around but haven't seen an answer to this - hopefully I haven't overlooked some... by Runals Motivator in Splunk Search 09-26-2023 0 12	0	12
what is the use of below query? index=botsv1 sourcetype="stream:http" \| timechart max(date_year) by itsahmedshaikh1 Observer in Splunk Search 09-26-2023 0 1	0	1
How to combine two csv? Hi All,I have two csv files. File1.csv -> id, operation_name, session_idFile2.csv -> id, error, operation_nameI want ... by siva_1 New Member in Splunk Search 09-26-2023 0 3	0	3
Blocked auditqueue causing random skipped searches and scheduler slowness on SH/SHC. Slow UI. Blocked auditqueue can cause random skipped searches, scheduler slowness on SH/SHC and slow UI. by hrawat Splunk Employee in Splunk Search 09-26-2023 0 1	0	1
How to parse grepable Nmap output? I have several events with similar to this raw data field that I would like to break down into a new event for each I... by rfiscus Path Finder in Splunk Search 09-26-2023 0 13	0	13
ingesting nmap xml output I have been trying to get nmap output into Splunk. I thought the xml output would be nice and straightforward!Whilst ... by jnames10 Explorer in Splunk Search 09-26-2023 1 11	1	11
How to create a search for matching two fields value to one new field? Hello Splunker, I'm trying to join two fields values in stats command using Eval , looks like I'm doing it wrong, Pl... by mohsplunking Path Finder in Splunk Search 09-26-2023 0 8	0	8
Missing settlement notification Event and Report extract rulesUse the payment business events to identify Transactions which have ACCP clearing statu... by Sekhar Explorer in Splunk Search 09-26-2023 0 1	0	1
How to filter results based on timeframe? In my search results, I am getting IP and user details. I want to filter my search results if the same IP has been us... by alexspunkshell Contributor in Splunk Search 09-25-2023 0 8	0	8
how do i clean a lookup csv table over 90 days I have a query below that looked for an index and output to a csv file however. the size of the csv keep growing and ... by bluewizard Explorer in Splunk Search 09-25-2023 0 2	0	2
How to Create Multiple Tables in One Dashboard? I am trying to create a Dashboard that hold multiple table of WebSphere App Server configuration data. The data I ha... by gsmith93 Engager in Splunk Search 09-25-2023 0 8	0	8
How do I calculate the percentage of one row against another in a stats? I'm working with a table of conversation data, all conversations start out as a bot chat and can be escalated to a hu... by arist0telis Explorer in Splunk Search 09-25-2023 0 2	0	2