Splunk Search

Community Activity

How to create search to find the dates where the host is not sending logs to splunk? Hello, I am trying to find the dates when the host stopped sending logs to splunk in the last 6 months.I have used t... by Roy_9 Motivator in Splunk Search 09-18-2023 0 4	0	4
Why am I getting error "lookup table 'dropdownsLookup' does not exist. It is referenced by configuration"? Incident: ERROR LookupOperator - The lookup table 'dropdownsLookup' does not exist. It is referenced by configuration... by JakeConcur Engager in Splunk Search 09-18-2023 1 4	1	4
PII Data scan Need help to write a generic query to capture PII Data ( social security numbers / credit card numbers / email addre... by yuvrajsharma_13 Explorer in Splunk Search 09-18-2023 0 1	0	1
How to get Sum of two fields from different searches? Hi - I would like to join and sum the results and output The searches:index=test_index sourcetype="test_source" clas... by Techie Engager in Splunk Search 09-18-2023 0 8	0	8
How to create Reports from a seed file? I have six different SPL queries that I run on a specific IP Address. Is it possible to save a search as a report, s... by vader13 Explorer in Splunk Search 09-18-2023 0 2	0	2
Lookup search from another index There are some values of IP addresses from `cim_Authentication_indexes`.This index is for look up.I want to make if t... by bimatomsoc Explorer in Splunk Search 09-18-2023 0 4	0	4
How to extract file name from the below raw data? Hello, Can anyone help me to extract the below file name which is OU_..... from the below raw data. 12:04:19.85 14/0... by danroberts Explorer in Splunk Search 09-18-2023 0 7	0	7
How to check continuous increase of values of a field. Please help me on how I can check if the field value is continuously increasing for 3 hours. tried below query but do... by Anantha123 Communicator in Splunk Search 09-18-2023 0 2	0	2
How to exclude search results based on conditions? I have a below Splunk query which gives me the result. My SPL searches the " eventType IN (security.threat.detected, ... by alex4 Loves-to-Learn Lots in Splunk Search 09-18-2023 0 3	0	3
Tempory output storage Hello,I was aware that splunk is very versatile application which allows the users to manipulate the data is many way... by pukka Loves-to-Learn Everything in Splunk Search 09-17-2023 0 14	0	14
How to add another field using top limit command? Hello! I need some help from splunkers!!! I'm using the search index=notable \| search status_label=Closed \| top limit... by grotti Engager in Splunk Search 09-17-2023 0 2	0	2
How to Combine column from multiple search results? Hello, I have the following search index=wineventlog EventCode=4728 OR EventCode = 4731 OR EventCode=4729 OR Even... by Niro Explorer in Splunk Search 09-17-2023 0 2	0	2
I am getting "Could not load lookup=LOOKUP-pulse_connectsecure_action_lookup" in my search I have no lookup command. Anyone knows why I am getting this error. by abi2023 Path Finder in Splunk Search 09-17-2023 0 1	0	1
How to use timechart or bucket span to view the result every 30 mins using below query? Hi, I want to use timechart or bucket span to view the result every 30 mins using below query. Could you please let m... by anil1219 Engager in Splunk Search 09-17-2023 0 2	0	2
How does rex fails to match files (regex expression works as expected on regex101)? Hello, There must be something `rex` specific with my query below since it is not extracting the fields, while the re... by immutableT Engager in Splunk Search 09-16-2023 0 2	0	2
How to sort data? Hello, I wonder if somebody can please help me to sort the following data: Into this table: Any ideas are welcome I... by jaydiare Explorer in Splunk Search 09-16-2023 0 2	0	2
Timezone issue: Is there a search to convert to common utc value? Timezone issue --------different data is visible to different location users, when I select previous month.. conditio... by subitha_kennedy Loves-to-Learn Everything in Splunk Search 09-15-2023 0 6	0	6
Rex match if else style Here are three lines of the file to illustrate what I'm going for:Line from fileDesired fieldURI : https://URL.net/to... by jeck11 Path Finder in Splunk Search 09-15-2023 0 2	0	2
how do I make my macro available all app I try change permission to all app option but I don't see the option. I s anyother way make my macro available for al... by abi2023 Path Finder in Splunk Search 09-15-2023 0 1	0	1
How to create new columns by adding columns from a timechart output? Good day, I have this SPL: index=test_7d sourcetype="Ibm:BigFix:CVE" earliest=-1d \| search FixletSourceSeverityTxt="C... by richtate Path Finder in Splunk Search 09-15-2023 0 2	0	2
How to outputlookup csv with permission? Hello,How to outputlookup csv with permission? ***Note that I am not Splunk admin - I only have access to Splunk GUI... by LearningGuy Motivator in Splunk Search 09-15-2023 0 6	0	6
Search performance impact & How to find user deploying high impact searches Hello Splunkers, I have two questions today, concerning user's queries and performance impact. I couldn't find a cle... by mvagionakis Path Finder in Splunk Search 09-15-2023 0 5	0	5
How to extract fields from logs using rex. How to extract fields which comes under message and failedRecords. by avi7326 Path Finder in Splunk Search 09-15-2023 0 1	0	1
How to use a list of output as the input parameter for a URL? Dear all, I have a list of latitude and longitude pairs from my observed events and try to get the corresponding stre... by Jouman Path Finder in Splunk Search 09-15-2023 0 0	0	0
What is the basic search for detecting Multiple HTTP errors from unique IP? Hello Splunkers, Can someone help me with a query to detect multiple http errors from single IP , basically when the ... by mohsplunking Path Finder in Splunk Search 09-14-2023 0 6	0	6