Splunk Search

Community Activity

How to create Reports from a seed file? I have six different SPL queries that I run on a specific IP Address. Is it possible to save a search as a report, s... by vader13 Explorer in Splunk Search 09-18-2023 0 2	0	2
Lookup search from another index There are some values of IP addresses from `cim_Authentication_indexes`.This index is for look up.I want to make if t... by bimatomsoc Explorer in Splunk Search 09-18-2023 0 4	0	4
How to extract file name from the below raw data? Hello, Can anyone help me to extract the below file name which is OU_..... from the below raw data. 12:04:19.85 14/0... by danroberts Explorer in Splunk Search 09-18-2023 0 7	0	7
How to check continuous increase of values of a field. Please help me on how I can check if the field value is continuously increasing for 3 hours. tried below query but do... by Anantha123 Communicator in Splunk Search 09-18-2023 0 2	0	2
How to exclude search results based on conditions? I have a below Splunk query which gives me the result. My SPL searches the " eventType IN (security.threat.detected, ... by alex4 Loves-to-Learn Lots in Splunk Search 09-18-2023 0 3	0	3
Tempory output storage Hello,I was aware that splunk is very versatile application which allows the users to manipulate the data is many way... by pukka Loves-to-Learn Everything in Splunk Search 09-17-2023 0 14	0	14
How to add another field using top limit command? Hello! I need some help from splunkers!!! I'm using the search index=notable \| search status_label=Closed \| top limit... by grotti Engager in Splunk Search 09-17-2023 0 2	0	2
How to Combine column from multiple search results? Hello, I have the following search index=wineventlog EventCode=4728 OR EventCode = 4731 OR EventCode=4729 OR Even... by Niro Explorer in Splunk Search 09-17-2023 0 2	0	2
I am getting "Could not load lookup=LOOKUP-pulse_connectsecure_action_lookup" in my search I have no lookup command. Anyone knows why I am getting this error. by abi2023 Path Finder in Splunk Search 09-17-2023 0 1	0	1
How to use timechart or bucket span to view the result every 30 mins using below query? Hi, I want to use timechart or bucket span to view the result every 30 mins using below query. Could you please let m... by anil1219 Engager in Splunk Search 09-17-2023 0 2	0	2
How does rex fails to match files (regex expression works as expected on regex101)? Hello, There must be something `rex` specific with my query below since it is not extracting the fields, while the re... by immutableT Engager in Splunk Search 09-16-2023 0 2	0	2
How to sort data? Hello, I wonder if somebody can please help me to sort the following data: Into this table: Any ideas are welcome I... by jaydiare Explorer in Splunk Search 09-16-2023 0 2	0	2
Timezone issue: Is there a search to convert to common utc value? Timezone issue --------different data is visible to different location users, when I select previous month.. conditio... by subitha_kennedy Loves-to-Learn Everything in Splunk Search 09-15-2023 0 6	0	6
Rex match if else style Here are three lines of the file to illustrate what I'm going for:Line from fileDesired fieldURI : https://URL.net/to... by jeck11 Path Finder in Splunk Search 09-15-2023 0 2	0	2
how do I make my macro available all app I try change permission to all app option but I don't see the option. I s anyother way make my macro available for al... by abi2023 Path Finder in Splunk Search 09-15-2023 0 1	0	1
How to create new columns by adding columns from a timechart output? Good day, I have this SPL: index=test_7d sourcetype="Ibm:BigFix:CVE" earliest=-1d \| search FixletSourceSeverityTxt="C... by richtate Path Finder in Splunk Search 09-15-2023 0 2	0	2
How to outputlookup csv with permission? Hello,How to outputlookup csv with permission? ***Note that I am not Splunk admin - I only have access to Splunk GUI... by LearningGuy Motivator in Splunk Search 09-15-2023 0 6	0	6
Search performance impact & How to find user deploying high impact searches Hello Splunkers, I have two questions today, concerning user's queries and performance impact. I couldn't find a cle... by mvagionakis Path Finder in Splunk Search 09-15-2023 0 5	0	5
How to extract fields from logs using rex. How to extract fields which comes under message and failedRecords. by avi7326 Path Finder in Splunk Search 09-15-2023 0 1	0	1
How to use a list of output as the input parameter for a URL? Dear all, I have a list of latitude and longitude pairs from my observed events and try to get the corresponding stre... by Jouman Path Finder in Splunk Search 09-15-2023 0 0	0	0
What is the basic search for detecting Multiple HTTP errors from unique IP? Hello Splunkers, Can someone help me with a query to detect multiple http errors from single IP , basically when the ... by mohsplunking Path Finder in Splunk Search 09-14-2023 0 6	0	6
help on eval command HiWhen I run the command below, it works fine index=toto event_id=4688 \| eval file_name=if(event_id==4688, replace(N... by jip31 Motivator in Splunk Search 09-14-2023 0 6	0	6
Why Stats count command is counting events that are missing in other searches? The first search query returns a count of 26 for domain X : index="web" sourcetype="weblogic_stdout" loglevel IN ("Em... by abhijeetallu Engager in Splunk Search 09-14-2023 0 2	0	2
Why are Splunk queries not returning anything in table? Splunk queries not returning anything in table. I see events matching for these queries but nothing under 'Statistics... by venugoski Explorer in Splunk Search 09-14-2023 0 3	0	3
how to set specific colors to 3 pie charts trellis with 4 dynamic labels ? Hi,I'm trying to set a specific color to each one of 4 my dynamic labels of my 3 trellis pie charts.I already added s... by 10Q Engager in Splunk Search 09-14-2023 1 0	1	0