Splunk Search

Splunk Search
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Community Activity
eastgrant

Is there a command or search to see which unique Cisco firewalls are sending traffic to Splunk?

Does anyone know the command or search string to see which Cisco firewalls are sending traffic to Splunk?
by eastgrant New Member in Splunk Search 05-18-2016
0 1
0
1
ttoine

How to replace all values for a field with "Other" that do not equal values A, B, or C?

I am working on a pie chart to identify the main categories of some data. Below are some possible values: Apple Peach...
by ttoine Explorer in Splunk Search 05-18-2016
0 6
0
6
sfrazer

How to count the number of times IPs have hit a specific URL over consecutive days?

I'm trying to write a search/report that shows the number of times an IP address has hit a given URL over consecutive...
by sfrazer Explorer in Splunk Search 05-18-2016
0 2
0
2
nidhi6

How to troubleshoot why I'm not getting any data in the iSight Partners ThreatScape App?

Hi All, I installed the iSight Partners ThreatScape App, but data is unavailable in Splunk. What could be the possib...
by nidhi6 New Member in Splunk Search 05-18-2016
0 1
0
1
ynepyyvoda

How to replace values by its rank in a two dimensional chart?

As example I have a search: ... | chart avg(value) as Value by country, supplier this will result in a two dimensi...
by ynepyyvoda New Member in Splunk Search 05-18-2016
0 2
0
2
xilu87

Is it possible to diff file hashes to display if some of the hashes of /etc/ files have changed?

Hi, I have created a script input deployed on several servers which creates a lot of hashes from /etc folder and sub...
by xilu87 New Member in Splunk Search 05-18-2016
0 1
0
1
mahs33

Loop IP address from 10.0.1.0/24 to 10.10.1.0/24 - How to extract events that belong to this IP range?

I want to extract the events belongs to that IP range 10.0.1.0/24, 10.1.1.0/24, 10.2.1.0/24, upto 10.10.1.0/24 Is CID...
by mahs33 Explorer in Splunk Search 05-18-2016
0 5
0
5
fziegler

Plotting events indexed

How can I plot events indexed over time?
by fziegler New Member in Splunk Search 05-18-2016
0 2
0
2
Ruski88

Is there a search or btool command we can run from the deployment server to list all deployment client Splunk versions?

Per this root certificate issue expiring in July and https://answers.splunk.com/answers/395886/for-splunk-enterprise-...
by Ruski88 Engager in Splunk Search 05-18-2016
0 2
0
2
ahmad_elkomey

How to configure props and transforms to automatically extract XML fields from my data so I don't have to use spath?

Hello all, I'm new to Splunk and I would love some help here. I have an xml file (well, partial xml as you will see)...
by ahmad_elkomey Explorer in Splunk Search 05-18-2016
0 8
0
8
las

How to create a search to find the largest contributor to increasing values?

I have a log with statistics from mq containing some key values (time, MQmanager, Queuename) and some variables (numb...
by las Contributor in Splunk Search 05-18-2016
1 1
1
1
AbhiGuddu

Is it possible to export a JSON file through a search result and send the file to a remote location outside Splunk?

I have a requirement to export a JSON file to a remote location. The file would be a feed to REST, which performs som...
by AbhiGuddu Explorer in Splunk Search 05-18-2016
1 9
1
9
vivek9955

How to create a hierarchical chart with Splunk?

How to create hierarchical chart in Splunk? I have 4 panels in dashboard and I need to display these 4 panels in hier...
by vivek9955 Engager in Splunk Search 05-18-2016
2 3
2
3
dibrovs

How to get Cisco IP SLA statistics into Splunk to create a timechart with an RTT value?

Hello I need to to get Cisco IP SLA statistics into Splunk. I would like to create a timechart with an RTT value. ...
by dibrovs New Member in Splunk Search 05-18-2016
0 1
0
1
kedjjang

How to edit my regex to extract multiple values for a field?

Hello, There is one event. ex)Normal|2016-05-18 10:52:37|123|119.21.7.28|10460|tcp|52.1.2.157|68|allowed|72|12|Ext...
by kedjjang Path Finder in Splunk Search 05-18-2016
0 1
0
1
guruwells

How to use multiple search results in another search to get my expected output?

Hi All, I have 2 search statements which are giving 2 different search results with same index and sourcetype. I wan...
by guruwells Explorer in Splunk Search 05-18-2016
0 4
0
4
ibekacyril

Is it possible to extract results of an eval match as fields?

Is it possible to do something like this: ...|eval Classification=case(match(class,"Boy"),"Boy",match(class,"Girl"),...
by ibekacyril Explorer in Splunk Search 05-17-2016
0 6
0
6
garinapavan

How to edit my panel to show different colors for each bar in my chart?

Hi , I have the below code with multiples lines on the bar. I want to see different colors for each bar. I added [0x...
by garinapavan Explorer in Splunk Search 05-17-2016
0 2
0
2
mprreddy51

How to use top in timechart

Hi All, I have a requirement to use TOP 4 in the timechart command: Below is my search: index=_internal |timechart...
by mprreddy51 Explorer in Splunk Search 05-17-2016
0 3
0
3
ckdoan

How to Chart 3 non-numeric variables

Hi all, So I'm working with log files and I have some data that looks like this: Please excuse me not putting this...
by ckdoan New Member in Splunk Search 05-17-2016
0 3
0
3
GauriGhanekar

Would index-time field extractions help improve search performance over search-time field extractions in our environment?

We have a use case where we receive data from 2 different sources. Please note some key characteristics: 1. ...
by GauriGhanekar New Member in Splunk Search 05-17-2016
0 4
0
4
marcroyer

How to extract these fields and compare the values?

Hi, I have 2 fields. Field1 is named field13 and Field2 is named logical_usage. Field1 contains "hard" : 1099511627...
by marcroyer New Member in Splunk Search 05-17-2016
0 3
0
3
splunker9999

How to extract this field from our sample data using rex?

Hi SPlunkers, I am newbee with REX. Can someone please assist us in extracting this field? We need to extract rvasb...
by splunker9999 Path Finder in Splunk Search 05-17-2016
0 1
0
1
guillecasco

How to add a new column in my chart with a new event count after using the dedup command?

I have a search like this: search| stats count by errortype which is quite simple and returns: errortype count...
by guillecasco Path Finder in Splunk Search 05-17-2016
0 3
0
3
lyanwoah

How to create a new field from a dynamic interesting field?

Hi, I'm trying to do a dashbord with data from dynaTrace alerting (by SplunkAlert plugin). Goal of this report is to...
by lyanwoah New Member in Splunk Search 05-17-2016
0 4
0
4
Top Labels
Get Updates on the Splunk Community!

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

We are excited to announce that the upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform ...

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

After a whole week of being on call, you fell asleep on your keyboard, and you hit a sequence of buttons that ...