Splunk Search

Community Activity

	How to return all events for Search even though the joiner field is empty Hello everyone,I'm having a hard time figuring this out. I have a Search where I have created a Transaction in order... by mninansplunk Path Finder in Splunk Search 08-29-2023 0 1	0	1
	Why is Field Alias not applying? Hey all, When i run a search like this: index=crowdstrike_pci sourcetype=crowdstrike:events:sensor event_simp... by joshuasolman Loves-to-Learn Everything in Splunk Search 08-29-2023 0 1	0	1
	How to map results of 2 searches using Join? as a result of an inputlookup, I have the following table 1(a dish that a chef can prepare, and the chef's name): dis... by dasaed Explorer in Splunk Search 08-29-2023 0 2	0	2
	Why is the Time picker not working on search/dashboard? Hi.i have a search a show a graphchart for 14 months. If i change the timepicker it still shows 14 months for some re... by michaelnorup Communicator in Splunk Search 08-29-2023 0 6	0	6
	How to create a new field with similar values? Hi, I have a data with the following dates under the field "Warranty_End_Date" Warranty_End_DateManufacturer4/1/2026L... by beepbop Explorer in Splunk Search 08-29-2023 0 2	0	2
	How to do Field extraction from Rex? I need to extract the values between >>>>\|\| \|\| and after the >>>>\|\| \|\| referring the below sample and output should... by Sangamesh Explorer in Splunk Search 08-29-2023 0 11	0	11
	How to add value from a token into textbox Hi Splunk Experts.I've a table with multiple fields, based on a click I've created a token to get a value of it. I ne... by Thulasinathan_M Contributor in Splunk Search 08-29-2023 0 6	0	6
	How to extract deleted count values from the below csv data and add them as a separate field? Dataframe row : {"_c0":{"0":"deleted_count","1":"18","2":"8061","3":"0","4":"366619","5":"2","6":"1285","7":"2484",... by Renunaren Loves-to-Learn Everything in Splunk Search 08-29-2023 0 2	0	2
	how to Filter data from result? We have a set of data which populate host and ip Eg. Host IP count ESDBAS... by Akmal57 Path Finder in Splunk Search 08-28-2023 0 2	0	2
	How to Dynamically save model name using a column value? Hi I have the following query for training a model. However, I want to save my model name using a single column value... by bhavesh0124 Explorer in Splunk Search 08-28-2023 0 2	0	2
	How to pull random Sampling across a period of time? Any ideas on how to pull a random sample for the logging application that spans the full month and does not specify s... by Kishi_B New Member in Splunk Search 08-28-2023 0 2	0	2
	Split square bracket expression: How to separate out below fields in table format? Hi, I want to separate out below fields in table format. Raw = Namespace [com.sampple.ne.vas.events], ServiceName [fl... by drogo Explorer in Splunk Search 08-28-2023 0 4	0	4
	Monitoring console search For adding two KPIs in SA topology, KPI queries that taken from Monitoring console are using REST API and are workin... by anushka New Member in Splunk Search 08-28-2023 0 0	0	0
	How to showcase the count of devices and userlogged in? Hi Team, We have users logging in multiple devices. So, we need to showcase the count of devices and user logged in.... by Nagalakshmi Path Finder in Splunk Search 08-28-2023 0 6	0	6
	Why is subsearch truncating the results with join command? Hi, I am trying to join 2 searches with produce some results but I am getting this error which says - "subsearch pro... by shashank_24 Path Finder in Splunk Search 08-27-2023 0 7	0	7
	How to use index time to search the data to avoid skipped searches etc? Dear All, I was going through a Splunk conf 21 where the narrator explained to use the index time instead of search... by mohammadsharukh Path Finder in Splunk Search 08-27-2023 0 1	0	1
	Is it possible to set up the VSCode extension to connect to multiple instances? Is it possible to set up the VSCode extension to connect to multiple instances? by kwells New Member in Splunk Search 08-26-2023 0 1	0	1
	How to extract value from search response which has a text plus json? Hello I am beginner with Splunk.I made a query and my search result is like text1 text2 text3 response: { "st... by aliosa Loves-to-Learn Lots in Splunk Search 08-26-2023 0 5	0	5
	How to get events of selected hosts I have an index which has 15 hosts and around 15 sourcetypes mapped to all hosts. How can I get events of only few s... by splunker09 Engager in Splunk Search 08-26-2023 0 1	0	1
	How to add lines of query from somewhere into search query Hi Splunk Experts,I've a big list of rex commands in my search query. While using dashboard I added those rex command... by Thulasinathan_M Contributor in Splunk Search 08-25-2023 0 2	0	2
	Compare entire lookup table to another I thought this would be easy but i'm struggling. I have a CSV of firewall rules from yesterday, and a CSV of Firewal... by splunk219783 Path Finder in Splunk Search 08-25-2023 0 1	0	1
	How to Print Id's which are not present in Index search? I have a lookup file( with one column combinedrules{}) which would be dynamic and i want to run a scheduled search to... by RahulMisra Engager in Splunk Search 08-25-2023 0 10	0	10
	How to modify query if status is offline for 10 mins? hi All, i am using below search to get status if any offline and i want to create alert if status offline for more t... by sekhar463 Path Finder in Splunk Search 08-25-2023 0 18	0	18
	Calculate average time between events for a series with a unique identifier HiWe have logs of images created in a series, like below. They are identified by a unique series id, the number of ev... by mikfro Loves-to-Learn in Splunk Search 08-25-2023 0 2	0	2
	Check if latest logs contain IOC INDEX Name generated (10 million new records every day)INDEX Fields username, secret, key Lookup file secrets.csv wi... by superuser88 Engager in Splunk Search 08-25-2023 0 4	0	4