Splunk Search

Community Activity

	How do I run a search with today's date in the search itself, not using the time picker? I currently have this search right now, and I apologize in advance for my poor spl. I would like to know how to run t... by Chambito17 Explorer in Splunk Search 08-18-2023 0 4	0	4
	Why is there Missing data on ingestion? Brand news servers. Not receiving all data from the UF.Confirmed connectivity.Confirmed inputs via "/opt/splunkforwar... by ReginaP Explorer in Splunk Search 08-18-2023 0 6	0	6
	Search NOT contain I'm trying to create an SPL which will give me the results as per below:Search for all users for have visited "store.... by NayneshP Observer in Splunk Search 08-18-2023 0 1	0	1
	How to get the stats for variable with a certain value ? Hi, I am building alert in Splunk. I have a log with 6 different variables, but I am actually interested only in 4 of... by aasiaa Path Finder in Splunk Search 08-18-2023 0 2	0	2
	How can i create a stacked bar graph showing the different log levels? How can i create a stacked bar graph showing the different log levels (Error, Info, Debug) generated by each Proce... by sphiwee Contributor in Splunk Search 08-18-2023 0 3	0	3
	How to Standardize email to output "First Last" to a new field? I am having issue finding a way to standardize email for a query that will make the output "First Last" to a new fiel... by migullmills Explorer in Splunk Search 08-18-2023 0 3	0	3
	How to Generate Roles to Indexes table? I'm looking for a way to search all indexes available for each role in Splunk (including access inherited from other ... by ttilstra1 Engager in Splunk Search 08-18-2023 0 3	0	3
	Why is Splunk giving different result when searching on _bkt field? While running below search I am not getting any events: index=main_vulnerability_database sourcetype=vulnerability_ov... by bhavikbhalodia Path Finder in Splunk Search 08-18-2023 0 1	0	1
	Random skipped searches, scheduler slowness and UI slowness on SH. Encountering random skipped searches/ slow ui access. by hrawat Splunk Employee in Splunk Search 08-18-2023 0 1	0	1
	Resource monitoring: Why am i only getting timestamps but no other value? Hello friends, I'm fairly new to Splunk, so please bear with me here. I have the output of the sar -u command on ... by denipon Explorer in Splunk Search 08-18-2023 0 4	0	4
	About Parsing JSON Log in splunk <6>2023-08-17T04:51:52Z 49786672a6c4 PICUS[1]: {"common":{"unique_id":"6963f063-a68d-482c-a22a-9e96ada33126","time":"... by huylbq Loves-to-Learn Lots in Splunk Search 08-18-2023 0 4	0	4
	External search command 'sendemail' returned error code 1 Hi,One of use case giving below error while sending email to recipients.The use case configured to run every 20 mins ... by babukumarreddy Loves-to-Learn Lots in Splunk Search 08-18-2023 0 1	0	1
	blacklist regex help Hello all,I am trying to blacklist an event that is tied to a specific sAMAccountName which is sAMAccountName="Alertz... by tkerr1357 Path Finder in Splunk Search 08-17-2023 0 2	0	2
	How to convert from horse shoe to stacked bar chart? I have the below SPL with the regex, which i was using as a horse shoe visualization, but im trying to convert it to ... by sphiwee Contributor in Splunk Search 08-17-2023 0 0	0	0
	ingest line from log file match with multiple regular expression to splunk indexer Hi,Below red highlighted is sample log file.Sample LogFile12:08:32.797 [6] (null) DEBUG Bastian.Exacta.AMAT.ImportAda... by Abhineet Loves-to-Learn Everything in Splunk Search 08-17-2023 0 1	0	1
	How to create correct format inside a multivalue field? Hello to all, I have a multivalue field with a date and also a null value. In addition I have the problem that the fo... by Flenwy Explorer in Splunk Search 08-17-2023 0 4	0	4
	How to Find new users in the last 24 hours and see if they were subsequently added to two groups? Greetings! I have been googling, pluralsighting, reading splunk docs and I am extremely new to splunk. I did search t... by jdtokenring Engager in Splunk Search 08-17-2023 0 2	0	2
	How to Extract the data after second special character? Hello, I want the extract everything after the second slash(/) OR Everything from the last till the first slash (/) ... by Neel881 Path Finder in Splunk Search 08-17-2023 0 6	0	6
	How to create a table? Hi, I need help with creating a table in Splunk that displays all the components below: I too need to create anot... by Imhim Explorer in Splunk Search 08-17-2023 0 3	0	3
	How to Summarize on distinct value? Hello there,I would like some help with my query.I want to summarize 2 fields into 2 new columns One field is unique,... by hvdtol Path Finder in Splunk Search 08-17-2023 0 4	0	4
	Why is splunk.pie is not defined? Hi I need some help.I have a Splunk add-on that worked fine and showed pie charts and single values in a dashboard.I ... by roys Loves-to-Learn in Splunk Search 08-17-2023 0 0	0	0
	How to do stats count for different day? \| stats count by field1 field1 field2 field3 only show yesterday count, how can I show count1 for yesterday, count2... by rick1168 Engager in Splunk Search 08-17-2023 0 5	0	5
	Why am I able to get values via joining on an input lookup command, but cannot get values when using the actual lookup? I have a sourcetype that is exhibiting very odd behavior. If I try to run a lookup command such as the following:ind... by briancronrath Contributor in Splunk Search 08-16-2023 0 4	0	4
	How To Sum Hourly Column Results In A Separate Column I am looking to sum up cumulative column totals by hour in a separate column.Here is the search:index=main CompletedE... by mark_groenveld Path Finder in Splunk Search 08-16-2023 0 3	0	3
	When searching for IP, how to only show the subnet, not the whole IP I have this searchindex="firewall" dest_ip=172.99.99.99 dest_port=* \| stats count by src_ip,dest_port,action,src_user... by rune_hellem Contributor in Splunk Search 08-16-2023 0 1	0	1