Splunk Search

Community Activity

	Why is Splunk giving different result when searching on _bkt field? While running below search I am not getting any events: index=main_vulnerability_database sourcetype=vulnerability_ov... by bhavikbhalodia Path Finder in Splunk Search 08-18-2023 0 1	0	1
	Random skipped searches, scheduler slowness and UI slowness on SH. Encountering random skipped searches/ slow ui access. by hrawat Splunk Employee in Splunk Search 08-18-2023 0 1	0	1
	Resource monitoring: Why am i only getting timestamps but no other value? Hello friends, I'm fairly new to Splunk, so please bear with me here. I have the output of the sar -u command on ... by denipon Explorer in Splunk Search 08-18-2023 0 4	0	4
	About Parsing JSON Log in splunk <6>2023-08-17T04:51:52Z 49786672a6c4 PICUS[1]: {"common":{"unique_id":"6963f063-a68d-482c-a22a-9e96ada33126","time":"... by huylbq Loves-to-Learn Lots in Splunk Search 08-18-2023 0 4	0	4
	External search command 'sendemail' returned error code 1 Hi,One of use case giving below error while sending email to recipients.The use case configured to run every 20 mins ... by babukumarreddy Loves-to-Learn Lots in Splunk Search 08-18-2023 0 1	0	1
	blacklist regex help Hello all,I am trying to blacklist an event that is tied to a specific sAMAccountName which is sAMAccountName="Alertz... by tkerr1357 Path Finder in Splunk Search 08-17-2023 0 2	0	2
	How to convert from horse shoe to stacked bar chart? I have the below SPL with the regex, which i was using as a horse shoe visualization, but im trying to convert it to ... by sphiwee Contributor in Splunk Search 08-17-2023 0 0	0	0
	ingest line from log file match with multiple regular expression to splunk indexer Hi,Below red highlighted is sample log file.Sample LogFile12:08:32.797 [6] (null) DEBUG Bastian.Exacta.AMAT.ImportAda... by Abhineet Loves-to-Learn Everything in Splunk Search 08-17-2023 0 1	0	1
	How to create correct format inside a multivalue field? Hello to all, I have a multivalue field with a date and also a null value. In addition I have the problem that the fo... by Flenwy Explorer in Splunk Search 08-17-2023 0 4	0	4
	How to Find new users in the last 24 hours and see if they were subsequently added to two groups? Greetings! I have been googling, pluralsighting, reading splunk docs and I am extremely new to splunk. I did search t... by jdtokenring Engager in Splunk Search 08-17-2023 0 2	0	2
	How to Extract the data after second special character? Hello, I want the extract everything after the second slash(/) OR Everything from the last till the first slash (/) ... by Neel881 Path Finder in Splunk Search 08-17-2023 0 6	0	6
	How to create a table? Hi, I need help with creating a table in Splunk that displays all the components below: I too need to create anot... by Imhim Explorer in Splunk Search 08-17-2023 0 3	0	3
	How to Summarize on distinct value? Hello there,I would like some help with my query.I want to summarize 2 fields into 2 new columns One field is unique,... by hvdtol Path Finder in Splunk Search 08-17-2023 0 4	0	4
	Why is splunk.pie is not defined? Hi I need some help.I have a Splunk add-on that worked fine and showed pie charts and single values in a dashboard.I ... by roys Loves-to-Learn in Splunk Search 08-17-2023 0 0	0	0
	How to do stats count for different day? \| stats count by field1 field1 field2 field3 only show yesterday count, how can I show count1 for yesterday, count2... by rick1168 Engager in Splunk Search 08-17-2023 0 5	0	5
	Why am I able to get values via joining on an input lookup command, but cannot get values when using the actual lookup? I have a sourcetype that is exhibiting very odd behavior. If I try to run a lookup command such as the following:ind... by briancronrath Contributor in Splunk Search 08-16-2023 0 4	0	4
	How To Sum Hourly Column Results In A Separate Column I am looking to sum up cumulative column totals by hour in a separate column.Here is the search:index=main CompletedE... by mark_groenveld Path Finder in Splunk Search 08-16-2023 0 3	0	3
	When searching for IP, how to only show the subnet, not the whole IP I have this searchindex="firewall" dest_ip=172.99.99.99 dest_port=* \| stats count by src_ip,dest_port,action,src_user... by rune_hellem Contributor in Splunk Search 08-16-2023 0 1	0	1
	How to add a label to a char legend? I would like to add a label for the upper/lower 95. I was wondering how I could do that. Id like to have it the same ... by Abass42 Communicator in Splunk Search 08-16-2023 0 1	0	1
	how do I count values based on many values using a multiselect filter Hi I am trying to count values based on values if they equal a range of values. Is that possible? \| search fieldName=... by Talking_Master Explorer in Splunk Search 08-16-2023 0 1	0	1
	LOOKUP table: How to add id field name.csv file? I have two lookup table call name.csv and id.csv. both has matching field call fullname.id.csv file has id field but ... by abi2023 Path Finder in Splunk Search 08-16-2023 0 2	0	2
	Workflow actions and variables Hi,We have a internal wiki with tons of useful informations about hosts and IPs.I'm trying to set up a workflow that ... by gargantua Path Finder in Splunk Search 08-16-2023 0 2	0	2
	Why is my lookup field from KV store in datamodel not showing correct results? Hi,I have an accelerated datamodel. This datamodel have a lookup field based on a KV store lookup, that is, the datam... by hettervik Builder in Splunk Search 08-16-2023 0 1	0	1
	How to write code for planned downtime in day wise by Luckyyyy New Member in Splunk Search 08-15-2023 0 1	0	1
	How to create HTML code in separate panels? Dears, i have a problem with my dashboard using html inside the <row>. what i want to achieve is having 2 tabs so th... by Splunk_ZE Engager in Splunk Search 08-15-2023 0 3	0	3