Splunk Search

Community Activity

	How to get data for last week and current week? I have data stored in the csv file, which contains the time field. I want the data for complete last week and also th... by agupta13 Engager in Splunk Search 08-07-2023 0 2	0	2
	Selected Fields - Open in new tab (or window) - Value does not carry over. There are several topics related to this , but it seems they not exactly what im asking (ie those are related to cust... by spunk311z Path Finder in Splunk Search 08-07-2023 0 2	0	2
	How to compare multivalue fields? Union, intersection, membership tests When comparing multivalue fields, there are a number of relationships one might be interested in.Equality is easy to ... by emottola Explorer in Splunk Search 08-07-2023 0 2	0	2
	Splunk SaaS licensing usage ovetime per index. Please let me know the Splunk SaaS cloud licensing usage over time per index. by sathiyasun Explorer in Splunk Search 08-07-2023 0 1	0	1
	How to Extract Fields from web_input app? How would you extract fields from this Data, I would like to extract the panel ID, watts, grid Hz, grid voltage and t... by MGlass Explorer in Splunk Search 08-07-2023 0 3	0	3
	How to create a Splunk search for the following problem? My base search PAGE_ID=*\| where PAGE_ID=DGEFH OR PAGE_ID =RGHJH NOT NUM_OF_MONTHS_RUN>=6 AND NOTNUM_OF_INDIVIDUA... by kc_prane Communicator in Splunk Search 08-07-2023 0 3	0	3
	How can we use tstats with TERM and PREFIX? I'm trying to run - \| tstats count where index=wineventlog* TERM(EventID=4688) by _time span=1m It returns n... by danielbb Motivator in Splunk Search 08-07-2023 0 6	0	6
	How to merge using time range and some duplicated field values? Hello, I have a table with the following fields from an email security system that are duplicated within a time range... by evallja Path Finder in Splunk Search 08-07-2023 0 1	0	1
	How to create Multi-line linechart? Guys, I have a very simple output that looks like: weekcartotalbroken31Volvo1002031Hyundai1301031Ford2404432Volvo9815... by fishmong3r0 Loves-to-Learn Lots in Splunk Search 08-07-2023 0 1	0	1
	How to create a search for timechart plotting for top entity based on sorting? Hi i have a table where i obtained the values after sorting PCT_FREE in ascending order now i want to plot a timechar... by venky1544 Builder in Splunk Search 08-06-2023 0 4	0	4
	How to use existing csv date-time fields for earliest and latest in new subsearch? Hi I am struggling with an issue for days now but keep running in circles, any help is much appreciated.Below you fin... by apietersen Contributor in Splunk Search 08-06-2023 0 6	0	6
	What is the capability so the user will be able to upload file with "add data" option ? Hello what is the capability so the user will be able to upload file with "add data" option ? by sarit_s Communicator in Splunk Search 08-05-2023 0 2	0	2
	How to create a search for matching next line? Hi Splunk Experts, I want to search for a word and then print the current matching line & the immediate next line. Ki... by Thulasinathan_M Contributor in Splunk Search 08-05-2023 0 19	0	19
	Active Directory auditing: What's the best way to get it done? Hello, I'm trying to figure out the best way to report/alert on active directory change events. I have admon/event fo... by Niro Explorer in Splunk Search 08-05-2023 0 1	0	1
	How to create an alert with multiple searches? Hello, I have an alert that sends an email when there are x authentication failures , this works fine and returns use... by Niro Explorer in Splunk Search 08-04-2023 0 6	0	6
	How to return a url only to the 2nd slash? So, this PCRE regex works in testers, but not on Splunk. ^((http[s]?):\/)?\/?([^:\/\s]+)((\w+)*\/){2}) Should re... by isxtn Explorer in Splunk Search 08-04-2023 0 2	0	2
	Linux Dat Set Version Needing some help building a dashboard that will display the Dat Set Version of all Linux machines on the network. An... by t- New Member in Splunk Search 08-04-2023 0 2	0	2
	table with fields and count related by another field Hi, i have the following case,An operation has multiple events and every event of an operation is related by field Pu... by lemospt Explorer in Splunk Search 08-04-2023 0 2	0	2
	How do I get the difference between the number of events I am ingesting advanced hunting logs and I have a main dashboard where I present the number of events per Event Categ... by jhilton90 Path Finder in Splunk Search 08-04-2023 0 7	0	7
	Searching Cisco ASA sourcetype in Splunk Hello All,I would like some suggestions. I am trying to search the Cisco ASA sourcetype in Splunk for the current use... by eholz1 Builder in Splunk Search 08-04-2023 0 2	0	2
	Changing _time in a savedsearch I have a set of data that I upload into Splunk every morning as a .csv file because the tool doesn't feed the particu... by robertgiffin Explorer in Splunk Search 08-04-2023 0 4	0	4
	If a value contains a value it changes to another. Hi Iam looking to create an if statement: if value contains part of another value it changes it too another value.... by Talking_Master Explorer in Splunk Search 08-04-2023 0 3	0	3
	Rename row by data case at line chart I want to rename row value by data case. (It is line chart)The line chart row name changed by token $value$if value ... by Questioner Path Finder in Splunk Search 08-04-2023 0 6	0	6
	co-relate random events Hello,We've an application with logs looks like following. See below for some sample cases of single connection.With... by stwong Communicator in Splunk Search 08-04-2023 0 3	0	3
	event values have same name My event data contains the following:target: [ { alternateId: application1 detailEntry: { } ... by scumbum New Member in Splunk Search 08-04-2023 0 1	0	1