Splunk Search

Community Activity

How to create HTML code in separate panels? Dears, i have a problem with my dashboard using html inside the <row>. what i want to achieve is having 2 tabs so th... by Splunk_ZE Engager in Splunk Search 08-15-2023 0 3	0	3
How to create Inner Join with subsearch using Splunk Python? I'm doing a main search of a sourcetype, then I need to join with a csv file using the inputlookup, both the main sea... by RBolconte Loves-to-Learn Lots in Splunk Search 08-15-2023 0 8	0	8
How do we know if user stopped or pause the search while running the splunk query The query below is showing some details about ad-hoc searches. The “info” field in index=_audit has 4 possible values... by harishsplunk7 Explorer in Splunk Search 08-15-2023 0 2	0	2
[ABUSE] By: Abdulkareem / Board: apps-add-ons-all (79599) Link to post: (Issue with Management activity Logs) by Abdulkareem https://community.splunk.com/t5/All-Apps-and-Add-o... by Abdulkareem Engager in Splunk Search 08-15-2023 1 0	1	0
How to create Dependent Multiselect filter in Splunk dashboard? Hi I have a dashboard with multiple filters. I have a "customer" and "subsidiary" filter. I want the "customer" filte... by itnewbie Explorer in Splunk Search 08-15-2023 0 1	0	1
How to get the sourcetype count by each source top 10 events counts I need to get the sourcetype count by each source top 10 events counts in splunkExample : I have 3 sourcetype and se... by harishsplunk7 Explorer in Splunk Search 08-14-2023 0 3	0	3
How to compare two matching field from two look up table? I have two lookup table call lookup1.csv and lookup2.csv both has matching field call fullname.I want match my lookup... by abi2023 Path Finder in Splunk Search 08-14-2023 0 1	0	1
Flagged Risky Commands- Why is Splunk no longer recognizing command? We have this dashboard that recently started alerting us on a risky command. We were using the fit command. I fol... by Abass42 Communicator in Splunk Search 08-14-2023 0 2	0	2
How to extract key-value pair from json object? I have a JSON event like this: { ...otherfields..., "fields": { "id1": 123, "id2": 456, "id3": 789, ... },... by itnewbie Explorer in Splunk Search 08-14-2023 0 2	0	2
How to remove wild cards/suffix values from values of hostname? below is my search queryindex="inm_inventory" \|table inventory_date, region, vm_name, version \|dedup vm_name \| search... by srv007 Path Finder in Splunk Search 08-14-2023 0 7	0	7
How to find the match in the column data and mark it as completed? There are two searches with CI_Name as the common field . I have output and want compare the two columns installed an... by Hema_Nithya Explorer in Splunk Search 08-14-2023 0 5	0	5
How to find the count of new services after excluding the history events Hi..I have a query that finds the values of service_name and service_name_count by user,Account_name .. I need to sea... by Woodpecker Path Finder in Splunk Search 08-14-2023 0 1	0	1
Why virustotal doesn't fill in values? Using the "virustotal" cmd and it appears that if there are multiple events that have the same file_hash that only on... by bt149 Path Finder in Splunk Search 08-14-2023 0 2	0	2
How to use ldap filter to find duplicate values? Hello,I'm trying to set up an alert when someone creates or modifies an Active Directory account with a uidNumber tha... by Niro Explorer in Splunk Search 08-13-2023 0 2	0	2
understand eval vs stats vs max values i'm trying to grab all items based on a field. the field is a "index" identifier from my data. but i only want the mo... by Skwerl23 Loves-to-Learn Lots in Splunk Search 08-13-2023 0 3	0	3
How to show fields that contain one or more camelCase strings? Show if field "subject" contains one or more camel case strings like: LuckyChance to Receive a FREE IpadPro! ClaimNow... by rms_rms Explorer in Splunk Search 08-13-2023 0 4	0	4
How to get a line percentage of 200 responses? I have this current search:index=web\| eval Year=strftime(_time,"%Y")\| eval Month=date_month\| eval success=if(status=2... by grotti Engager in Splunk Search 08-13-2023 0 1	0	1
How to run selected correlation searches in a time-frame? Is there a way we can run selected correlation searches in a certain time-frame at once or in queue?Use Case: In case... by ishanmeena Observer in Splunk Search 08-13-2023 0 5	0	5
Splunk inputlookup comparison and rex I have 2 lookup files aslookup1.csv andlookup2.csvlookup1.csv has the data as belowname, designation, server, ipaddre... by sbondred Explorer in Splunk Search 08-12-2023 0 4	0	4
How to create an Alert or dashboard for identifying if a server log hasn’t reported in 24 hrs? I created a search to list servers and the last time a windows log reported. command i am using is Tstats latest(_t... by Gggflyer New Member in Splunk Search 08-12-2023 0 3	0	3
How to do Field extraction from regex issues? Hello Splunk Community, I'm trying to extract fields from the cloudwatch events like 1)region 2)arn 3) startTime 4) ... by iamsplunker Communicator in Splunk Search 08-12-2023 0 4	0	4
How to use Macro's and CSV Lookup to combine results into one table based on conditions? Hey ya'll - I am attempting to create an efficient search to detect password compromises within some environments, th... by Simple_Search Path Finder in Splunk Search 08-11-2023 0 1	0	1
How do I create an alert that is triggered if group name exists in a lookup table? Hi,I want to create an alert that triggers when a user_name exist in a lookup table (e.g. group_names.csv). But I'm ... by AL3Z Builder in Splunk Search 08-11-2023 0 1	0	1
Why am I not getting data correctly? I have mstats query it was working fine till last week but suddenly now the success count is not showing up correctly... by mahesh27 Communicator in Splunk Search 08-11-2023 0 1	0	1
searching time limit I have a search that takes quite some time to run.*using py to run the search with splunk api it returns by saying it... by yohhpark Path Finder in Splunk Search 08-11-2023 0 3	0	3