Splunk Search

Community Activity

How can I validate if the information of two fields of an index exist in a lookup table ? hello engineers good afternoon I have a problem I hope you can help me to solve it. How can I do to validate if the i... by DG3bran Explorer in Splunk Search 08-02-2023 0 7	0	7
How run python script as command? Hello Splunkers ,I have created a script and places in <splunk_home>/etc/apps/search/bin/seq.py Below is the sc... by power12 Communicator in Splunk Search 08-02-2023 0 1	0	1
How to create subsearch/join query to get extra field? I'm trying to do a simple query to get a hostname from events in a different sourcetype. I have a event in sourcetype... by psimoes Loves-to-Learn in Splunk Search 08-02-2023 0 1	0	1
How to check if a value in a metric continues to grow? I have a metric from AWS for the number of messages visible in a SQS queue, which gets computed every 5 minutes. 202... by llappall Observer in Splunk Search 08-02-2023 0 1	0	1
How to create an alert or a report to track the number of deferred searches? I am trying to create an alert or a report to track the number of deferred searches. We had an issue where the cluste... by Abass42 Communicator in Splunk Search 08-02-2023 0 1	0	1
Regex Search: How can I make sure that the next character is not a backslash? I am trying to dig through some records and trying to get the q (query) from the raw data, but I keep getting data ba... by isxtn Explorer in Splunk Search 08-02-2023 0 3	0	3
Dashboard Studio: How to create a Dropdown from lookup table? I am populating the drop-down on the dashboard studio from the lookup table. I want to display one column as the sel... by splunkuser320 Path Finder in Splunk Search 08-02-2023 0 1	0	1
How to add eventtype to search results? I need to understand which event types each search result record belongs to. My search: index="a" AND eventtype="*" I... by gunslinger Explorer in Splunk Search 08-02-2023 0 3	0	3
Are there any search limits for inputlookup and then lookup another kv_store? hi, I have two KV_Store lookups as they are huge:* one is more than 250k rows* second and 65k rows. In "250k" row lo... by jbanAtSplunk Communicator in Splunk Search 08-02-2023 0 1	0	1
How to extract multiple fields and create a table? 02.08.2023 12:44:10.690 INFO [sling-threadpool-2cfa6523-0895-49ea-bb99-ae6f63c25cf6-32-Create Site from Template(aa... by bharat149 Explorer in Splunk Search 08-02-2023 0 10	0	10
How to include events with non existing fields in a search string ? After fixing filters on some fields that don't exist in all the events, I tried to apply these filters on the graphs ... by AmineTN Explorer in Splunk Search 08-02-2023 0 7	0	7
How to create a search for lookup search two columns csv? index=mail [ \| inputlookup email_users.csv \| rename address AS query \| fields query ]\| dedup MessageTraceId\| lookup e... by sulaimancds Engager in Splunk Search 08-01-2023 0 19	0	19
How to create the Conditional search? I have looked through the forums and can't find exactly what I am looking for.Here is my search and what I think shou... by tcpcannon Loves-to-Learn Lots in Splunk Search 08-01-2023 0 1	0	1
How to combine two tstat search to create one table? Hello, I have created a datamodel which I have accelerated, containing two sourcetype. The goal is to add a field fro... by lbrhyne Path Finder in Splunk Search 08-01-2023 0 3	0	3
How do I join two data models in a TSTATS without using JOIN or APPENDCOLS? Hello all, I would like to pick the community's brains on this: How do I join two data models in a TSTATS without usi... by ymourtaza New Member in Splunk Search 08-01-2023 0 1	0	1
Splunk CPU Usage Query Hello all, I am relatively new to Splunk, having just inherited a whole Splunk environment due to our former Splunk A... by sheepIT Engager in Splunk Search 08-01-2023 1 4	1	4
How to get success percentage by using timechart by country? Hi All, Good Day! I have 2 indexes and having different source types and diff uri, index 1--- nere having httpstat... by lucky Explorer in Splunk Search 08-01-2023 0 4	0	4
How to get time difference between consecutive events by sourcetype during 7 days? Hi, I need to plot time difference between consecutive events by sourcetype in the last 7 days. I'm using this sear... by martaBenedetti Path Finder in Splunk Search 08-01-2023 0 1	0	1
How to extract a value from the message using rex command? Dataframe row : {"_c0":{"0":"[","1":" {","2":" \"table_name\": \"pc_dwh_rdv.gdh_ls2lo_s99\"","3":" \"deleted_count\... by Renunaren Loves-to-Learn Everything in Splunk Search 08-01-2023 0 8	0	8
How to Count string matches in event record and calculate percentage? I have a log that documents call results for phone calls as a CSV event recordThere is a field in the event recor... by C37996518 Explorer in Splunk Search 08-01-2023 0 3	0	3
How to fix weird futuristic time range in timechart with tstats? Consider these three searches that end with timechart. The second one skews time range all the way to year 2038! Ho... by yuanliu SplunkTrust in Splunk Search 07-31-2023 0 3	0	3
Why are there Splunk wineventlog? Hi All, urgent help here. I check whether is any activity done by a user on a client machine, so i use this query in ... by BryanLim New Member in Splunk Search 07-31-2023 0 2	0	2
Can you help me fix my Splunk search? Hello Splunkers!! I am facing an issue while running below search. As you can see in the screenshot. Can anyone help ... by uagraw01 Motivator in Splunk Search 07-31-2023 0 21	0	21
Dynamic Lookup - How to do addition & removal Of entries? Dear Team I have a splunk lookup with two fields, username and location. The lookup is populated every time the locat... by pagnihot Path Finder in Splunk Search 07-31-2023 0 0	0	0
How to click on an item in a table and get all its info? Hi I was wondering on a dashboard if you could click on an item and it shows all the information for that single inst... by Talking_Master Explorer in Splunk Search 07-31-2023 0 3	0	3