Splunk Search

Community Activity

How to troubleshoot Splunk search performance slow by Ramana246 Explorer in Splunk Search 07-27-2023 0 2	0	2
Trying do not use a join Hi guys!I have a static snapshot lookup that stores a lot of information about vulnerabilities actives on my hosts in... by pierre_weg Path Finder in Splunk Search 07-27-2023 0 2	0	2
If a field position change in logs then how to trace? Hello everyonePlease assist me in solving the problem below.I'm attempting to determine how to track it in Splunk if ... by mk00928640 New Member in Splunk Search 07-27-2023 0 6	0	6
Search for multiple keywords. Hi, I want to do a search having multiple strings. Example: Consider,I am looking for SearchKey1 and SerachKey2 I... by ykmohank New Member in Splunk Search 07-27-2023 0 3	0	3
How can I pull all the service name in a list? Hi, I need help! I have this query. Ticket_Encryption_Type=0x17 Account_Domain="ad.contoso.com" but I need, pull all ... by leonuz01 Engager in Splunk Search 07-26-2023 0 1	0	1
How can I compare Todays result with yesterdays? I have the code below and I need to get the statuses yesterday and today with respect to API value.My current search ... by Teemanny Engager in Splunk Search 07-26-2023 0 7	0	7
How to calculate SUM by type? Hello everyone, I am trying to SUM the columns. index="nzc-neel-uttar" source="http:kyhkp" \| timechart span=1d count... by Neel881 Path Finder in Splunk Search 07-26-2023 0 3	0	3
How to Split a field that is the subject of a Top command? When I ran the following query: index="myindex" sourcetype="hamlet" environment=staging \| top limit=10 client \| e... by Naji Explorer in Splunk Search 07-26-2023 0 4	0	4
How to chart over multiple fields? my query: index=abd ("start app" AND "app listed") \|rex field=_raw "APP:\s+(<application1>\S+)" \|rex field=_raw ... by mahesh27 Communicator in Splunk Search 07-26-2023 0 4	0	4
Using stats and table command Hi,I am new to splunk, could you please help me with below SPL, I am trying to use stats and table commandWe have 4 e... by Vig95 Engager in Splunk Search 07-26-2023 0 3	0	3
Splunk tstats - Indexes with no traffic dropping off I'm trying to create something that displays long term outages: any index that hasn't had traffic in the last hour.I'... by john_c_calhoun Explorer in Splunk Search 07-26-2023 0 1	0	1
How do i remove values shown in graph In the below graph i see values displayed on top of each bar. How do i remove them? by sravan Explorer in Splunk Search 07-26-2023 0 1	0	1
Splunk Webhook- Can we simply add my JAVA API URL in webhhok to get response payload ? Hi, Against my corporate account I want to enable webhook action to get all responses against a query in my Java API ... by Abhinav Loves-to-Learn in Splunk Search 07-26-2023 0 0	0	0
appen empty values to results in lookup I have the following search to track search usage, i have a list of user who i want to track in a csv file. However, ... by bluewizard Explorer in Splunk Search 07-26-2023 0 2	0	2
How can I count by host? index=abc sourcetype=app_logs \|stats count as events by host, host_ip \|where events >0 When i schedule this as alert... by Harish2 Path Finder in Splunk Search 07-26-2023 0 2	0	2
How to check if the query is running or not in splunk? by AA1 New Member in Splunk Search 07-26-2023 0 1	0	1
Help on where match and rex field commands HiI have a field called ObjectD which is always different for each eventsBut in this field, there is always à charact... by jip31 Motivator in Splunk Search 07-25-2023 0 18	0	18
How to use map command to run for each deviceid? I have the following query, index="xxxx" source="$Device_ID$xxxx*" \| eval Device_ID=mvindex(split(source,"/"),5) ... by Kirthika Path Finder in Splunk Search 07-25-2023 0 6	0	6
Compare a search with two sources I have a search that has "index=A", "Source=A", "Source=B" and both sources have the column "Address"I want to compar... by anmar02930 Engager in Splunk Search 07-25-2023 0 1	0	1
How to set a token from a base search in my dashboard to be consumed in an HTML panel? hi there, I want to display an image based on the result of a search. My dashboard has a "base search" which is use... by swe Path Finder in Splunk Search 07-25-2023 1 6	1	6
How to LDAPGROUP filter by MEMBER_TYPE? I am successfully using some simple LDAPSEARCH + LDAPGROUP searches to produce membership lists for various AD groups... by ddetlef Explorer in Splunk Search 07-25-2023 0 6	0	6
How can I output only the first n characters of field value? HI people, I want from a query to only print out the first n-characters of the field value. So: index=someIndex sou... by JohnEGones Communicator in Splunk Search 07-25-2023 0 3	0	3
Splunk HF exports logs using a CLI command as a Linux crontab? I'm new to Splunk Enterprise, and my task is to forward logs from Splunk HF (AWS EC2 instance) to an AWS Cloud Watch ... by sarvananth Explorer in Splunk Search 07-25-2023 0 3	0	3
How to Easily Copy/Paste or Extract Multiple Results from a Dash? Hi everyone,Working on a dash for which the goal is to automate manual data entry which needs to take place over 100s... by interrobang Explorer in Splunk Search 07-24-2023 0 5	0	5
How to calculate duration by error code? Hi team,I have raw data with status: 200, 404, 503.183080267.ap-southeast-1.elb.amazonaws.com \| app \| 200183080267.ap... by dungnq Loves-to-Learn in Splunk Search 07-24-2023 0 4	0	4