Splunk Search

Community Activity

	Dynamically generated field names for table or other operation I've been trying to solve this every which way and another and I always come up just short of the target.When searchi... by fatsug Builder in Splunk Search 07-31-2023 0 8	0	8
	How to dynamically change index value based on different time span selected? Hi there, need a bit of help here. Context: Our organisation recently changed the `index` thus we need to update al... by Wendy Explorer in Splunk Search 07-30-2023 0 5	0	5
	How to get rid of fields/columns generated by stats and eval commands? I want to find time difference between two events (duration some operation took) and plot a graph which shows how muc... by sravan Explorer in Splunk Search 07-30-2023 0 5	0	5
	How to extract json field if field name is same in json message log? Hi , I am trying to extract aggregated errors from json message log coming from splunk event and categorising them ba... by Anu1184 Explorer in Splunk Search 07-30-2023 0 3	0	3
	How to rename an operation field which is being computed from json (message log)? I am retrieving operation details like operation name, total time etc from json message log coming as a part of splun... by Anu1184 Explorer in Splunk Search 07-29-2023 0 2	0	2
	How to extract and filter fields with rex and regex? Hi I need help to extract and to filter fields with rex and regex 1) i need to use a rex field on path wich end by ".... by jip31 Motivator in Splunk Search 07-28-2023 0 8	0	8
	How to get the time difference of two timestamp in minutes? I 've two fields one is _time and another one is received_time. I want to get the time differences between these tw... by mikeyty07 Communicator in Splunk Search 07-28-2023 0 7	0	7
	How to extract a string from a field using Splunk Regex? I m having a hard time trying to extract a string from a field from a splunk search using splunk regex , can someone ... by deepaksn1214 Engager in Splunk Search 07-28-2023 0 1	0	1
	Create splunk chart from seach with totals over time Hello Members, I have seen and used the accum command, but it does not quite give me what I want. I have this search ... by eholz1 Builder in Splunk Search 07-28-2023 0 4	0	4
	How can I extract attachments? I am attempting to extract attachment fields from our email logs using regex. Attachments like .jpg, .png, pdf, etc. ... by treven Explorer in Splunk Search 07-28-2023 0 8	0	8
	Unable to find percentage of two values stored in two separate fieldnames I'm facing a weird issue. I'm not able to calculate percentage value when I use two variables/fields.I have a lookup ... by sh254087 Communicator in Splunk Search 07-28-2023 0 2	0	2
	Splunk search alert to check if CPU utilization is high and send emails if bad samples 5 of 6 intervals met? Hi, Alert Query to monitor CPU usage every 5 minutes and send an email if it matches 5 of 6 bad samples (i.e., if my ... by Satheesh_red Path Finder in Splunk Search 07-28-2023 0 9	0	9
	Help to convert a unix time HiI use a \| stats min(_time) as time_min stats max(_time) as time_max command in my searchThe time is displayed in Un... by jip31 Motivator in Splunk Search 07-28-2023 0 4	0	4
	Display time chart grouping by 2 fields I have a Splunk query that helps me to visualize different APIs vs Time as below. Using this query I could see each l... by RemyaT Explorer in Splunk Search 07-28-2023 0 2	0	2
	averaging the CPU values from the recent six events Hi,I'm attempting to calculate the average of the last six CPU event values. If the average of those six events is gr... by Satheesh_red Path Finder in Splunk Search 07-27-2023 0 1	0	1
	Field Extraction Issue - Need True/False comparison of all Values to Max Value of Same Field I'm wanting to avoid using saved searches and lookup tables as much if possible so it's easily maintainable by anyone... by BinaryAddict Engager in Splunk Search 07-27-2023 0 2	0	2
	need help with regex field extraction between square brackets I am still trying to get my head around regular expressions in splunk, and would like to use regex that could parse t... by Steve_A200 Path Finder in Splunk Search 07-27-2023 0 3	0	3
	Getting max/last value on different period Hello,I have an index with a field that record how long a computer has been running. Basically, when I display the in... by Altexec New Member in Splunk Search 07-27-2023 0 1	0	1
	Extracting specific parts from _raw logs Hi All,Can anyone help me create a regex to extract the bolded parts from the following _raw log, please?meta sequenc... by DanAlexander Communicator in Splunk Search 07-27-2023 0 7	0	7
	Savedsearch - alternative to CRON job? I have a savedsearch running on a 5 minute cron schedule iteratively working through a list of previously saved searc... by GregSmith Explorer in Splunk Search 07-27-2023 0 2	0	2
	How to troubleshoot Splunk search performance slow by Ramana246 Explorer in Splunk Search 07-27-2023 0 2	0	2
	Trying do not use a join Hi guys!I have a static snapshot lookup that stores a lot of information about vulnerabilities actives on my hosts in... by pierre_weg Path Finder in Splunk Search 07-27-2023 0 2	0	2
	If a field position change in logs then how to trace? Hello everyonePlease assist me in solving the problem below.I'm attempting to determine how to track it in Splunk if ... by mk00928640 New Member in Splunk Search 07-27-2023 0 6	0	6
	Search for multiple keywords. Hi, I want to do a search having multiple strings. Example: Consider,I am looking for SearchKey1 and SerachKey2 I... by ykmohank New Member in Splunk Search 07-27-2023 0 3	0	3
	How can I pull all the service name in a list? Hi, I need help! I have this query. Ticket_Encryption_Type=0x17 Account_Domain="ad.contoso.com" but I need, pull all ... by leonuz01 Engager in Splunk Search 07-26-2023 0 1	0	1