Splunk Search

Community Activity

	Flow chart Hi,I have a table of 3 columns: Event name, time(=when the event happened) and source (file name).I need to create a ... by maayan Path Finder in Splunk Search 07-17-2023 0 1	0	1
	Flatten JSON associative array with variable key names that even containing dots I have JSON event data like this (it is shown as a collapsable tree structure in the event view): { "data": { ... by rikinet Path Finder in Splunk Search 07-16-2023 0 3	0	3
	Finding events for users that have not been seen in the last X days I need to create a baseline for what is common in an environment before creating a rule.The rule can be as simple as:... by Liran Observer in Splunk Search 07-16-2023 0 2	0	2
	UserID exists in query 1 but not query 2 by host ? I have been trying to figure this out but getting stumped. I have seen other questions similar but just slightly diff... by sjringo Contributor in Splunk Search 07-15-2023 0 8	0	8
	Job terminated unexpectedly with no obvious error if too many rex mode=sed commands in query I am trying to summarize AWS ELB Access Logs. Once I get the raw URLs, I need to substitute out the path and query p... by john_arrowwood Explorer in Splunk Search 07-15-2023 0 4	0	4
	How to compare a particular word with each and every word in the list of host and get the below output . I have a list of below host in a csvuasws12usaws120usaws11usaws13susaws13usaws130usaws14usaws15usaws16usaws17usaws173... by AyushiSrivas Loves-to-Learn in Splunk Search 07-15-2023 0 8	0	8
	When clicking on table header want to sort by case insensitive We have table with a list of users. Some user names are all lower case, some all upper case, some mixed case. We can ... by simpkins1958 Contributor in Splunk Search 07-15-2023 0 6	0	6
	Split pattern into multiple rows? Split pattern in CSV lookup format into multiple rows\| lookup table.csvNote that the number of SubnetID-IP pair is no... by LearningGuy Motivator in Splunk Search 07-14-2023 0 3	0	3
	How to add multi-value key-value pairs to current event? Greetings.Suppose I have an event schema of just a URL, where the query section of the URL may change: ```ndjson{ url... by cdieringerwm Observer in Splunk Search 07-14-2023 0 3	0	3
	Splitting results by matched conditions \|tstats count where index=app-data (TERM(Errors) TERM( Started) TERM( in) TERM(s) TERM(ms)) OR (TERM(system) T... by mahesh27 Communicator in Splunk Search 07-14-2023 0 3	0	3
	calculating percentage using eval and stats commands Hi, I am working on a task: calculating the percentage of employees working in food industry for each country. I trie... by manju1318 Engager in Splunk Search 07-14-2023 0 2	0	2
	How to achieve 90 perccentile and average on the same query? How to calculate 90 percentile and average on the same query. following query is not providing 90 percentile values ... by sabari80 Explorer in Splunk Search 07-14-2023 0 5	0	5
	How do we enhance the dlp search ? Hi,I need a help in enhancing the below search if users triggers one or more of these policies:Index=dlp sourcetype... by AL3Z Builder in Splunk Search 07-14-2023 0 3	0	3
	How to create an Alert which iterate values from lookup file? I have lookup file which is updated periodicaly and has three columns: Source, Dest, Contact a, k, ... by LIS Path Finder in Splunk Search 07-14-2023 0 7	0	7
	How to convert a decimal into binary? There doesn't seem to be command that will magically convert my decimal into binary. Any tips on how this can be don... by the_wolverine Champion in Splunk Search 07-14-2023 0 6	0	6
	Parsing different time fields for transactions Hello everyone, I have a bit of a strange requirement, which includes close work with time values. I have Splunk even... by heorhii12412 Explorer in Splunk Search 07-14-2023 0 6	0	6
	Accessing splunk api from java application Hi,I wanted to access Splunk Cloud API from my java application. Please let me know if there is any sample program av... by graghuu Observer in Splunk Search 07-14-2023 0 1	0	1
	Add column with percent of sum to chart x over y by z HelloI have the following example:\| makeresults count=3 \| streamstats count \| eval C=(random() % 9) + 1 \| eval S1=... by ResB Engager in Splunk Search 07-14-2023 0 2	0	2
	Missing Results / Random Results on searches after updating from 8.1.3 to 8.2.9 Hi, Has anyone an idea what could be the reason why before an update was able to run a query and get correct results ... by FGAnders Explorer in Splunk Search 07-14-2023 0 3	0	3
	IP address search by a project ID I have certain project IDs I'm trying to get a list of IP addresses from. by the_gambler New Member in Splunk Search 07-14-2023 0 2	0	2
	How to add rows in table Status UnitCountDuplicateIT5FailureBE2SuccessDE6SuccessIT25SuccessPT18SuccessDE10SuccessPT5Total 71 I am adding the c... by avi7326 Path Finder in Splunk Search 07-14-2023 0 6	0	6
	Is there any way to use another function as fillnull to fill null spaces? Hello.I have a table with a column for Releases, in this case, a bunch of them does not have releases. I used the fil... by KalebeRS Explorer in Splunk Search 07-14-2023 0 1	0	1
	Count TPS from Datepicker group by field So my based search can produce a table stats of deployment, total hit, and time_seconds, I only need one more field ... by qmail_madrid New Member in Splunk Search 07-14-2023 0 3	0	3
	Windows Password Compromise Hey Ya'll -Wanted to see if anyone has a simplified solution for locating potential password compromises in a Windows... by Simple_Search Path Finder in Splunk Search 07-14-2023 0 1	0	1
	How to Extract "String" as value using "+Extract New Fields" feature Hi, I have some snort logs with prior 0,1,2,3. I used the extract new fields feature to extract the priority value a... by wuming79 Path Finder in Splunk Search 07-14-2023 0 4	0	4