Splunk Search

Community Activity

How to add multi-value key-value pairs to current event? Greetings.Suppose I have an event schema of just a URL, where the query section of the URL may change: ```ndjson{ url... by cdieringerwm Observer in Splunk Search 07-14-2023 0 3	0	3
Splitting results by matched conditions \|tstats count where index=app-data (TERM(Errors) TERM( Started) TERM( in) TERM(s) TERM(ms)) OR (TERM(system) T... by mahesh27 Communicator in Splunk Search 07-14-2023 0 3	0	3
calculating percentage using eval and stats commands Hi, I am working on a task: calculating the percentage of employees working in food industry for each country. I trie... by manju1318 Engager in Splunk Search 07-14-2023 0 2	0	2
How to achieve 90 perccentile and average on the same query? How to calculate 90 percentile and average on the same query. following query is not providing 90 percentile values ... by sabari80 Explorer in Splunk Search 07-14-2023 0 5	0	5
How do we enhance the dlp search ? Hi,I need a help in enhancing the below search if users triggers one or more of these policies:Index=dlp sourcetype... by AL3Z Builder in Splunk Search 07-14-2023 0 3	0	3
How to create an Alert which iterate values from lookup file? I have lookup file which is updated periodicaly and has three columns: Source, Dest, Contact a, k, ... by LIS Path Finder in Splunk Search 07-14-2023 0 7	0	7
How to convert a decimal into binary? There doesn't seem to be command that will magically convert my decimal into binary. Any tips on how this can be don... by the_wolverine Champion in Splunk Search 07-14-2023 0 6	0	6
Parsing different time fields for transactions Hello everyone, I have a bit of a strange requirement, which includes close work with time values. I have Splunk even... by heorhii12412 Explorer in Splunk Search 07-14-2023 0 6	0	6
Accessing splunk api from java application Hi,I wanted to access Splunk Cloud API from my java application. Please let me know if there is any sample program av... by graghuu Observer in Splunk Search 07-14-2023 0 1	0	1
Add column with percent of sum to chart x over y by z HelloI have the following example:\| makeresults count=3 \| streamstats count \| eval C=(random() % 9) + 1 \| eval S1=... by ResB Engager in Splunk Search 07-14-2023 0 2	0	2
Missing Results / Random Results on searches after updating from 8.1.3 to 8.2.9 Hi, Has anyone an idea what could be the reason why before an update was able to run a query and get correct results ... by FGAnders Explorer in Splunk Search 07-14-2023 0 3	0	3
IP address search by a project ID I have certain project IDs I'm trying to get a list of IP addresses from. by the_gambler New Member in Splunk Search 07-14-2023 0 2	0	2
How to add rows in table Status UnitCountDuplicateIT5FailureBE2SuccessDE6SuccessIT25SuccessPT18SuccessDE10SuccessPT5Total 71 I am adding the c... by avi7326 Path Finder in Splunk Search 07-14-2023 0 6	0	6
Is there any way to use another function as fillnull to fill null spaces? Hello.I have a table with a column for Releases, in this case, a bunch of them does not have releases. I used the fil... by KalebeRS Explorer in Splunk Search 07-14-2023 0 1	0	1
Count TPS from Datepicker group by field So my based search can produce a table stats of deployment, total hit, and time_seconds, I only need one more field ... by qmail_madrid New Member in Splunk Search 07-14-2023 0 3	0	3
Windows Password Compromise Hey Ya'll -Wanted to see if anyone has a simplified solution for locating potential password compromises in a Windows... by Simple_Search Path Finder in Splunk Search 07-14-2023 0 1	0	1
How to Extract "String" as value using "+Extract New Fields" feature Hi, I have some snort logs with prior 0,1,2,3. I used the extract new fields feature to extract the priority value a... by wuming79 Path Finder in Splunk Search 07-14-2023 0 4	0	4
Help on "node is not allowed here" message hiI try to add an option name in a pie chart:<option name="charting.chart.showPercent">true</option> and an option na... by jip31 Motivator in Splunk Search 07-14-2023 0 1	0	1
How we can optimize dlp search? Hi all,We are looking for users that trigger one or more of these policies:policy="[DLP] - Internal " OR policy="[SM... by AL3Z Builder in Splunk Search 07-13-2023 0 4	0	4
Adding two values Hello,I have two panels with different logic (various indexes and filters) that produces X and Y respectively. I want... by hantun Loves-to-Learn Lots in Splunk Search 07-13-2023 0 1	0	1
Metrics in chart I am trying to use a radial gauge graph in order to show a % using avg(cpu_metric.Idle). However, I want the "reverse... by sizemorejm Explorer in Splunk Search 07-13-2023 0 3	0	3
Multiple json in an event- How do I extract status in one event? I have multiple json coming in a single event and want to extract the status of one event. For example, I want the s... by splunkuser320 Path Finder in Splunk Search 07-13-2023 0 2	0	2
Is it possible to use event sampling in the new dashboard studio? Hello, Is it possible at all to use event sampling (1:100 or 1:1000) in the new dashboard studio? It works fine using... by letienne Path Finder in Splunk Search 07-13-2023 0 3	0	3
When using "typeof, results are field value invalid I have used "typeof" to know the Types for fields for the data set in splunk web version, but I get the Value column ... by vsid_splunk Explorer in Splunk Search 07-13-2023 0 8	0	8
How to create a search to check which user disabled/enabled alert? Splunk query to check which user disabled/enabled alert. by AnmolKohli Explorer in Splunk Search 07-13-2023 2 9	2	9