Splunk Search

Community Activity

	extract two different field values into one field using regex Hi All,I am fairly new to Splunk and I have bit of a challenge in front of me which I am not able to resolve. I have ... by man03359 Communicator in Splunk Search 06-30-2023 0 1	0	1
	Issue with MultiSearch and Missing Buckets with SLA Eval Hey all, I've got a multisearch query using inputlookups to untangle a sprawling kafka setup, getting all the various... by interrobang Explorer in Splunk Search 06-29-2023 0 0	0	0
	Created a report where I need to trigger an alert depending on the value of a cell I have the following searchindex=xoom_app_online_checkout_orchestration_api (level=ERROR AND "Failed to get open-bank... by gsbpp Explorer in Splunk Search 06-29-2023 0 3	0	3
	How do you MVZIP more than one field? My data is in JSON format, and contains arrays of JSON data that can be from 1 to N blocks. In this JSON, fields can ... by brajaram Communicator in Splunk Search 06-29-2023 0 3	0	3
	URL Decoding- How to resolve error? i tried all splunk answers and doesn't seems like working for me. i have this search \| rex mode=sed field=message.UA ... by yonphang Explorer in Splunk Search 06-29-2023 0 5	0	5
	Comparing the results in different time range? Hi Splunkers! Good day! I need a search which extracts the count of serial_number of different time range and i... by smanojkumar Contributor in Splunk Search 06-29-2023 0 4	0	4
	How can I extract with Regex? Hello, Hope you are wellI want to etract only TP58304 on this line (8)TP58304 (5)endra(3)ttx(5)local(0)How can i do p... by numeroinconnu12 Path Finder in Splunk Search 06-29-2023 0 1	0	1
	Optimizing subquery with inputlookup I have this query to find hosts from a lookup that have zero events. There are about a 100 hosts and I can see that t... by krbalaji77 Explorer in Splunk Search 06-29-2023 0 3	0	3
	Configuration file settings We keep getting warnings such as We have gone into the savedsaerch conf files and renames them on a diferent SH but I... by domino30 Path Finder in Splunk Search 06-29-2023 0 1	0	1
	Can't extract fields and make list? Hi Team, Please help us on the below issue. Below is the sample event. message: Dataframe row : {"_c0":{"0":"{","1"... by Renunaren Loves-to-Learn Everything in Splunk Search 06-28-2023 0 2	0	2
	MultiSearch and Missing Buckets Messing with SLA Calculations I've got a multisearch query basically using inputlookups to trace a sprawling kafka setup, getting all the various l... by interrobang Explorer in Splunk Search 06-28-2023 0 0	0	0
	Finding a number of outliers that repeteadly occurs on 3 consecutive time windows using streamstats? So I have this query that creates and incident if there is 7 outlier in the last 15 minutes: \| streamstats time_wind... by Goldenfit Explorer in Splunk Search 06-28-2023 0 0	0	0
	Log clearing not showing up from tstats? I can search my way into finding the result of a log clearing event bit if I use a data model with tstats it doesn't ... by domino30 Path Finder in Splunk Search 06-28-2023 0 10	0	10
	How would I look for dashboards/alerts not in use? Hi Team , Has anyone worked on finding out unused dashboards or alerts in Splunk . Can you please assist me . Thank... by npanda04 New Member in Splunk Search 06-28-2023 0 3	0	3
	Which Splunk Db version should match with Db servers? I have a Splunk app db connect running on version 3.4.2 so is it important to run those exsisting databases on that v... by Ritu Explorer in Splunk Search 06-28-2023 0 1	0	1
	Why is my search not specifying field vs _raw or explicit field? Hello, I'm trying to understand the behavior of a basic query as the one below (I've ingested a JSON dataset): inde... by blardy New Member in Splunk Search 06-28-2023 0 2	0	2
	How to count number of values in multi-valued field? Hello! I want to know how to count numbers of field values. Currently I have two fields, something like: User - AnnaC... by marinella26 Explorer in Splunk Search 06-27-2023 0 2	0	2
	Why is lookup command not working in Splunk REST API? I'm consuming data from Splunk REST API endpoints for other purposes. However, it is throwing this error because I us... by georgear7 Communicator in Splunk Search 06-27-2023 0 5	0	5
	Taking Count of Response Codes by Endpoints with Endpoints listed as rows and Response Codes listed as columns? Hello,I am new to Splunk. Please help me write a query to get count of response by ServcieName(displayed in rows) and... by NallaAyee Observer in Splunk Search 06-27-2023 0 2	0	2
	How to apply header color based on the header value on the table? I have 10 columns and want to color header alone with different color codes based on value of the header since column... by DataOrg Builder in Splunk Search 06-27-2023 0 7	0	7
	How to search to retrieve the host values from the index data that match the host values in the CSV file? I have an index named "Linux" and a CSV file called "sample.csv" with multiple columns, including "IP" and "Host." My... by satyaallaparthi Communicator in Splunk Search 06-27-2023 0 7	0	7
	How to discard users that start with a urn:forms:anonymous#? I have some users that start with urn:forms:anonymous# in my lookupI was trying to to discard them use urn:forms:anon... by Netza Engager in Splunk Search 06-27-2023 0 2	0	2
	How to extract stats in a multivariate field? I have the following query that sets 'Results' based on the JSON portion of my logs below: index="internallogs"source... by Bizzaro_Shake Explorer in Splunk Search 06-27-2023 0 4	0	4
	How to pass current year and month to search query dynamically? Hi Team, I am trying to write a search query where it will find the existing filename is present in the logs or not.H... by splunkNewbie007 Loves-to-Learn in Splunk Search 06-26-2023 0 5	0	5
	How to add total median and min to median and min by month? Hey guys! I need the statistics of a bunch of data by month. And this is done already. search\|eval Month=strftime(_ti... by qqzj Explorer in Splunk Search 06-26-2023 0 8	0	8