Splunk Search

Community Activity

Splunk Query to find the AD groups not configured in SAML - Splunk Cloud. Hello,I'm looking for a splunk query to capture AD groups that are not integrated with SAML in Splunk Cloud by Naa_Win Path Finder in Splunk Search 07-06-2023 0 1	0	1
query search don't match on input by jtabilas Loves-to-Learn Everything in Splunk Search 07-06-2023 0 4	0	4
populate multiselect why doesn't this search populate the multiselect by lorscardala985 Explorer in Splunk Search 07-06-2023 0 1	0	1
trim everything till refusal reason from the start Hi,I am trying to trim everything before the "211 Withdrawal amount exceeded: from the output --WITHDRAWAL_AMOUNT_EXC... by man03359 Communicator in Splunk Search 07-06-2023 0 6	0	6
How to check for armis logs in cloud? Hi All,How do we check for armis app alert logs in cloud, recently We have updated the app so how we can check for t... by AL3Z Builder in Splunk Search 07-06-2023 0 0	0	0
Piechart split for selected hostname? Hello Everyone, I am trying to create piechart for cache operation split(in percentage) for hit/miss/pass using the b... by super_edition Path Finder in Splunk Search 07-06-2023 0 2	0	2
Help on nav menu- How to display a menu called "test" and when I click on it, it will display other dashboards? Hi In my nav menu, i would like to display a menu called "test" and when i click on i would to display other dashbor... by jip31 Motivator in Splunk Search 07-06-2023 0 3	0	3
Why is my join not working here? Hi,In my first search, I got all the details which needs to be displayed in the results but it doesn't have an IP fie... by Woodpecker Path Finder in Splunk Search 07-06-2023 0 4	0	4
Cloudwatch metrics averages/max etc grouped by account? Greetings, Splunk user but newbie still. I am building some searches to show AWS cloudwatch data averages per accoun... by pileofdata Loves-to-Learn in Splunk Search 07-05-2023 0 1	0	1
Help on dropdown list token HiI try to filter my table events from à dropdown list like thisOwner=$owner$The item syntax in the dropdown lis is l... by jip31 Motivator in Splunk Search 07-05-2023 0 5	0	5
Help with splunk query to find login events that happen at a strange time per user Working on a splunk query to find login events that occur outside of the users' typical sign in times. I do not want ... by brucewhaleham21 Loves-to-Learn Lots in Splunk Search 07-05-2023 0 3	0	3
error while searching host \| Error in 'litsearch' command: Your Splunk license expired Hello Splunk Support,When I search in Splunk console. I got an issue as below: Error in 'litsearch' command: Your Spl... by Syeds New Member in Splunk Search 07-05-2023 0 1	0	1
How to execute javascript after a search? Hi, I've copied the Search & Reporting app folder as my own app in /etc/apps, now I want to add some JS to be execute... by big_nuggets Explorer in Splunk Search 07-05-2023 0 2	0	2
Help with Field Extraction Using Regex I have 2 requests here. I am trying to extract and create a new field from logs. Logs for request 1: 2023-06-30 0... by MaddyRaj Engager in Splunk Search 07-05-2023 0 1	0	1
How to redirect dashboard to alternative URL Hi,We`ve got a dashboard sitting on a problematic SH and would like to clone and move it to another working SH.Is the... by tomapatan Contributor in Splunk Search 07-05-2023 0 2	0	2
How do I calculate the duration between Login and Logout of user? Hi guys! I want see the avg duration of activity of user on Splunk, but i didn't find the field of logout. by jtabilas Loves-to-Learn Everything in Splunk Search 07-05-2023 0 4	0	4
Why is my schedule search produce less result than the same query running adhoc? Hello,I have a simple query that run on the last 10 days of month, around 300k events something like:index=myindex RE... by phamxuantung Communicator in Splunk Search 07-05-2023 0 1	0	1
How to add dummy row with 0 when count returns 0? Hello Splunkers,I am using \| stats count by X, Y at the end of my query. X has 4 possible values and so does Y result... by vinaysathyanara Explorer in Splunk Search 07-05-2023 0 7	0	7
Compare multivalues from different rows In my search i have 2 rows, column specifying the week and the other column a multi-value field of EventIDs. I need t... by farhad Engager in Splunk Search 07-05-2023 0 3	0	3
Help with Field Extraction using Regex? I am trying to extract 2 fields from my logs. Logs: 10.218.136.20 - - [30/Jun/2023:02:36:32 +0000] "GET /api/v2/ru... by alexspunkshell Contributor in Splunk Search 07-04-2023 0 10	0	10
Extracting data which is incosistent I need to extract a time value from log file where the time value appears with a few different variations of characte... by nateNpgh Loves-to-Learn Lots in Splunk Search 07-04-2023 0 4	0	4
Why is there a 10000 rows limit? I ran a search which should show more than 10000 rows, but I get only 10000 rows back on the result. Is this a limita... by jiaqya Builder in Splunk Search 07-04-2023 1 11	1	11
Search limiting to objects in an AD Group I need to create a search that determines if an admin users password is changed. The current search pulls the domain ... by dennislevine New Member in Splunk Search 07-04-2023 0 3	0	3
Need a REGEX that can extract bits from all events of a similar type Hi All,I need a regex that can extract particular bits from proxy events equally e.g. there are different types of ev... by DanAlexander Communicator in Splunk Search 07-04-2023 0 7	0	7
Splunk ODBC datatype conversion issue Hello Splunk Experts,We are using Splunk ODBC to extract data from Splunk and load data to Qliksense. It was working ... by manojkumarmr New Member in Splunk Search 07-04-2023 0 0	0	0