Splunk Search

Community Activity

	How to split strings without delimiter? Hello,how can I split strings that are in the same line without delimiters into a new line?Have this lines that conta... by KalebeRS Explorer in Splunk Search 07-04-2023 0 1	0	1
	rex Hi i need extract the below file name from extracted output MDTM\|07/02/2023 23:58:59.007\|[SFTP:3460819_0:eftpos:10.1... by Jagaspu Engager in Splunk Search 07-04-2023 0 6	0	6
	Aggregation search for different fields help Hello everyone! I have Splunk events in the following format: activity_time: 2023-06-29T12:45:06Z event_time: 20... by heorhii12412 Explorer in Splunk Search 07-03-2023 0 6	0	6
	How to create table based on below logs {"timestamp":"2023-06-28T11:00:13.545Z","message":"Time taken for Method1 Call : 3120","class":"com.xyz.enterprise.p... by UdayBhaskar Engager in Splunk Search 07-03-2023 0 2	0	2
	Saved searches Run time Hello Splunkers,I had a question, I wanted to check the time on which my saved searches / scheduled reports and alert... by izzie123 Path Finder in Splunk Search 07-03-2023 0 3	0	3
	How to list of all indexes and all fields within each index? I can obtain a list of fields within an index eg.index=bind_queries \| stats values() AS \| transpose \| table column... by TonyJobling New Member in Splunk Search 07-03-2023 0 4	0	4
	Need to make changes in correlation search audit query Hi all,I'm trying to audit correlation searches in my environment but unable to view the "Last Modified By" "Last Mod... by AL3Z Builder in Splunk Search 07-01-2023 0 3	0	3
	How to find a user behind an action? Hi I have a report showing who have added or removed a person to or from a group. Like :index="win*" (EventCode=4728 ... by Loepp Observer in Splunk Search 06-30-2023 0 6	0	6
	Splunk search to find the traffic of Heavy Forwarders reporting with their IP address? Hello, Can someone please help me with the Splunk search to find the list of Heavy Forwarders reporting with their IP... by Roy_9 Motivator in Splunk Search 06-30-2023 0 4	0	4
	How to use subquery values in a where clause? Im trying to do this: aid=0 Overflowexception msg="Print completed" @t<first \| [search Overflowexception \| stats min... by Staale New Member in Splunk Search 06-30-2023 0 6	0	6
	How to find common field values in different action? Hello All,I want to create an alert to find certain actions done by users from same Index.Index= myindexsourcetype= m... by navan1 Explorer in Splunk Search 06-30-2023 0 4	0	4
	extract two different field values into one field using regex Hi All,I am fairly new to Splunk and I have bit of a challenge in front of me which I am not able to resolve. I have ... by man03359 Communicator in Splunk Search 06-30-2023 0 1	0	1
	Issue with MultiSearch and Missing Buckets with SLA Eval Hey all, I've got a multisearch query using inputlookups to untangle a sprawling kafka setup, getting all the various... by interrobang Explorer in Splunk Search 06-29-2023 0 0	0	0
	Created a report where I need to trigger an alert depending on the value of a cell I have the following searchindex=xoom_app_online_checkout_orchestration_api (level=ERROR AND "Failed to get open-bank... by gsbpp Explorer in Splunk Search 06-29-2023 0 3	0	3
	How do you MVZIP more than one field? My data is in JSON format, and contains arrays of JSON data that can be from 1 to N blocks. In this JSON, fields can ... by brajaram Communicator in Splunk Search 06-29-2023 0 3	0	3
	URL Decoding- How to resolve error? i tried all splunk answers and doesn't seems like working for me. i have this search \| rex mode=sed field=message.UA ... by yonphang Explorer in Splunk Search 06-29-2023 0 5	0	5
	Comparing the results in different time range? Hi Splunkers! Good day! I need a search which extracts the count of serial_number of different time range and i... by smanojkumar Contributor in Splunk Search 06-29-2023 0 4	0	4
	How can I extract with Regex? Hello, Hope you are wellI want to etract only TP58304 on this line (8)TP58304 (5)endra(3)ttx(5)local(0)How can i do p... by numeroinconnu12 Path Finder in Splunk Search 06-29-2023 0 1	0	1
	Optimizing subquery with inputlookup I have this query to find hosts from a lookup that have zero events. There are about a 100 hosts and I can see that t... by krbalaji77 Explorer in Splunk Search 06-29-2023 0 3	0	3
	Configuration file settings We keep getting warnings such as We have gone into the savedsaerch conf files and renames them on a diferent SH but I... by domino30 Path Finder in Splunk Search 06-29-2023 0 1	0	1
	Can't extract fields and make list? Hi Team, Please help us on the below issue. Below is the sample event. message: Dataframe row : {"_c0":{"0":"{","1"... by Renunaren Loves-to-Learn Everything in Splunk Search 06-28-2023 0 2	0	2
	MultiSearch and Missing Buckets Messing with SLA Calculations I've got a multisearch query basically using inputlookups to trace a sprawling kafka setup, getting all the various l... by interrobang Explorer in Splunk Search 06-28-2023 0 0	0	0
	Finding a number of outliers that repeteadly occurs on 3 consecutive time windows using streamstats? So I have this query that creates and incident if there is 7 outlier in the last 15 minutes: \| streamstats time_wind... by Goldenfit Explorer in Splunk Search 06-28-2023 0 0	0	0
	Log clearing not showing up from tstats? I can search my way into finding the result of a log clearing event bit if I use a data model with tstats it doesn't ... by domino30 Path Finder in Splunk Search 06-28-2023 0 10	0	10
	How would I look for dashboards/alerts not in use? Hi Team , Has anyone worked on finding out unused dashboards or alerts in Splunk . Can you please assist me . Thank... by npanda04 New Member in Splunk Search 06-28-2023 0 3	0	3