Splunk Search

Community Activity

	How to find out the unused IP address from IP ranges? hi, all, I have an index=myindex, and with two data sourcestype sourcetype1 includes some IP subnet information jus... by TaylorSwift Loves-to-Learn in Splunk Search 06-25-2023 0 2	0	2
	How to find Okta users that logged in from rare countries? I want to search for Okta Logs to find users that logged in from rare countries. So typically, users who logged from ... by JasonPhang New Member in Splunk Search 06-24-2023 0 4	0	4
	How to delete events which is decreasing inbetween? How to delete events which is decreasing inbetween. I have extracted the _time column using regex so that splunk defa... by kirthika26 Explorer in Splunk Search 06-24-2023 0 12	0	12
	What is wrong with my sub-pipeline in appendpipe? I have a lookup table bsm_string_new_overheat_records.csv: _time overheat_location start_CCU_AMBI_TEMP start_time_se... by yshen Communicator in Splunk Search 06-24-2023 0 10	0	10
	Is there a way to limit the results to UP TO 3 per host? Good Afternoon, I have a query to get disk space from servers. Each server has between 1 and 3 drives. My query will ... by thebankitgui Path Finder in Splunk Search 06-23-2023 0 1	0	1
	How to fetch fields and values reported in Job inspector of searches executed by end users? Hello All,I need help to make build an SPL which helps to get the results of Job inspector for each query executed by... by Taruchit Contributor in Splunk Search 06-23-2023 0 4	0	4
	How to add a string in the field value when there are more than 2 values in a field? I have a field named "port_number" in my results which gives multivalves as follows. source destinationport_number3.... by shivani364 New Member in Splunk Search 06-23-2023 0 1	0	1
	Search History Hi,Can we see queries run by another splunk user for any app ? Does it require any extra priviledges / roles ? Pleas... by Poojitha Communicator in Splunk Search 06-22-2023 0 1	0	1
	How to use Rex to extract field Hi everyone, i have a logs vpn format 2023-06-21T03:29:16+0000 [stdout#info] LOG ERR: 'LOG_DB RECORD {"username": "du... by namlh Loves-to-Learn Everything in Splunk Search 06-22-2023 0 1	0	1
	How to copy events from a search result to another index? Hi all, We have a an index (say log_index) where the log retention is only 7 days. We can not have this increased to ... by jpillai Path Finder in Splunk Search 06-22-2023 0 3	0	3
	How to parse json with SPL? Hi Splunk Community,I am looking to create a search that can help me extract a specific key/value pair within a neste... by Strangertinz Path Finder in Splunk Search 06-22-2023 0 3	0	3
	Is there a way for me to create a table output of the JSON keys? Hi Splunk Community! Is there a way for me to create a table output of the output of the json keys below & (possibly ... by Strangertinz Path Finder in Splunk Search 06-22-2023 0 3	0	3
	Why is Lookup command not working? Hi Splunkers, I have an issue with a search that use a lookup. I know here on community there are a lots of post on t... by SplunkExplorer Contributor in Splunk Search 06-22-2023 0 2	0	2
	How to achieve eval case, stats count when no event is returned? Hello All, I have created the following search in splunk index=* namespace=* \|rex "Executing http:\/\/(?<rval>\w+.... by raghul725 Explorer in Splunk Search 06-22-2023 0 4	0	4
	How to get a Splunk Alert if Value exceeds 90? Hi We have a performance log onboarded and there is a value in that we would like to monitor: The logs contain the fo... by praneeth_lv Observer in Splunk Search 06-22-2023 0 4	0	4
	Why does Alerting when timetaken for job completion exceeds averagetime? Trying to find Time Taken for last 7 days for a batch job using splunk search, trying to find the average of the time... by jrb65 Engager in Splunk Search 06-22-2023 0 2	0	2
	How to create a Donut Chart? DeviceIDCompletedCrashed117121343123 How to create a donut chart like the below snippet in splunk. so here ins... by kirthika26 Explorer in Splunk Search 06-22-2023 0 1	0	1
	Can we use regex to search for word? let's suppose I have a set of the log from Windows authentication and I want to search if user field does not match a... by Nawab Communicator in Splunk Search 06-22-2023 0 7	0	7
	How to pass parameter from savedsearch to a macro (inside the savedsearch) ? hey guys, i'm stuck with this macro problem, where i cannot run a savedsearch with a macro inside it. 1. i have a sav... by highsplunker Contributor in Splunk Search 06-22-2023 0 1	0	1
	Any examples of using now() inside map command? It appears that using now() inside of the map command will always return the time that the map was started rather tha... by fredclown Builder in Splunk Search 06-21-2023 0 7	0	7
	How to join different fields together? I have an index called index=advanced_hunting and in this index there is a field called category, where there are sev... by jhilton90 Path Finder in Splunk Search 06-21-2023 0 2	0	2
	How can I use a variable from a lookup in a search? I have a lookup table that contains usernames and userids. I want to use this to match a username to userid & vice ve... by wgawhh5hbnht Communicator in Splunk Search 06-21-2023 0 4	0	4
	How to set token value based on selection from multiselect input? Hi @Splunkers, I created panel which give output based on multiselected fields, both are having different sources/in... by dhirendra761 Contributor in Splunk Search 06-21-2023 0 7	0	7
	AdminManagerDispatch- How do I resolve this error? I was setting `ModularInputs` to WARNING.. wanted to know the default value of `AdminManagerDispatch` ... as of now i... by ydholakia Splunk Employee in Splunk Search 06-21-2023 0 0	0	0
	How to write a regex to cover few options? Hi people, I need help designing a regex that will cover the below strings, please. ---------------------------------... by DanAlexander Communicator in Splunk Search 06-21-2023 0 9	0	9