Splunk Search

Community Activity

	How to find top 10 URLs with high response time? Hello Team, I need to have top 10 url's in the order of max average response time taken. Could you please help in tha... by Devi13 Path Finder in Splunk Search 06-19-2023 0 2	0	2
	How to create a join when first search contains multivalues for single field? Hi,I'm trying to join two searches where the first search includes a single field with multiple values. The matching ... by Woodpecker Path Finder in Splunk Search 06-19-2023 0 1	0	1
	How to combine events having one field value same and create single row? Hi, Require to combine events having one field value same and create single row . Query: index=webmethods_dev5555_in... by Abhineet Loves-to-Learn Everything in Splunk Search 06-19-2023 0 1	0	1
	What is the best way to use if clause with where? Hello Community, I have a table: Filename Status file1 1 file2 0 \| eval Status=if(where S... by appsik Explorer in Splunk Search 06-19-2023 0 2	0	2
	What is the difference between run_time and total_run_time? Hello all, I need help to understand the difference between two fields run_time (fetched from index: _internal) and t... by Taruchit Contributor in Splunk Search 06-19-2023 0 1	0	1
	Is it possible to do eval and lookups with makeresult? Is it possible for me to do a main search and based on the results from main search I find the fileName and want to u... by Thulasinathan_M Contributor in Splunk Search 06-19-2023 0 3	0	3
	Optimizing SLA Tracking - Caching/Indexing or Saving Results? Hi everyone, I have a pretty huge multisearch query with multiple inputlookups, untangling the spaghetti monster whic... by interrobang Explorer in Splunk Search 06-18-2023 0 1	0	1
	Why are there a few fields are missing when importing data from DOORS next gen to Splunk? Hello All, I tried to extract data from DOORS Next Gen. After importing the data, I found that few fields are missing... by Sharmila Engager in Splunk Search 06-18-2023 0 1	0	1
	How to display next 10 numbers? Hi Splunkers, Here I'm asking help on Splunk query. I have a csv file with some numbers between 101-999, I need to wr... by thippeshaj Explorer in Splunk Search 06-18-2023 0 2	0	2
	How to dynamically select column in an XY series? Hello! I am currently trying to dynamically select columns in my output that are generated by an xyseries. I am compa... by ajones Explorer in Splunk Search 06-17-2023 0 2	0	2
	How to remove null values then add fields? Hi all, would love help with this one. I currently have a query where I have 4 different processing times by session... by user33 Path Finder in Splunk Search 06-17-2023 0 5	0	5
	How to exclude users from service account values: a generic approach? Hi,I'm attempting to create a method to exclude users from service account values without excluding a particular serv... by Raj Builder in Splunk Search 06-17-2023 0 15	0	15
	Extract multiple JSON fields I am trying to create a table whereby two of the values are within a JSON array. The data in each array entry is base... by srcno Loves-to-Learn in Splunk Search 06-16-2023 0 5	0	5
	How to remove comms and parenthesis? index="myIndex" app_name="myappName" My.Message = "failed to retrieve the workOrder"\| rex "Order (?<Order>[^\s]+)"... by Sureshp191 Explorer in Splunk Search 06-16-2023 0 10	0	10
	How do I create a search to show Cisco logins sorted by User? I can search through cisco logs easily enough, and can also sort for logins, or failed logins without issue - but sin... by Crabbok Engager in Splunk Search 06-16-2023 0 1	0	1
	How to add unique count column on the stats result? Hi, I have data as below \| date \| buyer \| product \|\| Jun-1 \| A \| P-01 \|\| Jun-1 \| A \| P-02 \|\| Jun-1 \| B ... by mia Explorer in Splunk Search 06-16-2023 0 3	0	3
	How to write query to find perimeter fw details? Hi, I am trying to build a query on perimeter firewall how we can find the ips hitting to the fw. Thanks by Raj Builder in Splunk Search 06-16-2023 0 20	0	20
	How to cancel scheduled alerts if no logs are being ingested? Hi, currently I have scheduled alerts that are triggered based on file count results. If count of 'file x' for that d... by Ana01 Loves-to-Learn Everything in Splunk Search 06-15-2023 0 2	0	2
	How to extract two characters before last set of numbers in a string? Tried many variations but just cant get it right. Example Data:onetwoap321.siteonethreap3ua.somesiteoneforpd210.site... by jenkinsta Path Finder in Splunk Search 06-15-2023 0 2	0	2
	How to combine two searches/data sets into one table? I have two searches/data sets that I would like to combine into a table, and am not entirely sure on what the correct... by Apples Explorer in Splunk Search 06-15-2023 0 4	0	4
	Does anyone have an idea how to make a bitwise AND operation for a high number of events in Splunk? Hey all The PAN-OS traffic log include a log field ‚flags‘ ‚Flags‘ is a 32-Bit field that provide details on session.... by Berma New Member in Splunk Search 06-15-2023 0 3	0	3
	How to get eval assignment of a nested JSON list does not assign? Hi, I'm trying to assign a list from a nested JSON event { "timestamp": "2023-06-14T18:03:57.047201+00:00", . ... by splunked38 Communicator in Splunk Search 06-15-2023 0 2	0	2
	How to alert when a field value has > 500 events? Hello, I'm not sure how to achieve this. I need to create an alert for when a field (user) value has > 500 events fo... by mninansplunk Path Finder in Splunk Search 06-15-2023 0 2	0	2
	How to make a query that counts by comparing values? I'm new to splunk and I'm asking for help. I will give an example as below. if event_id or orig_event are the same, c... by hyewonkim Engager in Splunk Search 06-15-2023 0 3	0	3
	How to exclude data that is already duplicated? Hi , I have somthing data need to deduplicate. I got some data from two database and save in different indexes . I us... by Hong_TP Engager in Splunk Search 06-15-2023 0 1	0	1