Splunk Search

Community Activity

	How do I see what fields are in indexed metadata? I know some fields like _time, host, sourcetype, and source are in indexed metadata but what query do I need to list ... by russell120 Communicator in Splunk Search 06-02-2023 0 3	0	3
	some json log lines are merged into one block Our application prints logs in json format . example {"ts":"05 30 2023 10:30:00.013","th":"logging-metrics-publisher"... by ajitdev381 Engager in Splunk Search 06-02-2023 0 1	0	1
	Can I create each row of a table as pie chart without drilldown? Hi I have a table result created as: Emp sold consumed wasted...... stolen ABC 8 12 5 ... by splunkdivya Explorer in Splunk Search 06-02-2023 0 12	0	12
	How do I create a search for Event id 4742 (-30 Days)? hi team,I'm creating a query that I need to look for if a machine changed the password (Password_last_set) more than ... by Freeza Explorer in Splunk Search 06-02-2023 0 2	0	2
	How to get when server goes down status? HI Team,I want to get when server goes down time. timestatus6/2/2023 12:55down6/3/2023 12:52down6/4/2023 12:50down6/4... by Anud Path Finder in Splunk Search 06-02-2023 0 3	0	3
	Comparing data from two separate dates? So i am trying to compare bar graphs for event count for our indexes for two separate days. We are upgrading our envi... by Abass42 Communicator in Splunk Search 06-02-2023 0 1	0	1
	Can I search eval case inside map? Nothing is returned for SOT (assuming NULL). I don't understand what could be wrong. If I run the mstats command ... by winknotes Path Finder in Splunk Search 06-02-2023 0 6	0	6
	How to create a table? Can we aggregate the data in the specified column?example SPL A)index=pan_logs \| stats count by signature,src,destex... by ko1 Engager in Splunk Search 06-01-2023 0 4	0	4
	Find path between nodes in a table representing a hierarchical tree? I have a table with columns "from" and "to", in which each row represents an edge between "from" and "to" nodes withi... by rikinet Path Finder in Splunk Search 06-01-2023 0 1	0	1
	How to get job names divided into separate cells with the same time stamp? Hi Team, We have a splunk XML dashboard as shown in the below snippet. In the above table we have extracted the job ... by Renunaren Loves-to-Learn Everything in Splunk Search 06-01-2023 0 2	0	2
	How to find the total number of users that receive a certain email? Hello, Please I need assistance. More than 300 people received a certain email. Some are still with the company while... by Lye Path Finder in Splunk Search 06-01-2023 0 2	0	2
	How to present a readable time value when epoch value is on the y-axis in a scatter chart? My goal is to present a scatter chart with the size of a file each time a job runs. This requires 3 values: time, si... by lessthan80 Explorer in Splunk Search 06-01-2023 0 6	0	6
	How to phrase a search to find results if two conditions are met? I am new to using Splunk and having some difficulties with the search query logic. I want to create a dashboard that ... by beans123 Engager in Splunk Search 06-01-2023 0 1	0	1
	How to find all events where at least one column has duplicate values? Through a dbx query, I'm pulling out several columns, among which include account_email, true_ip, device_id, and requ... by retro-bloke Explorer in Splunk Search 06-01-2023 0 2	0	2
	multi-level nested JSON to table? There are numerous questions/answers about extracting nested JSON data, but none of those answers seem to apply to wh... by qralston Engager in Splunk Search 06-01-2023 0 0	0	0
	How to stats count but get all values? Here is the search I am trying to do and I hope I can explain this correctly....I am searching for dlp events where t... by secphilomath1 Explorer in Splunk Search 06-01-2023 0 4	0	4
	How to calculate subnet from list of IP addresses? I'm trying to come up with a way to output to a lookup file a list of calculated network addresses given a list of IP... by bald_balrog New Member in Splunk Search 06-01-2023 0 1	0	1
	How to arrange table columns? How do i print the following service status count Gmdl 200 5 Aesp 200 13 abc 200... by spatt New Member in Splunk Search 06-01-2023 0 1	0	1
	How can I find the data retention and indexers involved? I need a query that will provide the earliest date for data within an index as well as the indexer it is stored on, s... by danielbb Motivator in Splunk Search 06-01-2023 0 3	0	3
	How to write a query to check IP addresses in Subnets? Hi, I am trying to establish a query that checks whether a random src IP is in a specific subnet.However, all the sub... by POR160893 Builder in Splunk Search 06-01-2023 0 2	0	2
	Splunk query for bayesian check- Why am I getting error? I am trying to refine search based on a sub query, where sub query is not a filter of outer query. I need to check if... by mahesh21894 New Member in Splunk Search 05-31-2023 0 2	0	2
	Is there anything comparable to SPL for offline use? I love love love Splunk and especially SPL! It makes it so easy to generate very granular and detailed reports on lar... by ttovarzoll Path Finder in Splunk Search 05-31-2023 0 4	0	4
	How to use the lookup table into a macro with parameters? I have a lookup table with filters and SPLs columns/values by product/client. I want to use a macro passing the produ... by rafamss Contributor in Splunk Search 05-31-2023 0 5	0	5
	How to compare numbers before and after a special char? Hello, I have a log file that spits out data like the below. I want to be able to evaluate the the numbers either si... by HelloItsMe76 Explorer in Splunk Search 05-31-2023 0 1	0	1
	Trouble getting a very basic search to work- Is there a way to get just a portion of log entry? I'm using the "LogPush" feature from Cloudflare to get "log events" put into a Splunk index. The log events are all J... by kcantrel Explorer in Splunk Search 05-31-2023 0 19	0	19