Splunk Search

Community Activity

Locate Changes to Field and Count Them Hello Splunk Community,I need to find out how many upgrades were performed to systems and unsure how to best proceed.... by enb_splunk Engager in Splunk Search 04-02-2025 0 3	0	3
Type of Fields command Hello all,I am trying to understand the type of fields command.Documentation says it is a "distributable streaming" w... by meshorer Path Finder in Splunk Search 04-02-2025 0 8	0	8
Get all events in a 1-minute time window around an error events I have a stream of logs from a system.To filter for errors, I can perform a search like so:index=project1 sourcetype=... by db2 Explorer in Splunk Search 04-02-2025 0 9	0	9
Find what is using a lookup table. I've got a question about lookup tables, and how to audit them.I have a rather large lookup table that's being recrea... by JJCO Engager in Splunk Search 04-02-2025 0 2	0	2
Splunk upgrade on AIX machine Hi,I'm fairly new to AIX and I have been tasked with upgrading our customers version of SPLUNK from 9.0.1 to 9.4.1, t... by dannyuk New Member in Splunk Search 04-02-2025 0 2	0	2
Count of requests processed by each API service per minute. Hi I am working on below query to get Count of requests processed by each API service per minuteindex=np source IN ("... by nithys Communicator in Splunk Search 04-02-2025 0 2	0	2
Search in lookup with subsearch- bug ? Hi, there,I'm simplifying the context:We've had a perfectly working correlation rule for several years now, and for t... by Treize Path Finder in Splunk Search 04-02-2025 0 14	0	14
Trying to download splunk logs using python script using bamboo when running my bamboo paln i am unable to generate splunk log json file this is log build 02-Apr-2025 11:57:27 /home... by Hemanth35 New Member in Splunk Search 04-02-2025 0 1	0	1
Search head error in Email action Hi Team, We have 2 search head cluster, and few reports scheduled with email action, reports running on one search he... by bhupalbobbadi Path Finder in Splunk Search 04-01-2025 0 1	0	1
How can i use my global_time token in an averaging search Maybe a dumb question but its been making me mad, maybe im overthinking it. I have a very simple search:index=poc cha... by tkwaller1 Path Finder in Splunk Search 04-01-2025 0 8	0	8
knowledge bundle Hi Base, what is the impact when the content of $Splunkhome$/var/run/searchpeers will be deleted? In an installation... by ndcl Path Finder in Splunk Search 04-01-2025 1 11	1	11
ES8 + Mission Control Usage rest API Hello everyone,We have recently started using ES8 with Mission Control and we would like to use Mission Control's API... by Nico99 Explorer in Splunk Search 04-01-2025 0 1	0	1
Time field value not getting returned from inner search index=aws* Method response body after transformations: sourcetype="aws:apigateway" business_unit=XX aws_account_alias... by Punnu Path Finder in Splunk Search 03-31-2025 0 3	0	3
case eval only showing 1 result I've scowered the internet trying to find a similar issue with no avail. \| rex field=userRiskData.general "do\:(?<dev... by Damndionic Engager in Splunk Search 03-31-2025 0 1	0	1
find change in url category. Hello Experts, looking for query where i can find list of urls blocked today which were allowed yesterday under dif... by abhijeets Explorer in Splunk Search 03-31-2025 0 1	0	1
more in depth info on itsi_summary index Hello Experts, Is there any document available which can give me more in-depth knowledge about itsi_summary index. by abhijeets Explorer in Splunk Search 03-31-2025 0 1	0	1
submit button not working Hi Submit button is not working1.First time when i load the dashboard ,i select data Data Entity from dropdown and hi... by nithys Communicator in Splunk Search 03-30-2025 0 4	0	4
Error in 'stats' command: The argument 'span=1min' is invalid. Help: when i try to run the following a get Error in 'stats' command: The argument 'span=1min' is invalid.index=trans... by dtapia Explorer in Splunk Search 03-30-2025 0 5	0	5
How To Use Eval to Capture Inconsistent key:values I am searching for a key:value report app where the values are inconsistent but include a report cluster name consist... by mark_groenveld Path Finder in Splunk Search 03-28-2025 0 8	0	8
How to append domain to hostname at search time? I've done a bit of searching and haven't quite found a solution to what I'm trying to accomplish (or I haven't unders... by rwheeloc Explorer in Splunk Search 03-28-2025 0 4	0	4
Comparing results to identify values that have a certain value in previous records The two raw results are as follows : (1)EventType="Device" Event="InstallProfileConfirmed" User="sysadmin" Enrollment... by Blueochotona Engager in Splunk Search 03-28-2025 0 4	0	4
Send Separate Alert Email notification based on email column and result returned Hi All,I have a lookup that contains set of email ids and associated accounts.Example : Account IDOWNER_EMAIL34234234... by Poojitha Communicator in Splunk Search 03-27-2025 0 1	0	1
Curl Command SSL Error on Search Head We have a total of five search heads, and while four of them are successfully executing the curl command, one search ... by harishsplunk7 Explorer in Splunk Search 03-27-2025 0 2	0	2
How do I edit this search to give me the views I have access to not the views I own Simple search but Im having issues nailing down what I want to see.This search returns all the views the logged in us... by tkwaller1 Path Finder in Splunk Search 03-27-2025 0 5	0	5
how to maintain order in stats command Fields value of 2nd and 3rd events are enter changing. please suggest how to maintain order in Splunk status command.... by RSS_STT Explorer in Splunk Search 03-27-2025 0 4	0	4