Splunk Search

Community Activity

How to perform Lookup Using Event Field that is a List? I have an event field that is a list of "permissions" , and I want to perform a lookup for each permission in the li... by rrossetti Splunk Employee in Splunk Search 04-12-2023 0 2	0	2
Splunk Cloud: How do we extract multiple values for one field for one entry? for splunk cloud how do we extract multiple values for one field for one entry by mcristinzio New Member in Splunk Search 04-12-2023 0 1	0	1
Help with latest and earliest Hi, I would like to know if someone can help me with this issue. I am trying to add a time constraint to an SPL and I... by Diana_a Explorer in Splunk Search 04-12-2023 0 2	0	2
Why is it incorrectly showing some values as NULL? Here is the raw log { "markers": { "requestId": "RAWWyBVRjlX1wCr3JPINpZz6TLfa6FAM_09c958c6", ... by 6abhay New Member in Splunk Search 04-12-2023 0 2	0	2
How to choose color based on text value? Hi there! I need to choose the color in the dashboard based on the text results in dashboard, where the value ... by smanojkumar Contributor in Splunk Search 04-12-2023 0 14	0	14
How to create new field based on table values? Dear Experts..Looking for help with a Splunk Query...I was working on a Splunk Query to identify the Frames connectio... by satish Explorer in Splunk Search 04-12-2023 0 4	0	4
How can I compute value based on group by values in timechart? \| eval vm_unit=case(vmSize="Standard_F16s_v2",2,vmSize="Standard_F8s_v2",1,vmSize="Standard_F4s",0.5,vmSize="Standard... by Sathiya123 Explorer in Splunk Search 04-12-2023 0 5	0	5
How to convert SQL query to Splunk search? Hi, I have the following tables: asset table:asset_idsolution_idvulnerability_id solution table:solution_idsolution s... by idkgirly Loves-to-Learn in Splunk Search 04-11-2023 0 3	0	3
How to correlate nested parent child jobs? Hi,we have to monitor some jobs in which One Job could have multiple sub task. It could be nested dependency as well... by AKG11 Path Finder in Splunk Search 04-11-2023 1 10	1	10
How to search and create table report? I have a logfile with information like this - 2023-04-05 13:54:17.259 INFO [http-nio-8080-exec-117][OTPViewController... by runiyal Path Finder in Splunk Search 04-11-2023 0 3	0	3
How to include multiple fields of the same type? I would like to add all instances of a field within the same variable, named SynchronousExecution. Is there a better ... by trevor7 Engager in Splunk Search 04-11-2023 0 2	0	2
How to achieve average of first 7 vs last 7 records? Hi team,I have 14 records in the table, I want to find out average of first 7 and average of last 7 recordsHow can I... by agupta13 Engager in Splunk Search 04-11-2023 0 1	0	1
How to separate OS name and OS version values from a field having combined value? I have a column that holds OS Name along with it's version details. os_full_nameCentOS Linux release 7.1.1503 (Core)... by sh254087 Communicator in Splunk Search 04-11-2023 0 1	0	1
How to write a rex expression to pull out a specific bit of data? Hello! So I'm trying to write a rex expression to pull out a specific bit of data from this:<plugin_output>Operating ... by TorbinIT Path Finder in Splunk Search 04-11-2023 0 2	0	2
Scheduled training using StateSpaceForecast/Smart Forecasting MLTK Hi all,I trained a model using the Smart Forecasting tool (StateSpaceForecasting) algorithm using the Machine Learnin... by Nic Engager in Splunk Search 04-11-2023 0 0	0	0
Splunk Installation. Hi,I'm new to Splunk, trying to understand for Splunk we have 1 installation we need to customize it to work as Forwa... by VijayA Explorer in Splunk Search 04-11-2023 0 2	0	2
How to hide an entire field value? Hello, I've an index where all my data is stored and I want to create 2 savedsearch : - one with all the data (i hav... by fatanyk Explorer in Splunk Search 04-11-2023 0 4	0	4
Is there any way we can control logs generation time? Hi, Can you advise on my Query. Splunk Universal Forwarder installed on client machine, the are generating log files ... by VijayA Explorer in Splunk Search 04-11-2023 0 4	0	4
How to compare fields between db and lookup file and to pick a column value from lookup as resultant field? I have two data sources - 1. Discovered data. Can be either a lookup file or a db table. Let's assume db table. I'm p... by sh254087 Communicator in Splunk Search 04-11-2023 0 0	0	0
How to execute a dbxquery in Splunk by adjusting only the time tokens? Hi Y'all, I am trying to execute a dbxquery in Splunk by adjusting only the time tokens. Splunk server is in a time... by _pravin Contributor in Splunk Search 04-11-2023 0 2	0	2
How to show result of if a field not contains another field? Hi all, I have two fields. I want a splunk query that not a field contains another field. For example field1 is ::fff... by hoseineagle Observer in Splunk Search 04-11-2023 0 4	0	4
How to compare last value with the 7th last value? How to compare last value with the second last value? Say I have a column with N records in it882267. -->445512447580... by aguasd12 Observer in Splunk Search 04-10-2023 0 3	0	3
Are there way to optimize this query? Hello, following query is slow and processing a lot of data environment=tesxt earliest=-0d@d (index=iis_openapi OR... by msrama5 Explorer in Splunk Search 04-10-2023 0 7	0	7
How to Sum(column1, column2, column3) as column4? I need to know how to Sum(CreatedSD?,CreatedBD,CreatedLOD) as CreatedTotal Login, Document and Loan Counts High Level... by abnderby Engager in Splunk Search 04-10-2023 0 4	0	4
How to capture all "Names" from a single event? Hi, Hypothetically speaking, if I have the following event: q[pworei[qpweori[pqwoeirp[qowier[powierw"NAME":"BOB";PO... by Android99 Engager in Splunk Search 04-10-2023 0 1	0	1