Splunk Search

Community Activity

	Help with field extraction? Hi All, we have events like below and in these need to extracts below id"s example d1c35370-1522-498c-8a79-ab07909a1c... by sekhar463 Path Finder in Splunk Search 03-29-2023 0 11	0	11
	Help needed with foreach query for LDAP user information Hey All,Been banging my head for a few days with this one and will appreciate any feedback on the topic.The scenario ... by D3mby Explorer in Splunk Search 03-29-2023 0 7	0	7
	How to create query for multi value attribute? Hi, can I ask you for helping me with this small problem, please? If I read the content of the lookUp using any crite... by spisiakmi Contributor in Splunk Search 03-29-2023 0 2	0	2
	Why is tstats aggragate function not returning results? So I'm fairly new to using data models for my visuals, and converting my network performance dashboard to summarized ... by lnvaderzee Loves-to-Learn in Splunk Search 03-29-2023 0 2	0	2
	Why is timechart not working to show DNS count and upper/ lower bounds on the same graph? Hi, I am trying to show the number of DNS logs per hour here on a graph with the upper and lower bound lines showin... by POR160893 Builder in Splunk Search 03-29-2023 0 1	0	1
	How to click on table cell to go to a URL referenced in event field (not in row data)? I can't seem to figure out how to configure my XML so that when I click on a table cell, I go to a URL referenced in ... by c_yeo New Member in Splunk Search 03-29-2023 0 4	0	4
	How to calculate event results based on time picker range & convert into time zones based off of a user for a lookback? Hi Splunk Community, I need to be able to calculate results based off of a time range picked by the user where the us... by beginner_splunk Loves-to-Learn in Splunk Search 03-29-2023 0 2	0	2
	How to filter an word from a string using SPL? e.g. input : CustomerService API call compeled in 105 ms Expected output : Customerservice 105 (in some graphical re... by ABHAYA Path Finder in Splunk Search 03-29-2023 0 10	0	10
	How to parse value from json event and build graph? Hello gays I have events like this, in raw text: {"key":"Pending","value":0} {"key":"NOT processed","value":9} {"key"... by alexeysharkov Path Finder in Splunk Search 03-28-2023 0 5	0	5
	Will Splunk searches using lookup get affected if there is knowledge bundle issue? So I have been working on migrating usecases from one splunk ES to splunk cloud for a client. They had around 760+ co... by Sucheta_new Loves-to-Learn in Splunk Search 03-28-2023 0 0	0	0
	Comparing input lookup table to index? Hello - I am looking to match an uploaded lookup table in csv format to the indexes we have. I am running into probl... by hantun Loves-to-Learn Lots in Splunk Search 03-28-2023 0 3	0	3
	Response time- How do I extract response time in "ms" from this event? I am beginner. How do I extract response time in "ms" from this event? Thank you. 4.72.20.141 - - [27/Dec/2037:12:0... by Tioluwani-Ada Engager in Splunk Search 03-28-2023 0 1	0	1
	Why is stats avg(response_time) not working after extracting response_time? I am a beginner. Why is stats avg(response_time) not working after extracting response_time? index="testing1" source=... by Tioluwani-Ada Engager in Splunk Search 03-28-2023 0 2	0	2
	Removing punctuation from multivalue field and put value in own event? I'm pretty sure the answer to my question is regex but I'm not too savy with it. I have a few values in an IP field f... by atebysandwich Path Finder in Splunk Search 03-28-2023 0 3	0	3
	How do I get arbitrary nested key-value pairs from JSON? I have some JSON that looks similar to this: { "foo": "bar", "x": { "hello": "world", "y"... by mldavis195 Explorer in Splunk Search 03-28-2023 0 2	0	2
	Data extraction for msexchange subject field? Hi Team, I need a rex command to extract subject field from the event _raw.. Currently i am splitting the fields wi... by priya1926 Path Finder in Splunk Search 03-28-2023 0 4	0	4
	Part2: How to join two different result sharing common field? Let say I have a result belowindex = indextestsource=stestbunch of evals = evalssourcetype=sttext\| table ID Status Re... by yohhpark Path Finder in Splunk Search 03-28-2023 0 6	0	6
	Why does xmlkv only select last field? Hello fellow splunkers, I'm posting here because I would gladly have help with the following query. Let's say I have ... by salv1 Engager in Splunk Search 03-28-2023 0 1	0	1
	How to TimeChart for average function avg()? I have this search that is working and returning a average Delay value:Search Command \| eval epoch_timestamp=strptime... by DPOIRE Path Finder in Splunk Search 03-28-2023 0 3	0	3
	Is it possible to add the same action to all of the alerts in one time? Hello I need to add alert action to many alerts,Is it possible to add the same action to all of the alerts in one tim... by sarit_s Communicator in Splunk Search 03-28-2023 0 1	0	1
	Why is my regex not matching? My regex from the message field looks like this. \| rex field=Message "\W(?<Hostname>\S+)\s\w+\W(?<Build>\S+)\s\w+\W... by michaelnorup Communicator in Splunk Search 03-28-2023 0 4	0	4
	How to display fields from two queries only if timestamps match? Hi, I have a query that is making two different searches and displaying the stats of each. Example:index="example" TE... by klay824 Explorer in Splunk Search 03-28-2023 0 6	0	6
	How to create a table for number of uploads for the top users? Hello All, I have been able to create a table that lists the top users that have been uploading files the most to clo... by TrangCIC81 Communicator in Splunk Search 03-28-2023 0 4	0	4
	How to extract fields from txt format? Hello, I want to extract fiends from below log format. Can someone please help. Log format - 2023-03-21 04:14:13.859,... by drogo Explorer in Splunk Search 03-27-2023 0 5	0	5
	How to use a Lookup File with Multiple Static or Dynamic Values? We have a standard configuration for our workstations. Several of the fields are static but some are dynamic (but the... by chrisschum Path Finder in Splunk Search 03-27-2023 0 2	0	2