Splunk Search

Community Activity

How to check 30 minutes after an event in Splunk for a failed login attempt? I have a search in Splunk that returns events for failed logins. I want to be able to check 30 minutes after the even... by MM0071 Path Finder in Splunk Search 03-03-2023 0 5	0	5
How to count matching events in lookup in last 30 days? A have a lookup table that includes a "time" column (timeformat=%m/%d/%Y %H:%M:%S). Can someone please help me develo... by Sven1 Path Finder in Splunk Search 03-03-2023 0 4	0	4
How to create a search that shows a daily message count and the average for each direction? I'm trying to create a search that shows a daily message count (both inbound and outobound) and the average for each ... by weetabixsplunk Explorer in Splunk Search 03-03-2023 0 3	0	3
How to compare two searches using a shared variable? I am trying to make 2 searches using the same index and source. The first search is looking for all entries with "mes... by ckutach Engager in Splunk Search 03-03-2023 0 1	0	1
Transaction ends and begins with same code- How to differentiate? I'm trying to differentiate between cd burns and cd read codes from Window Event Viewer using WinZipBurn. From what I... by michaeler Communicator in Splunk Search 03-03-2023 0 1	0	1
Problems with dedup dropping too many records? I am having trouble with deduping on a Salesforce object and my "feels like" here is dedup isn't doing what I underst... by arist0telis Explorer in Splunk Search 03-03-2023 0 3	0	3
Field is extracted by default, but no results based on it's values? Returns thousands of entries: index=myindex sourcetype=mysourcetype Returns all (8 atm) uuid values and all starts wi... by fishmong3r Explorer in Splunk Search 03-03-2023 0 7	0	7
In my index vital metrics, how can i find host status ( which can take up or down values)? Hi Community In my index vital metrics how can i find host status ( which can take up or down values) Up when host is... by chimell1 Explorer in Splunk Search 03-03-2023 0 3	0	3
Splunk search for identifying the list of unauthorized user from the authorized users db lookup table? We have a list of authorized user who have to specific Database and created a lookup table name "Authorized_list.csv"... by dbuddha2020 Engager in Splunk Search 03-03-2023 0 2	0	2
Does splunk support Reactive Programming in Java/Spring? Hi team,Currently, I'm in project to work with Splunk.The project is building with Spring boot and Webflux Reactive P... by nguyenminh7891 New Member in Splunk Search 03-03-2023 0 0	0	0
How to remove "Date & Time Range" from time picker using HTML code? I have a time picker in one of my dashboards and want the time picker to only display "Date Range". I have been succ... by bhavlik Path Finder in Splunk Search 03-03-2023 0 3	0	3
Why is appendcols not working aligning values correctly? Hi! I'd like to know if someone can help me with this: I have 4 saved searches that gives back counts for WTD (Week-t... by Dyana_a Explorer in Splunk Search 03-03-2023 1 5	1	5
How to calculate downtime or time difference within a custom date time range This is in continuation to my query(resolved) here - Solved: How to check time difference between a series of e... - ... by sh254087 Communicator in Splunk Search 03-03-2023 0 7	0	7
Can I use search head to enhance searching speed? I am newbie in splunk.I would like to enhance the searching speed.I am using a splunk instance in a VM (Master) that ... by Raymond2T Path Finder in Splunk Search 03-03-2023 0 5	0	5
How to start and stop a search based on certain criteria? Short Description In short we have a particular search that we want to run during a specific period, and we want that... by jhilton90 Path Finder in Splunk Search 03-03-2023 0 2	0	2
How do I show only field values that are missing from one of the 2 splunk searches? I have 2 eventsEvent1: Document uploaded <documentId>Event2: Document viewed <documentId> I have generated a common "... by shruthibm New Member in Splunk Search 03-02-2023 0 2	0	2
Export results from KV lookup file in Lookup editor? Hi There, I would like to export the results of kv lookup file in a lookup editor, but the results after exporting... by smanojkumar Contributor in Splunk Search 03-02-2023 0 10	0	10
Alerts not Finalizing- Is there a way to find out why it's getting stuck? I've got an issue with a scheduled alert that keeps going to finalizing but never stops (if this happens on the weeke... by alucarddjin Path Finder in Splunk Search 03-02-2023 0 0	0	0
Exclude results from lookup table in search I have a lookup table with Scheduled Tasks called Scheduled_Tasks, and only one column in it called "Task_Name". Thi... by tromero3 Path Finder in Splunk Search 03-02-2023 0 3	0	3
How to make table from key-value series? HI, I have this table with one column and 3 rows (could be more as this is a search result) and ther could be also mo... by fechnert Explorer in Splunk Search 03-02-2023 0 7	0	7
Trying to split the message text in a Windows event log We are collecting Windows 2008R2 Printer server logs and have identified event_id = 307 as the log that contains info... by ssemone New Member in Splunk Search 03-02-2023 0 6	0	6
Will increasing Elasticsplunk application timeout resolve this error? HelloI am currently managing a hybrid between Splunk and ELK (Elastisearch Logstash Kibana). Logs supporting syslog... by splunkcol Builder in Splunk Search 03-02-2023 0 1	0	1
How do I find this string? my string is "abcdxyz\|11.2.0000\|56\|12120\|32\|1005\|15\|32\|7742\|5\|54\|336\|446\|203473<" above string is string in huge... by ajit4242 Engager in Splunk Search 03-02-2023 0 7	0	7
Calculate total and percentage of Incidents? Hi friends, I am trying to get total resolved incidents, open incident and total incidents each day. I am getting t... by priya1926 Path Finder in Splunk Search 03-02-2023 0 1	0	1
Why does Stats command ocassionally produces job search components in results? I have the following stats search: index=servers1 OR index=servers2 DBNAME=DATABASENAME source="/my/log/source/*"... by splunkkitty Path Finder in Splunk Search 03-02-2023 0 8	0	8