Splunk Search

Community Activity

	Dedup not removing results that are duplicates Hi All!Had a look around but couldn't find an answer to this. I'm trying to do a search where I track a users log in ... by Southy567 Explorer in Splunk Search 03-01-2023 0 1	0	1
	How to extract rex specific data from Splunk log? We have a rule engine that assigns category codes to items. The category codes are assigned per location. We want to ... by AnirbanG Loves-to-Learn Lots in Splunk Search 03-01-2023 0 5	0	5
	How to perform splunk subsearch through Splunk java SDK? how to perform splunk subsearch through splunk java SDK by kanurag1795 Engager in Splunk Search 03-01-2023 0 1	0	1
	What is the Default bucketing time and retention policy? Hello to all I would like to know the default time set for hot, warm, cold and frozen buckets. I also want to know wh... by splunkcol Builder in Splunk Search 03-01-2023 0 0	0	0
	Help searching IIS/W3C log for parent URL? We're indexing a set of standard IIS W3C logs into our indexer and have a need to obtain a list of the parent sites f... by marshallsuk Engager in Splunk Search 03-01-2023 0 1	0	1
	What is the difference between $user$ and user=$user$ ? Hello, I can see in many Use Cases examples that tokens are using alternately in drill down searches:$user$ and user=... by suspense Explorer in Splunk Search 03-01-2023 0 2	0	2
	How to add multiple email addresses in Splunk Alert based on field value? Hello Splunkers, How can we send email to multiple email addresses using Splunk alert? I saw below documentation in ... by whitefang1726 Path Finder in Splunk Search 03-01-2023 0 3	0	3
	How to start time calculation for each transaction? Hi , I have a splunk log where we have End time and time to Serve Requst (in Millisec).i want calculate Start ti... by xp001975 Explorer in Splunk Search 02-28-2023 0 14	0	14
	How to extract local user account in Splunk from syslog messages in unix audit.log? How to extract local user account in Splunk from syslog messages in unix audit.log?Thanks by LearningGuy Motivator in Splunk Search 02-28-2023 0 1	0	1
	How to write Timechart for search with binary value result? Hi I have a field, mode, which returns either returns data or is None (mode_true, mode_false). I'm trying to search a... by mrf23 Explorer in Splunk Search 02-28-2023 0 4	0	4
	How to create alert if there is no data from an extracted field? Hello Splunkers , I am trying to schedule an alert when there is no data from a particular field which is extracted f... by power12 Communicator in Splunk Search 02-28-2023 0 4	0	4
	Why can't I search field values created in eval? I have a field called "Node_ID" that I extracted from another field "issue" that is formatted as N1234. There were so... by michaeler Communicator in Splunk Search 02-28-2023 0 1	0	1
	How to search to find disabled alert? Hi!I'm using Splunk cloud. Trying to create alert to catch event when someone disabling alert.Need advice on the sear... by kimberlytrayson Path Finder in Splunk Search 02-28-2023 0 6	0	6
	How to extract field from source field? I am trying extract "user20" from rest of "_9a4ab75c_239_process.log". tried multiple ways but unable to separate th... by ravir_jbp Explorer in Splunk Search 02-28-2023 0 1	0	1
	How to perform splunk search for local account in the openstack tenant (and audit) logs ? How to perform splunk search for local account in the openstack tenant (and audit) logs ?Thanks by LearningGuy Motivator in Splunk Search 02-28-2023 0 3	0	3
	How to retrieve data from Splunk dashboard and display results in Java Spring boot applications using SplunkSDK/ ..? How can we retrieve the data from Splunk dashboard and display the results in Java Spring boot applications using Spl... by kanurag1795 Engager in Splunk Search 02-28-2023 0 1	0	1
	Lookup using temporary dataset? I'm trying to add a lookup to enrich results returned from a 'simple' search. The search command I'm using [and I ha... by Mick_OBrien Path Finder in Splunk Search 02-28-2023 0 5	0	5
	How to randomly join two sets of data? Hi, I have a query where I am first getting 3 fields from an index ("A", "B", "C") describing tasks to be completed a... by POR160893 Builder in Splunk Search 02-28-2023 0 17	0	17
	Why the error capturing using regex? Hi Alli have been trying to capture the error split up and ratio from the following sample log event which probably n... by kumar497 Path Finder in Splunk Search 02-28-2023 0 7	0	7
	How to eval calculate time since event? I'm trying to add a "Downtime" field to my table. The timestamp on the event isn't reliable because it is when the is... by michaeler Communicator in Splunk Search 02-28-2023 0 6	0	6
	Please help to setup alert? index=* ("ORC from FCS completed" OR "ORC from SDS completed." OR "ORC from ROUTER completed") namespace IN ("dk1692-... by bhaskar5428 Explorer in Splunk Search 02-28-2023 0 13	0	13
	How to iterate through a result set inside the dashboard? Hello, inside my dashboard I have a multi select input. The options in this field are determined by a query, which is... by DaDave Engager in Splunk Search 02-28-2023 0 1	0	1
	How to remove json key value pairs from events log data Splunk search events returns json format log data. I want to remove a particular key:value pair since the value of th... by ayushram Observer in Splunk Search 02-27-2023 0 4	0	4
	How to rename search results obtained in stats? I have the following query created: index=my_idx source=mySource \| stats count by sourceTopic Which gives me ... by Nidd Path Finder in Splunk Search 02-27-2023 0 2	0	2
	Need a dropdown and when i select one option only that related panels should display rest all panels should not display? Need a dropdown and when i select one option only that related panels should display rest all panels should not displ... by Vani_26 Path Finder in Splunk Search 02-27-2023 0 2	0	2