Splunk Search

Community Activity

Standard Deviation Total Requests Per Day I am attempting to calculate the following:- Total Number "Requests Per Day"- Average/Mean "Requests Per Day"- Sta... by dickersons Explorer in Splunk Search 02-23-2023 0 5	0	5
Expanding data within my eval search index=data severity IN ("critical","high","medium","low")\| eval TopHost =[ search index=tenable severity IN ("critica... by AttarSingh1 Explorer in Splunk Search 02-23-2023 0 1	0	1
How to use comparison logic to add / remove entries from a lookup table? Hello again, my apologies for all of these questions. I have a lookup table called login_sessions.csv which will keep... by mark_cet Path Finder in Splunk Search 02-23-2023 0 6	0	6
Why am I unable to remove rows from csv lookup? Hi Splunk Gurus, I am new to lookups and this community has been a great help. I have a few cases where I can't seem... by userx10j2004 Explorer in Splunk Search 02-23-2023 0 2	0	2
How to compare two fields with current date to raise an alert? Hi all, I'm trying to make a query which is not working as expected could you pls help me out in raising an alert. ... by AL3Z Builder in Splunk Search 02-23-2023 0 7	0	7
Can anyone suggest ideas for Monitoring Phishing attacks? Hi Team, I am a newbie to the Splunk. I have install the Splunk Enterprise in a server and I have installed some of t... by Srini1207 Engager in Splunk Search 02-23-2023 0 0	0	0
Removing Characters After First Space for a Field in Splunk Hello,I have following results like below:HostTypeType Duplicate Field ABCDCoca ColaCoca ColaEFGH7up - Sprite7up - Sp... by CodingMaestro Path Finder in Splunk Search 02-23-2023 0 2	0	2
How to extract data for a portion of the field? Hello Splunk Community, So I have a table that has results like below Name Tom01 Tom02 Tom03 Tom04 ... by CodingMaestro Path Finder in Splunk Search 02-23-2023 0 2	0	2
Why does lookup return null when there are multiple matches? I have a lookup with multiple columns (keys). Some combinations make a unique match, but I need an ambiguous search ... by yuanliu SplunkTrust in Splunk Search 02-23-2023 0 7	0	7
How to correlate list of users based on IP? I am trying to create a report that will take a username(user) and look for the most recent IP address(src_ip) they u... by ff170a Explorer in Splunk Search 02-22-2023 0 2	0	2
How to add host to command in the BY section? \| chart values(Date_Policy) BY Volume,WeekRange, in above command I wanted to add host as well in the BY section but ... by AShwin1119 Explorer in Splunk Search 02-22-2023 0 1	0	1
How to rearrange below numeric columns based on order? Hi, I have to rearrange below columns in below orderi.e. 31-60 Days, 61-90 Days, 91-120 Days,151-180 Days,Over 180 Da... by Ashwini008 Builder in Splunk Search 02-22-2023 0 4	0	4
How come this doesn't work given indexers.csv is a list of Splunk servers with role indexer? How come this doesn't work given indexers.csv is a list of Splunk servers with role Indexer? \| inputlookup indexers.c... by albledsoe Engager in Splunk Search 02-22-2023 0 2	0	2
Dashboard not populating as they have $ symbol in some field values, is there another way? Hello SplunkersI have the following search.The search works fine when running it but when its saved as a panel in a d... by power12 Communicator in Splunk Search 02-22-2023 0 3	0	3
Why does field becomes null when attempting to subtract? I am feeling puzzled. I am trying to take a date, convert it to epoch time, and then subtract a number of seconds fro... by iomega311 Explorer in Splunk Search 02-22-2023 0 3	0	3
Data Models and incomplete source data Greetings,I'm finally tackling the topic of data models within my organization, and am coming across situations I am ... by mjuestel2 Path Finder in Splunk Search 02-22-2023 0 4	0	4
How to check if a value exists in a list of values? Hi,I'm filtering a search to get a result for a specific values by checking it manually this way:.... \| stats sum(val... by sdhiaeddine Explorer in Splunk Search 02-22-2023 0 2	0	2
How to compare data from data model with data from data set? Hello, I have a data model named firewall_logs with firewall data in which the interesting fields are: file_hash, url... by danutmatei Explorer in Splunk Search 02-22-2023 0 0	0	0
Why doesn't my rex code work? Very strange scenario. I'll use a rex statement to retrieve data and it works perfectly. If I copy and paste the rex ... by JBlackberg Engager in Splunk Search 02-22-2023 0 5	0	5
How to join and read input from csv? I've a query index="main" app="student-api" "tags.path"=/enroll "response"=succcess which also gives a trace_id a... by GhanaRusk Engager in Splunk Search 02-22-2023 0 11	0	11
How to create a correlation search that would trigger an alert for a search? I need to create a correlation search that would trigger an alert if it found a match from IPs from: \| inputlookup ip... by Kitag345 Explorer in Splunk Search 02-21-2023 0 1	0	1
How to compare field from one index to multiple field in other index? Good day,I have a usecase explained below -Index A has Reporting_Host (mix of IP address, hostname, FQDN) and Index C... by Navanitha Path Finder in Splunk Search 02-21-2023 0 5	0	5
How to do the opposite of match()? I'm trying to do a DOES NOT match() instead of a match(). http://docs.splunk.com/Documentation/Splunk/6.1/SearchRefer... by thisissplunk Builder in Splunk Search 02-21-2023 1 4	1	4
How to add and divide field results for percentage? I'm trying to figure out the percent of successful authentications from out vulnerability scans. There is a field nam... by atebysandwich Path Finder in Splunk Search 02-21-2023 0 3	0	3
Field Alias Applied to Hostname - Events Matched But No Results? Hi,I am new to Splunk so please forgive me.I had created a field field, where if the hostname contains "-us" then r... by kbarton New Member in Splunk Search 02-21-2023 0 3	0	3