Splunk Search

Community Activity

Need help to extract field from raw Please find the below attached screenshot and data sample i need to create 5 felids problem statement - old splunk qu... by bhaskar5428 Explorer in Splunk Search 04-04-2025 0 5	0	5
Combining multiple events from downloading external document into a reportable event This has been scratching my head. I'm working on dashboards on user activity on our application. Multiple dashboards ... by DarthHerm Explorer in Splunk Search 04-04-2025 0 6	0	6
Merging local into default using git? I would like to periodically merge stuff in /local into /default and then delete whatever is in /localI have a reposi... by dominiquevocat SplunkTrust in Splunk Search 04-04-2025 4 31	4	31
ISE Logging Hello,I wanted to filter Cisco ISE Logging Activities by authentication, authorization, and accounting.So far, I've b... by netmart New Member in Splunk Search 04-04-2025 0 4	0	4
Regular Expression HI , I want to extract purple part. But Severity can be Critical as well .[Time:29-08@17:52:05.880] [60569130] 17:52:... by Siddharthnegi Contributor in Splunk Search 04-04-2025 0 2	0	2
regular expression hello , i want to extract purple highlighted part.[Time:29-08@17:53:03.562] [60569219] 17:53:03.562 10.82.10.245 loca... by Siddharthnegi Contributor in Splunk Search 04-04-2025 0 2	0	2
What are your best patterns for handling stats by multiple groupby sets? I often run into a case where I find I need to take the same dataset and compute aggregate statistics on different gr... by w564432 Explorer in Splunk Search 04-03-2025 0 4	0	4
use stats instead Hi Community, can someone please help me by using stats instead of join for this search?\| rest /services/authenticati... by hank72 Path Finder in Splunk Search 04-03-2025 0 6	0	6
How to use append to work like Inner join I have two searches and I only want to find rows which has common MessageID . Currently it is returning extra row be... by Punnu Path Finder in Splunk Search 04-03-2025 0 5	0	5
Locate Changes to Field and Count Them Hello Splunk Community,I need to find out how many upgrades were performed to systems and unsure how to best proceed.... by enb_splunk Engager in Splunk Search 04-02-2025 0 3	0	3
Type of Fields command Hello all,I am trying to understand the type of fields command.Documentation says it is a "distributable streaming" w... by meshorer Path Finder in Splunk Search 04-02-2025 0 8	0	8
Get all events in a 1-minute time window around an error events I have a stream of logs from a system.To filter for errors, I can perform a search like so:index=project1 sourcetype=... by db2 Explorer in Splunk Search 04-02-2025 0 9	0	9
Find what is using a lookup table. I've got a question about lookup tables, and how to audit them.I have a rather large lookup table that's being recrea... by JJCO Engager in Splunk Search 04-02-2025 0 2	0	2
Splunk upgrade on AIX machine Hi,I'm fairly new to AIX and I have been tasked with upgrading our customers version of SPLUNK from 9.0.1 to 9.4.1, t... by dannyuk New Member in Splunk Search 04-02-2025 0 2	0	2
Count of requests processed by each API service per minute. Hi I am working on below query to get Count of requests processed by each API service per minuteindex=np source IN ("... by nithys Communicator in Splunk Search 04-02-2025 0 2	0	2
Search in lookup with subsearch- bug ? Hi, there,I'm simplifying the context:We've had a perfectly working correlation rule for several years now, and for t... by Treize Path Finder in Splunk Search 04-02-2025 0 14	0	14
Trying to download splunk logs using python script using bamboo when running my bamboo paln i am unable to generate splunk log json file this is log build 02-Apr-2025 11:57:27 /home... by Hemanth35 New Member in Splunk Search 04-02-2025 0 1	0	1
Search head error in Email action Hi Team, We have 2 search head cluster, and few reports scheduled with email action, reports running on one search he... by bhupalbobbadi Path Finder in Splunk Search 04-01-2025 0 1	0	1
How can i use my global_time token in an averaging search Maybe a dumb question but its been making me mad, maybe im overthinking it. I have a very simple search:index=poc cha... by tkwaller1 Path Finder in Splunk Search 04-01-2025 0 8	0	8
knowledge bundle Hi Base, what is the impact when the content of $Splunkhome$/var/run/searchpeers will be deleted? In an installation... by ndcl Path Finder in Splunk Search 04-01-2025 1 11	1	11
ES8 + Mission Control Usage rest API Hello everyone,We have recently started using ES8 with Mission Control and we would like to use Mission Control's API... by Nico99 Explorer in Splunk Search 04-01-2025 0 1	0	1
Time field value not getting returned from inner search index=aws* Method response body after transformations: sourcetype="aws:apigateway" business_unit=XX aws_account_alias... by Punnu Path Finder in Splunk Search 03-31-2025 0 3	0	3
case eval only showing 1 result I've scowered the internet trying to find a similar issue with no avail. \| rex field=userRiskData.general "do\:(?<dev... by Damndionic Engager in Splunk Search 03-31-2025 0 1	0	1
find change in url category. Hello Experts, looking for query where i can find list of urls blocked today which were allowed yesterday under dif... by abhijeets Explorer in Splunk Search 03-31-2025 0 1	0	1
more in depth info on itsi_summary index Hello Experts, Is there any document available which can give me more in-depth knowledge about itsi_summary index. by abhijeets Explorer in Splunk Search 03-31-2025 0 1	0	1