Splunk Search

Discussions

Thread Info

Returning results that match one search but not another

I have the following query working in SQL and am struggling to get a working Splunk query that will return the same r...

by Engager in

How to search for url fields that only contain IP address

I'm trying to do a search that will show me only IP address for the field url, example = sourcetype=fakename url=(...

by Path Finder in

Reason field using multiple criteria

Hello all, I trying to get a reason field to generate based on field values as to why a system is showing up in a re...

by Path Finder in

Return previous row when record matches

I have a log that contain records for tables processed in a database. For each table, a log entry is added showing th...

by Engager in

Search bash_history

Adhoc search of bash_history files and attempting to just pull out listing of commands regardless of the timestamp va...

by Explorer in

Average Failed Logins by Day of Week For Last 90 Days

Greetings, The search I am using currently is giving me the total number of failed logins by day of the week for th...

by Path Finder in

transpose and xyseries

Hi, I have search results in below format in screenshot1. I need that to be the way in screenshot 2. I used transpo...

by Contributor in

How to compare counts on two different indexes on fields

I have two indexes and it has similar fields and need to compare counts on these two indexes. For example Index A...

by Path Finder in

Why my search is return no result ?

Hi, I have a search like this applied on many queries : index="abs" field1="aaa" field2="bbb" | eval dummy="tru...

by Builder in

Need your help to create the dashboard for the below request

Hi community,Good Day...! Need your help to create dashboard for all the notables which are all in the in-progress ...

by Path Finder in

Subtracting constant from field element-wise

Hello, i have a field and i want to generate a new field that is the old field but its mean subtracted. Example: ...

by Explorer in

How to set the Trend indicator to show the increase and decrease in count over the period.

Hi Everyone, I have one dashboard which consists of several panels . Like LOGIN,TIMEOUT. I want to display the Tr...

by Builder in

Assign result of a subsearch to a token in an <eval> dashboard XML tag

It's possible to assign the result of a subsearch to a field with the eval command as can be seen in the following sn...

by Explorer in

Getting a record which does not have a particular event

Hi, I am trying to filter out unique request which does have a particular event. For instance, each request can go ...

by New Member in

Adobe CQ5 Request.log parsing?

Generally web and app server record the response times along with URL, http status code, etc in the access.log. CQ5 h...

by New Member in

How to separate data from Security_ID field when capturing local accounts created/added to the local admin group?

Hello, I am trying to test on a single host and this search may be completely wrong and would appreciate any assis...

by Explorer in

How to customize legend on choropleth map?

Hello folks, Please help me figure out how to customize the legend values of my choropleth map. I'd like to get the...

by Engager in

Observing 30 mins dip in my Splunk Graph

Hi, I'm observing dip in OHS Graph in splunk for every 30 mins. Why i'm seeing dip in graph every 30 minutes. Is ...

by Loves-to-Learn Lots in

What is the best way to do calculations for individual values in multiple columns?

Hi! i have the following table: Com-JunCom-JulCom-AugJunJulAug331257113253 Can i add the values of each colum...

by Path Finder in

Files not show in the Results will need be show in the results with Status=pending

index=XXXX sourcetype=XXXX ("filename1" OR "filename2" OR filename3) | rex "(?<status>passed) request\=\[\/\w+\/(?...

by Explorer in

Splunk Search

Discussions

Returning results that match one search but not another

How to search for url fields that only contain IP address

Reason field using multiple criteria

Return previous row when record matches

Search bash_history

Average Failed Logins by Day of Week For Last 90 Days

transpose and xyseries

How to compare counts on two different indexes on fields

Why my search is return no result ?

Need your help to create the dashboard for the below request

Subtracting constant from field element-wise

How to set the Trend indicator to show the increase and decrease in count over the period.

Assign result of a subsearch to a token in an <eval> dashboard XML tag

Getting a record which does not have a particular event

Adobe CQ5 Request.log parsing?

How to separate data from Security_ID field when capturing local accounts created/added to the local admin group?

How to customize legend on choropleth map?

Observing 30 mins dip in my Splunk Graph

What is the best way to do calculations for individual values in multiple columns?

Files not show in the Results will need be show in the results with Status=pending

We've made .conf21 totally virtual and totally FREE! Our completely online experience will run from 10/19 through 10/20 with some additional events, too!

Learn More or Register Now >

How to exclude combinations of values in lookup fr...

stats and join not working in map search

Using Machine Learning Toolkit to detect server la...

Filter events based on the time range(day of week)...

Detect abnormalities with splunk

Splunk Search

Discussions

We've made .conf21 totally virtual and totally FREE! Our completely online experience will run from 10/19 through 10/20 with some additional events, too! Learn More or Register Now >

We've made .conf21 totally virtual and totally FREE! Our completely online experience will run from 10/19 through 10/20 with some additional events, too!

Learn More or Register Now >