Splunk Search

Community Activity

	Okta Data - Appending to lookup table question I have 5 separate endpoints for our Okta environment that I'm pulling into Splunk. The data is all event driven so if... by jpsheridan Engager in Splunk Search 01-31-2023 0 1	0	1
	How do I refine this search to use 'my_report_date' instead of _time? Hi all - I'm attempting to write a query using earliest/latest based off a date field in the event, not _time. I've t... by mistydennis Communicator in Splunk Search 01-31-2023 0 1	0	1
	How to combine field values into singular value? I feel like there's a simple solution to this that I just can't remember. I have a field named Domain that has 13 val... by michaeler Communicator in Splunk Search 01-31-2023 0 2	0	2
	How can I combine multiple fields with a common name results in to single column? How can I combine multiple fields results in to single column with common name for example Test1, Test2, Test3 and so... by satyaallaparthi Communicator in Splunk Search 01-31-2023 0 1	0	1
	How do I force a timestamp to be recognized as UTC in a query for strptime? I have a datasource that passes the time as a string like the following: "2018-08-07T17:38:16.352" This string is ... by briancronrath Contributor in Splunk Search 01-31-2023 0 9	0	9
	Network Toolkit: How to ping hosts from a search I have a search that gives me a column with hostnames host A B C I am trying to use the network toolkit application... by rohitmaheshwari Explorer in Splunk Search 01-31-2023 0 3	0	3
	How to reverse a real-time query to it's original alert/report/dashboard? Hi guys. I'm currently working to fix all "real-time" jobs running on my company and I came across one job that I can... by NizanCohen Explorer in Splunk Search 01-31-2023 0 2	0	2
	Is it possible to get user details from the _configtracker index? Hello I've been looking at the new _configtracker index and I would like to know how I could get the User details ass... by ewanbrown967 Engager in Splunk Search 01-31-2023 0 3	0	3
	How to create raw field? Hello everyone, I have next one task: I want to collect (with collect command) information which I got after stats. P... by bosseres Contributor in Splunk Search 01-31-2023 0 1	0	1
	How to change status of the above message to success status? I have a message in my events like below "Main function executed successfully." I need to change status of the above ... by Renunaren Loves-to-Learn Everything in Splunk Search 01-31-2023 0 2	0	2
	Why is data summary not displaying? When I am click on my data summary, it is not displaying anything just showing Any suggestions?Thanks. by akankshayadav Path Finder in Splunk Search 01-30-2023 0 4	0	4
	How to group by multiple fields? Hi everyone, I'm kinda new to splunk. I have two indizes: Stores events (relevant fields: hostname, destPort) ... by erikschubert Engager in Splunk Search 01-30-2023 0 3	0	3
	How to inner join with field subtraction on two fields part of different searches? Hi, I am using inner join to form a table between 2 search, search is working fine but i want to subtract 2 fields in... by batham Explorer in Splunk Search 01-30-2023 0 2	0	2
	Why error in parsing pass4SymmKey under shclustering stanza? While pushing the application from deployment server to search head1 it gives me this error after entering the below ... by vibh458 New Member in Splunk Search 01-30-2023 0 5	0	5
	Error in 'eval' command: unexpected character at 86400 Hi All, On the internal logs i see this eval command error - ERROR EvalCommand - Error in 'eval' command: The express... by inventsekar SplunkTrust in Splunk Search 01-30-2023 0 6	0	6
	Combine 2 or more strings based on a comman field Hi I am tracking service requests and responses and trying to create a table that contains both requests and response... by batham Explorer in Splunk Search 01-30-2023 0 2	0	2
	How to filter IIS Logs with 80 and 443? Hi Team, We have a requirement to filter out the events from the IIS logs if the event contains ""GET / - 80 -" OR "G... by anandhalagaras1 Contributor in Splunk Search 01-30-2023 0 11	0	11
	Adding SLA compliance percentage Hi All, Need some guidance for calculating SLA Achieved percentage column. This is how my results look like after ru... by neerajs_81 Builder in Splunk Search 01-30-2023 0 5	0	5
	How to filter for total number of users on an appliance? For Cisco I used the filter below, I will need to add filters for whatever view I am looking for. I want to look up t... by Anthony3rd Explorer in Splunk Search 01-30-2023 0 6	0	6
	How to find last value of multivalue field (Split and mvindex)? I have a URL field and need to find the last word (split by "/") Ex: URL 1: xxx/yyy/ServiceNameURL 2 : aaa/bbb/ccc/dd... by Krishna_Sridhar New Member in Splunk Search 01-30-2023 0 4	0	4
	How to calculate time difference using ctime? Hi All, I have a very simple use case and that is to display the time difference between 2 fields that already have t... by neerajs_81 Builder in Splunk Search 01-30-2023 0 5	0	5
	How to get last login from multiple date ? please help,i used _time from date log, and i using time from windowstime, but i tried substraction bot of them not r... by riposan Explorer in Splunk Search 01-30-2023 0 3	0	3
	How to display only subsets of data from correlated sendmail log transactions? The sender and recipient information I need from Unix/Linux "sendmail" logs is contained in separate lines in the se... by mailwimp Engager in Splunk Search 01-29-2023 0 4	0	4
	How to use regex to send events to NullQueue? Hi, How to use regex to send all events related to fw_rule=0 and from a sensor sensor=abcd-f01 to null queue? samp... by kiran331 Builder in Splunk Search 01-29-2023 0 10	0	10
	Is there any configuration/way to merge two or more events into one ? I was trying to send data through Splunk HEC (Http event Collector).curl http://ip:8088/services/collector -H "Author... by neelpatel02 New Member in Splunk Search 01-29-2023 0 1	0	1