Splunk Search

Discussions

Thread Info

Is there a way to match this and produce result with both uri_path and api_name?

My Access logs: server - - [date& time] "GET /google/page1/page1a/633243463476/googlep1 HTTP/1.1" 200 350 85rex query...

by Communicator in

How to change timechart default Y axis default scale?

Hi，Splunkers, I have a timechart, which have value for count by VQ less than 10, but default y axis scale...

by Communicator in

How to refer a eval reference in rex to change the group name dynamically?

How to use eval reference in rex command. Here is what I have tried so far: MyMacro: myrextest(1) |...

by Loves-to-Learn in

How to use rex to create a field and using lookup to inject the data in the same field?

I am using rex field to extract the field name and then inject the data so I can get only the desired fields but not ...

by Communicator in

How to group two field and count content?

Hi, I have table below then I need to grouping field and need to eval (+ )the value become below table ...

by Explorer in

Why am I having this issue Parsing Vulnerability Data?

Community, I am attempting to retrieve events in Splunk regarding Tenable vulnerability data. The goals are as fo...

by Path Finder in

How to convert tabular data to a specific format?

Hello,I've the following tabular formatted data: How can I achieve the following: Thanks in adv...

by Path Finder in

How to create a timechart to show only when values change for a particular field?

Hello Splunkers , I want to know if we can create a timechart that will show only values when they change ..I...

by Builder in

How to align events returned by two separate searches in a table?

Reference post https://community.splunk.com/t5/Splunk-Search/How-to-align-events-returned-by-two-separate-searche...

by Explorer in

How to use lookup table to make a filter?

hello, i would like to make a filter with an index field named "host", that means this field has to be different o...

by New Member in

How to export events as JSON format?

Hi All, I am trying to export events in JSON format, and I am able to do it, and getting events like the one below...

by Path Finder in

How to perform chart command with two multifield columns in the table?

I performing the chart command for the below kind of table. Command : [|Chart values(course) as course ove...

by Explorer in

How to get eval command to display results with X days before current date?

Hi All, i have a field "last_seen" which shows date in the below format . My requirement is to compare today's dat...

by Builder in

How to pick the specific log time?

Hi all, My lead give some task .To create a table, we have lot of source type ... source type have the different s...

by Explorer in

How to create a regex for a log file which contains multiple values throughout the log which required same field name?

Hello Team,This is the first time I am posting a question and hope that I have explained it thoroughly. I am tryin...

by Loves-to-Learn in

Is there a way to use rex to divide api name?

I have an access logs which prints like thisserver - - [date& time] "GET /google/page1/page1a/633243463476/googlep1?s...

by Communicator in

Is there a dedup command to remove events that have same timestamp?

hello guys, Is there any way that I could remove duplicate events that have same timestamp using this below search...

by Explorer in

mvfind can't see spaces and parenthesis

I'm trying to use where(isnotnull(mvfind(mvfield,field))) to search to see which records are part of a list. The fiel...

by Explorer in

Is there an existing grammar of the SPL language that can be used with ANTLR4?

Hi Splunk Community, I am interested in parsing Splunk searches and I am hoping that somebody here can point me to ...

by Engager in

Why can't values of fields from field extractions be searched as expected?

Hi there, I created multiple field extractions, extracting values from different sourcetypes into the same field: ...

by Path Finder in

How to format when fields match between multiple sources and loop through items?

Hi All, Below is the sample data looks like. sourcetype_1 s1_field1: 123 s1_field2: { { ID: 2 Na...

by Explorer in

How to get standard deviation of daily maximum over x days per event criteria?

Gudde Muergen!I'm quite new to Splunk, so I'm having difficulties figuring out how to do this search properly. Her...

by Observer in

Help with below query

100 * sum([x]) / sum([y] - [z])

by Path Finder in

Is there any advice or suggestions for a project that focuses on setting up a NOC for a network of operators?

Salut vous allez bien j esper alors j'aimerai avoir des conseils ou des uggestion pour un projet qui porte sur la mis...

by New Member in

How to get average value of fields?

hi all, i have some events with a field called RUNTIME for each job. how can i get the average value of RUNTIME f...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Is there a way to match this and produce result with both uri_path and api_name?

How to change timechart default Y axis default scale?

How to refer a eval reference in rex to change the group name dynamically?

How to use rex to create a field and using lookup to inject the data in the same field?

How to group two field and count content?

Why am I having this issue Parsing Vulnerability Data?

How to convert tabular data to a specific format?

How to create a timechart to show only when values change for a particular field?

How to align events returned by two separate searches in a table?

How to use lookup table to make a filter?

How to export events as JSON format?

How to perform chart command with two multifield columns in the table?

How to get eval command to display results with X days before current date?

How to pick the specific log time?

How to create a regex for a log file which contains multiple values throughout the log which required same field name?

Is there a way to use rex to divide api name?

Is there a dedup command to remove events that have same timestamp?

mvfind can't see spaces and parenthesis

Is there an existing grammar of the SPL language that can be used with ANTLR4?

Why can't values of fields from field extractions be searched as expected?

How to format when fields match between multiple sources and loop through items?

How to get standard deviation of daily maximum over x days per event criteria?

Help with below query

Is there any advice or suggestions for a project that focuses on setting up a NOC for a network of operators?

How to get average value of fields?

Aligning Observability Costs with Business Value: Practical Strategies

Mastering Data Pipelines: Unlocking Value with Splunk

Splunk Up Your Game: Why It's Time to Embrace Python 3.9+ and OpenSSL 3.0

How to show the line when its value is NULL with ...

Search for triggered save searches and their actio...

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Using Machine Learning Toolkit to detect auth abus...

Splunk Search

Are you a member of the Splunk Community?

Discussions