Splunk Search

Community Activity

	How to create new field with values from a search that uses values of current field? I have a search that outputs a table like below user \| host \| app------------------------------------- ... by buttsurfer Path Finder in Splunk Search 01-12-2023 0 3	0	3
	Help with Regex extraction 2023-01-09T16:46:00.780076351Z app_name=default-java environment=e3 ns=one pod_container=default-java pod_name=defaul... by siksaw33 Path Finder in Splunk Search 01-12-2023 0 4	0	4
	How to append the result of a search to values of a multivalued field? I have a SPL search that returns a field with multiple values (names of lookups). I want to concat the lookup name a... by buttsurfer Path Finder in Splunk Search 01-12-2023 0 2	0	2
	How to use fit command together with foreach? I would like to fit an ARIMA model to my data with a search something like this: <base search>\| timechart span=5m avg... by Wonjon Observer in Splunk Search 01-12-2023 0 0	0	0
	Can I resolve this splunk dashboard index auto refresh / resync issue? hi all, we are creating one dashboard having two tables , in that we have set different folder locations for monitor... by pp3295 Explorer in Splunk Search 01-12-2023 0 6	0	6
	Using 'like' to find lookup fields which contain the current day of the week (%A) Hey all, I'm attempting to compare a variable (we'll call it cDOW), which is set to (strftime(now(), "%A")), to a DO... by TBH0 Explorer in Splunk Search 01-11-2023 0 5	0	5
	How to organize search substrings into LookUp tables? HelloI have a Splunk query that looks like following: index=something "abc" OR "def" OR "hig" These substrings... by pm771 Communicator in Splunk Search 01-11-2023 0 2	0	2
	Converting UTC to PST time on events? Some of my events are displaying UTC time while others display PST time, as they should since I have my preferences s... by dionrivera Communicator in Splunk Search 01-11-2023 0 3	0	3
	When do breaker characters apply? I have read the documentation about breaker characters, but within our organization there is disagreement about when ... by mv10 Path Finder in Splunk Search 01-11-2023 0 3	0	3
	How to dedup non-overlapping fields in separate sources? I have two different sources with different fields. Let's call them sourcetypeA and sourcetypeB. Some fields that I... by yuanliu SplunkTrust in Splunk Search 01-11-2023 0 1	0	1
	How to iterate over the values of a complex field? The event has a field: { ... some_field: { key1: value1 key2: value2 } ... } How to iterate over the values of "s... by Evgenii Engager in Splunk Search 01-11-2023 0 3	0	3
	Not able to use JSON fields in search This is my sample eventonlinequoteinguser 2023-01-11T10:27:13,843 INFO DigitalPortal.xxxeSubmissionUtil{"hostName": "... by sabari80 Explorer in Splunk Search 01-11-2023 0 2	0	2
	Why am I receiving error trend stats with multiple error codes from each event? Hi All, I am trying to tabulate the error ratio based on the following scenarios from the unique log event but furth... by kumar497 Path Finder in Splunk Search 01-11-2023 0 13	0	13
	How to remove Search Results from lookup file? Hi All, I have a search with a subsearch that references a lookup file test.csv with a single field. "Account_Name". ... by Splunkadmin1876 Engager in Splunk Search 01-11-2023 0 2	0	2
	Take latest unique values from multivalue field and the corresponding values from another multivalue field? Hi, suppose I have a multi-value field which represents names, which can have different values in each event. for exa... by TalNiv New Member in Splunk Search 01-11-2023 0 3	0	3
	How to search JSON data for specific values? I have a JSON file I am trying to search for a specific value - EventType=GoodMail - and then pull the values from an... by jwalzerpitt Influencer in Splunk Search 01-11-2023 0 10	0	10
	Regex to match string between 2 strings? Hi, I have below splunk command: \| makeresults \| eval _raw="The first value is 0.00 and The second value is 0\",\"ori... by sasank Explorer in Splunk Search 01-11-2023 0 3	0	3
	How to search to organize vpn tunnel status table? Good morning\afternoon\evening community! I've met an issue with detecting vpn tunnel interface statuses which is ide... by zen1tsu Loves-to-Learn Lots in Splunk Search 01-11-2023 0 3	0	3
	Counting the number of responses and displaying in a pie chart. Hi, I'd like to count the number of responses by the following status codes: 2xx, 4xx and 5xx. I'm basically countin... by wjz New Member in Splunk Search 01-11-2023 0 3	0	3
	How to multisearch using values from more than one lookup? I have two lookupsRLQuotas: Endpoint, Endpoint Name, filter, quota, WindowRLFilters: Attribute, filterI want to loop ... by amitrinx Explorer in Splunk Search 01-10-2023 0 1	0	1
	Count all events matching field value? My data looks something like this The status can be either SUCCESS or FAILED, I want to count the total number of ev... by sjs Path Finder in Splunk Search 01-10-2023 0 2	0	2
	How does anomalousvalue work in my search? I'm trying to implement a search query in splunk to get anomalous values around a particular field in the service eve... by sharsmail Engager in Splunk Search 01-10-2023 0 3	0	3
	What's wrong with query not getting data? could someone please let me know where I'm going wrong in my query ?\| spath service_roles{} output=service_role\| stat... by nikhil29 Loves-to-Learn Everything in Splunk Search 01-10-2023 0 2	0	2
	How to set up an Alert when the count exceeds 100 in a week? I am setting up an alert to notify when a message is received more than a 100 times in a week. I figured it out for t... by Rapidz Explorer in Splunk Search 01-10-2023 0 5	0	5
	Count occurrences of string and put them in table row wise? I am trying to find few strings in my search query and count occurrences of them and I want to put them in a two colu... by Vivekmishra01 Explorer in Splunk Search 01-10-2023 0 2	0	2