Splunk Search

Community Activity

	How to search user concurrent logins on unique hosts? I'm hoping to get some help or direction. I have seen a few different forum posts where the search pulled how many co... by jayygee3 Engager in Splunk Search 01-12-2023 0 2	0	2
	How to calculate days between 2 dates? Hi, Not sure what the issue is. I got the solution from the other answers, but it's not working for me.I am getting d... by splunkuser320 Path Finder in Splunk Search 01-12-2023 0 1	0	1
	How to create an alert if index have no data in the last 24 hours? I want to create alert to check on all indexes event count and alert the list of all indexes that have no events in t... by Neonbeeflash Explorer in Splunk Search 01-12-2023 0 4	0	4
	How to create new field with values from a search that uses values of current field? I have a search that outputs a table like below user \| host \| app------------------------------------- ... by buttsurfer Path Finder in Splunk Search 01-12-2023 0 3	0	3
	Help with Regex extraction 2023-01-09T16:46:00.780076351Z app_name=default-java environment=e3 ns=one pod_container=default-java pod_name=defaul... by siksaw33 Path Finder in Splunk Search 01-12-2023 0 4	0	4
	How to append the result of a search to values of a multivalued field? I have a SPL search that returns a field with multiple values (names of lookups). I want to concat the lookup name a... by buttsurfer Path Finder in Splunk Search 01-12-2023 0 2	0	2
	How to use fit command together with foreach? I would like to fit an ARIMA model to my data with a search something like this: <base search>\| timechart span=5m avg... by Wonjon Observer in Splunk Search 01-12-2023 0 0	0	0
	Can I resolve this splunk dashboard index auto refresh / resync issue? hi all, we are creating one dashboard having two tables , in that we have set different folder locations for monitor... by pp3295 Explorer in Splunk Search 01-12-2023 0 6	0	6
	Using 'like' to find lookup fields which contain the current day of the week (%A) Hey all, I'm attempting to compare a variable (we'll call it cDOW), which is set to (strftime(now(), "%A")), to a DO... by TBH0 Explorer in Splunk Search 01-11-2023 0 5	0	5
	How to organize search substrings into LookUp tables? HelloI have a Splunk query that looks like following: index=something "abc" OR "def" OR "hig" These substrings... by pm771 Communicator in Splunk Search 01-11-2023 0 2	0	2
	Converting UTC to PST time on events? Some of my events are displaying UTC time while others display PST time, as they should since I have my preferences s... by dionrivera Communicator in Splunk Search 01-11-2023 0 3	0	3
	When do breaker characters apply? I have read the documentation about breaker characters, but within our organization there is disagreement about when ... by mv10 Path Finder in Splunk Search 01-11-2023 0 3	0	3
	How to dedup non-overlapping fields in separate sources? I have two different sources with different fields. Let's call them sourcetypeA and sourcetypeB. Some fields that I... by yuanliu SplunkTrust in Splunk Search 01-11-2023 0 1	0	1
	How to iterate over the values of a complex field? The event has a field: { ... some_field: { key1: value1 key2: value2 } ... } How to iterate over the values of "s... by Evgenii Engager in Splunk Search 01-11-2023 0 3	0	3
	Not able to use JSON fields in search This is my sample eventonlinequoteinguser 2023-01-11T10:27:13,843 INFO DigitalPortal.xxxeSubmissionUtil{"hostName": "... by sabari80 Explorer in Splunk Search 01-11-2023 0 2	0	2
	Why am I receiving error trend stats with multiple error codes from each event? Hi All, I am trying to tabulate the error ratio based on the following scenarios from the unique log event but furth... by kumar497 Path Finder in Splunk Search 01-11-2023 0 13	0	13
	How to remove Search Results from lookup file? Hi All, I have a search with a subsearch that references a lookup file test.csv with a single field. "Account_Name". ... by Splunkadmin1876 Engager in Splunk Search 01-11-2023 0 2	0	2
	Take latest unique values from multivalue field and the corresponding values from another multivalue field? Hi, suppose I have a multi-value field which represents names, which can have different values in each event. for exa... by TalNiv New Member in Splunk Search 01-11-2023 0 3	0	3
	How to search JSON data for specific values? I have a JSON file I am trying to search for a specific value - EventType=GoodMail - and then pull the values from an... by jwalzerpitt Influencer in Splunk Search 01-11-2023 0 10	0	10
	Regex to match string between 2 strings? Hi, I have below splunk command: \| makeresults \| eval _raw="The first value is 0.00 and The second value is 0\",\"ori... by sasank Explorer in Splunk Search 01-11-2023 0 3	0	3
	How to search to organize vpn tunnel status table? Good morning\afternoon\evening community! I've met an issue with detecting vpn tunnel interface statuses which is ide... by zen1tsu Loves-to-Learn Lots in Splunk Search 01-11-2023 0 3	0	3
	Counting the number of responses and displaying in a pie chart. Hi, I'd like to count the number of responses by the following status codes: 2xx, 4xx and 5xx. I'm basically countin... by wjz New Member in Splunk Search 01-11-2023 0 3	0	3
	How to multisearch using values from more than one lookup? I have two lookupsRLQuotas: Endpoint, Endpoint Name, filter, quota, WindowRLFilters: Attribute, filterI want to loop ... by amitrinx Explorer in Splunk Search 01-10-2023 0 1	0	1
	Count all events matching field value? My data looks something like this The status can be either SUCCESS or FAILED, I want to count the total number of ev... by sjs Path Finder in Splunk Search 01-10-2023 0 2	0	2
	How does anomalousvalue work in my search? I'm trying to implement a search query in splunk to get anomalous values around a particular field in the service eve... by sharsmail Engager in Splunk Search 01-10-2023 0 3	0	3