Splunk Search

Community Activity

	How to remove Search Results from lookup file? Hi All, I have a search with a subsearch that references a lookup file test.csv with a single field. "Account_Name". ... by Splunkadmin1876 Engager in Splunk Search 01-11-2023 0 2	0	2
	Take latest unique values from multivalue field and the corresponding values from another multivalue field? Hi, suppose I have a multi-value field which represents names, which can have different values in each event. for exa... by TalNiv New Member in Splunk Search 01-11-2023 0 3	0	3
	How to search JSON data for specific values? I have a JSON file I am trying to search for a specific value - EventType=GoodMail - and then pull the values from an... by jwalzerpitt Influencer in Splunk Search 01-11-2023 0 10	0	10
	Regex to match string between 2 strings? Hi, I have below splunk command: \| makeresults \| eval _raw="The first value is 0.00 and The second value is 0\",\"ori... by sasank Explorer in Splunk Search 01-11-2023 0 3	0	3
	How to search to organize vpn tunnel status table? Good morning\afternoon\evening community! I've met an issue with detecting vpn tunnel interface statuses which is ide... by zen1tsu Loves-to-Learn Lots in Splunk Search 01-11-2023 0 3	0	3
	Counting the number of responses and displaying in a pie chart. Hi, I'd like to count the number of responses by the following status codes: 2xx, 4xx and 5xx. I'm basically countin... by wjz New Member in Splunk Search 01-11-2023 0 3	0	3
	How to multisearch using values from more than one lookup? I have two lookupsRLQuotas: Endpoint, Endpoint Name, filter, quota, WindowRLFilters: Attribute, filterI want to loop ... by amitrinx Explorer in Splunk Search 01-10-2023 0 1	0	1
	Count all events matching field value? My data looks something like this The status can be either SUCCESS or FAILED, I want to count the total number of ev... by sjs Path Finder in Splunk Search 01-10-2023 0 2	0	2
	How does anomalousvalue work in my search? I'm trying to implement a search query in splunk to get anomalous values around a particular field in the service eve... by sharsmail Engager in Splunk Search 01-10-2023 0 3	0	3
	What's wrong with query not getting data? could someone please let me know where I'm going wrong in my query ?\| spath service_roles{} output=service_role\| stat... by nikhil29 Loves-to-Learn Everything in Splunk Search 01-10-2023 0 2	0	2
	How to set up an Alert when the count exceeds 100 in a week? I am setting up an alert to notify when a message is received more than a 100 times in a week. I figured it out for t... by Rapidz Explorer in Splunk Search 01-10-2023 0 5	0	5
	Count occurrences of string and put them in table row wise? I am trying to find few strings in my search query and count occurrences of them and I want to put them in a two colu... by Vivekmishra01 Explorer in Splunk Search 01-10-2023 0 2	0	2
	Is it possible to match a string in a lookup against a keyword? Hi Splunk Community, I wondered if there was any way to match a keyword against a string in a lookup. For example:... by Ker_splunk Engager in Splunk Search 01-10-2023 0 2	0	2
	Configure alert to send email to a certain field value? Hello everyone, I have the following results when running my search: _time use... by evallja Path Finder in Splunk Search 01-10-2023 0 1	0	1
	Why won't If statement evaluate as true? When I place event.code into an if statement, it will not evaluate as true Currently I have this code: index = wind... by anjuliwyles Engager in Splunk Search 01-10-2023 0 2	0	2
	How to chart a delta instead cumulative values? My current project polls a device every 15 minutes to pull a counter which is then charted. Thanks to members here, I... by neilmac64 Path Finder in Splunk Search 01-10-2023 0 16	0	16
	Splunk search to remove duplicated ips? Hi All, Greetings! Need help on splunk query, I have 2 indexes assets and vulns, am trying to build report to analyze... by kpavan Path Finder in Splunk Search 01-10-2023 0 3	0	3
	Are there any use cases for AWS VPC FlowLogs? Currently we are ingesting a big amount of AWS VPC FlowLogs in to the Splunk and I am wondering if there is any usage... by robertisimos Observer in Splunk Search 01-10-2023 0 2	0	2
	Do I need to add create_empty=true and override_if_empty=false? Hello. I'm fairly new to Splunk and SPL so bear with me here. I have the following scenario: I have an existing looku... by finnpalm Explorer in Splunk Search 01-10-2023 0 4	0	4
	Is there any way to have a search only pick up user account logins? Hello everyone, I have a search for after hour logins between 6pm and 6am. Right now I have event codes 4625 and 4624... by Erilope Explorer in Splunk Search 01-10-2023 0 3	0	3
	How to remove ( \" ) characters from search? In few logs I can see escape character is also printed. My rex is working fine when i am testing it on regex101.com b... by MrIncredible Explorer in Splunk Search 01-10-2023 0 4	0	4
	What are the possibilities to achieve Thread Dump & Heap Dump Log Collection? Hi All, I need to collect "Thread Dump" and "Heap Dump" of the application into Splunk. What are all the possibiliti... by ramanan Engager in Splunk Search 01-10-2023 0 1	0	1
	Sending data to Splunk Cloud via intermediate forwarder? I have Splunk UF 7.0.3 that I want to send logs from to Splunk Cloud. However, the UF doesn't support httpout so I a... by jmr44 Explorer in Splunk Search 01-09-2023 0 1	0	1
	How can I get the last index of my target value for a multi-value field ? I want to get the last index of my target value for a multi-value field. For example, idchain1SendMessageCheckMessage... by Jackiifilwhh Path Finder in Splunk Search 01-09-2023 0 12	0	12
	Help with Regex extraction from request please help extract adsId,offerName, currentProductDescription, offerAccountToken, offerType, offerIdentifiermessage=... by siksaw33 Path Finder in Splunk Search 01-09-2023 0 7	0	7