Splunk Search

Community Activity

Configure the triggered action datadog events and slack? I configured the Splunk triggered actions slack and datadog events but I am getting only slack notification but datad... by rajababu Observer in Splunk Search 01-02-2023 0 0	0	0
Help with Splunk Transaction dealing with multiple startwiths and single endswith events? I have run across an edge case dealing with some f5 data. Some times a nodes down can be reported one or more times ... by jphillips24744 Loves-to-Learn in Splunk Search 12-31-2022 0 1	0	1
How can I display only certain lines in a search? Hello all,I have the problem that I can read the data only from Error: of the line to the first character {<!-- -->The error ... by sascha Engager in Splunk Search 12-30-2022 0 2	0	2
How to create a search string that can count the number of occurrences for the prefixes on [txn_key]? Hi, I am having the following output: [txn_key] field2 field3 status thread [time1] time2 time3 status2 [IDMS-TJ_TJG... by jugarugabi Path Finder in Splunk Search 12-30-2022 0 2	0	2
Splunk User Report Hi Happy Holidays to everyone.Am trying to get user report. The system is Linux. The report must or should have the ... by woodlandrelic Path Finder in Splunk Search 12-29-2022 0 3	0	3
How to add inputlookup file in the query Hi ,I have uploaded the lookupfile with application host and hostip details in the splunk.i am not sure where to add ... by Harish2 Path Finder in Splunk Search 12-29-2022 0 1	0	1
Can I input multiple percentage value and list them into separated panels ? Hello!I got trouble to find a way to provide panels for user-input percentage on raw events.User can input 90, 75, 50... by Jouman Path Finder in Splunk Search 12-29-2022 0 0	0	0
How to use 'AND' keyword in Transaction command Hi,I want to use 'AND' keyword either in startsWith or in endsWith.<<search>> \| transaction startsWith="some text" AN... by sasank Explorer in Splunk Search 12-29-2022 0 1	0	1
Search to find where one date field starts before another Hi there,I have a search where I want to see where one date field is the same or starts before another but my search ... by vishalduttauk Communicator in Splunk Search 12-29-2022 0 2	0	2
Identify a sequence of events on the consecutive change of value of a field HiWe index the accesses made on a filer. For each action on a file, events are generated and indexed in Splunk.The co... by vburgun Engager in Splunk Search 12-29-2022 0 2	0	2
How to create a multi time chart of key value property? Hi, I have the following events in Splunk {<!-- --> "field1": "something", "execution_times": {<!-- --> "service1": 100, "se... by mskala Explorer in Splunk Search 12-29-2022 0 4	0	4
delete events from specific time hey, im trying to delete events that got into the system on a specific time range.i see the events when i use splunk ... by dorbi Explorer in Splunk Search 12-29-2022 0 3	0	3
How to make stats count result value become filters in search/dashboard Hi,I need to call the result value as a filter. like this table below, the second value on column RecipientDomain wil... by b1211ry Explorer in Splunk Search 12-29-2022 0 4	0	4
How do I allow percentage and block percentage for each top 50 ip? I use splunk to collect aws waf log and use below search command to get the top 50 of client ip for http request. now... by ethanxu1130 New Member in Splunk Search 12-28-2022 0 4	0	4
How can I calculate Percentage for multiple fields? I am trying to get percentage value fields for multiple fields by time, and fields are dynamic. How can I calculate? ... by punithsj96 Explorer in Splunk Search 12-28-2022 0 4	0	4
Contains "is null" with if command I have all_ip filed that contains all my ips.now I want to split it to public ip and private ip:public_ip, private_ip... by Shakira1 Explorer in Splunk Search 12-28-2022 0 2	0	2
How to compare 2 different rows using count? Hi guys, Can you please help me , I am trying to create a query in which it shows if a user is in a different locati... by villnooB Explorer in Splunk Search 12-28-2022 0 5	0	5
Comparison with lookup cidrmatch? Hello everyone, I got several fields in search result (name, ip_src). Now I have lookup with 2 columns: namesubnetna... by bosseres Contributor in Splunk Search 12-28-2022 0 2	0	2
Finding a match in lookup multivalue field? Hi Splunk community, I have a lookup containing a list of allowed departments as the following vendorallowed_departme... by boxmetal Path Finder in Splunk Search 12-27-2022 0 3	0	3
How to avoid duplicate values in search? Hi all, I am very new to Splunk and trying to learn it. Following is my JSON: {<!-- --> TrainID=AA11 TrainDat... by chetanN Loves-to-Learn Lots in Splunk Search 12-27-2022 0 2	0	2
Like function not working with where condition? Hi all, I am trying to run a basic search where I am trying to print table based on where and like() condition. But i... by chetanN Loves-to-Learn Lots in Splunk Search 12-27-2022 0 5	0	5
How to update a lookup file in Splunk from Phantom? How to update a lookup file in splunk from Phantom? by yadavameeth Engager in Splunk Search 12-27-2022 1 5	1	5
How to get only matching block values from nested json? Hi all, To give a problem background, I am trying to run a map command inside a search to get some values. THE JSON I... by chetanN Loves-to-Learn Lots in Splunk Search 12-27-2022 0 1	0	1
How to group same values into one value? Good day, how to group results of a same filed value into one fileld value from below table i have a field box-name... by sekhar463 Path Finder in Splunk Search 12-27-2022 0 4	0	4
How to remove null entries from search results? i have been using this query but couldn't be able to remove null rows, please help me index=Window_wash \| rex field=... by Aj01 Path Finder in Splunk Search 12-26-2022 0 4	0	4