Splunk Search

Community Activity

How to fix Error when adding trusted domain lists to Splunk? Hi all, I have created a dashboard incorporating few external domains I am receiving the error message like the dash... by balu1211 Path Finder in Splunk Search 12-13-2022 0 2	0	2
How to create alternative for subsearch? I have a search with a subsearch. I run into the limitations of the maximum results (50.000) Now Ia m trying to figur... by Mike6960 Path Finder in Splunk Search 12-13-2022 0 6	0	6
Why does Splunk change date format from 2022-12-04 to 2022/12/04 when exporting to .csv? Hi All, I am unsure if this question has been answered already - I couldn't see it. I have a time field in Splunk t... by CDel Explorer in Splunk Search 12-13-2022 0 6	0	6
How to to update hour of a timestamp variable? Hi, I'm looking for a way to change the hour of a time variable Exemple : myTime="2022-11-20 05:23:42" and I want myT... by mxh7777 Path Finder in Splunk Search 12-13-2022 0 1	0	1
How to search and sort based on dynamic value? Hi, I am new to splunk and have a requirement where i have to search the logs which are on 100 servers and i have to ... by batham Explorer in Splunk Search 12-13-2022 0 3	0	3
How to filter out event from outbound mail log having "Attachment" field contains file extension ".txt,.html,.jpg,.png"? Looking for Splunk query to filter out event if "Attachment" field having extension .txt or .html or .jpg or .png if ... by Abhineet Loves-to-Learn Everything in Splunk Search 12-13-2022 0 3	0	3
BotS - Error in 'lookup' command: Could not find all of the specified destination fields in the lookup table Hi, I am doing Boss of the SOC v1 and I stuck on question, where I need to use lookup. I imported .csv file ad here a... by suspense Explorer in Splunk Search 12-13-2022 0 5	0	5
How to convert epoch time to a desired time zone? Hifrom below events how to convert epoch time to a desired time zonewant to convert LAST_START="1670326641", LAST_END... by sekhar463 Path Finder in Splunk Search 12-13-2022 0 14	0	14
Why doesn't search return result when I list a field of a lookup? I was trying to join a group of documents with a list of users that I had in a lookup, and the search return me resul... by juanda667 Engager in Splunk Search 12-12-2022 0 1	0	1
How to calculate session times from large data set? I'm analysing VPN connection logs to produce a report of the count of staff working from home for longer than 6 hours... by eddieddieddie Path Finder in Splunk Search 12-12-2022 0 6	0	6
How to find the ips hitting the index waf? To find the ips hitting the index waf by client ip, if the hitting ips present in lookup table 2 have to be exclude... by balu1211 Path Finder in Splunk Search 12-12-2022 0 5	0	5
How to hide submit button in Dashboard Studio? Hi, In the old XML dashboards we used to have the "x" to close the submit buttons of inputs: Whereas in Dashboard st... by fulvibus Engager in Splunk Search 12-12-2022 0 2	0	2
How to make a table from search history, where time presets were queried by all_time or long diaposone? Hello, Splunk lovers!I have some questions What i want: 1. i want to make a table from search history, where time pre... by splunk_enjoyer Explorer in Splunk Search 12-12-2022 0 1	0	1
How to achieve row count until data changes in column? I have a table with 3 columns: _time, type and action\| makeresults count=10\| eval type = "typeA"\| eval action = if((r... by michael_vi Path Finder in Splunk Search 12-12-2022 0 2	0	2
How to represent interface wise success and error bar chart on a single dashboard? I want to represent interface wise (DFOINTERFACE) success and failure success log below, where completed successfull... by avikc100 Path Finder in Splunk Search 12-12-2022 0 5	0	5
How to make a dashboard of the last three month of avg cpu load? i want to make a dashboard of last 3 month of avg cpu load and max cpu load For example:dec= 320dec=10dec=40dec=90nov... by chandankr Path Finder in Splunk Search 12-12-2022 0 1	0	1
How to log file aggregator on centralized log server? Hi I have 3 servers that generate log file daily with size about 12GB (12*3=36GB) How can I gather these files on cen... by indeed_2000 Motivator in Splunk Search 12-12-2022 0 7	0	7
Need help on Splunk search for if else condition hi All, can someone help on the splunk search eval condition based on below scenario using fields Actualstarttime an... by sekhar463 Path Finder in Splunk Search 12-12-2022 0 1	0	1
How to create a table? HI, I want to make the log below in the form of the table below. What should I do with the spl? [log ex] 14:39:19.... by minpd0309 Explorer in Splunk Search 12-12-2022 0 1	0	1
How to convert time format? Hello Splunk Lovers! i have date format 202211131614220000 and i want convert this format to readble for Splunk i sho... by splunk_enjoyer Explorer in Splunk Search 12-11-2022 0 3	0	3
How to have a search look for a match between one field's values and different lookup table field? My objective is to make a search that compares the dest_ip field value of outbound traffic with the ip values in a lo... by tminicoz Engager in Splunk Search 12-11-2022 0 2	0	2
How to get dynamic source name from a request? Hi Folks , I am new to splunk and trying to get dynamic source value from the response, here is my query: index="it... by batham Explorer in Splunk Search 12-11-2022 0 2	0	2
What is this introspection? Hi, Just upgraded to Splunk 6.1.1 and I noticed a new process running (introspection) and a new index (which, btw, is... by a212830 Champion in Splunk Search 12-11-2022 6 3	6	3
Using inputlookup as vlookup in a Subsearch I have the following main search: index=utm sys=SecureNet action=drop \| eval protocol=case(proto==1, "ICMP", proto==... by NapalmYourMom Observer in Splunk Search 12-11-2022 0 2	0	2
How to extract domain and top level domain? Dears I need your help in extracting the domain and top level domain from dns queries where: Query Field ... by moayadalghamdi Path Finder in Splunk Search 12-11-2022 0 2	0	2