Splunk Search

Community Activity

	How to use multiple join commands in single search? Hi Friends, My current query: index = pg_idx_whse_prod_events host="*" sourcetype= PG_ST_PROBE_DATA source="/opt/redp... by Jagadeesh2022 Path Finder in Splunk Search 12-07-2022 0 5	0	5
	Search Job Investigation after search with no results shows "None"? Hello, the following search index=index1 message_type=query NOT ([\|inputlookup lookup1 \| fields ip_address \|re... by avoelk Communicator in Splunk Search 12-07-2022 0 2	0	2
	How to join two savedsearches based on a column and do a time comparison? I have two savedsearches savedsearch1: \| basesearch \| stats count by _time, LocationId savedsearch2: \| basesearch \| c... by Splunk_321 Path Finder in Splunk Search 12-07-2022 0 6	0	6
	How can I convert it to splunk time format? Hi, I have a field in the logs like below 2022-12-07T08:40:14.253180536 How can I convert it to splunk ti... by ajayrathore Loves-to-Learn in Splunk Search 12-07-2022 0 1	0	1
	Why does ITSI Service Analyzer not show anything? I get troubleshoot following splunk.doc but it s not working. Anyone have any solutions. by jacknguyen Path Finder in Splunk Search 12-07-2022 0 0	0	0
	How to achieve a field extraction from json events? Hi, Could you help in extracting the fields from this json events. sample json event1 {"type":"akamai_siem","format":... by balu1211 Path Finder in Splunk Search 12-06-2022 0 1	0	1
	Help with SPL for report generation? Hello Splunkers!! I need the results as per the below format. I have tried some SPL but not achieved with the expecte... by uagraw01 Motivator in Splunk Search 12-06-2022 0 0	0	0
	How to extract this field? Hi extract the field sample data : "tag":AKAMAI/WAF/ Thanks.. by balu1211 Path Finder in Splunk Search 12-06-2022 0 18	0	18
	How to achieve stats count eval chart? Dear Splunk community: I have the following search query: <BASIC_SEARCH> \| chart count by path_template, http_statu... by djoobbani Path Finder in Splunk Search 12-06-2022 0 2	0	2
	How to find a alert/dashboard running from a query in the jobs page? Hi all. I have a running query I see on the jobs page on Splunk but I cannot find the related alert/dashboard it's co... by NizanCohen Explorer in Splunk Search 12-06-2022 0 2	0	2
	What is the different between line exist in file and events of Splunk? Hi I've index a 12MB file in splunk but have different between line of file and event of splunk file = 114,475 ... by indeed_2000 Motivator in Splunk Search 12-06-2022 0 8	0	8
	How to make a field extraction with field with and without ':'? Hi, I am struggeling with field extractions. I have two fields that I want to extract. But the problem is sometimes... by Mike6960 Path Finder in Splunk Search 12-06-2022 0 4	0	4
	How to calculate difference between multiple fields? Hi Splunk experts - I have an unusual math problem on my hands and I'm not sure how to deal with it. We are trying to... by mistydennis Communicator in Splunk Search 12-06-2022 0 6	0	6
	Alerts that go on waiting status causes next alerts to not trigger? Hello, We have several alerts which occasionally go in status waiting (correponding jobs) and stay like that. Then t... by damucka Builder in Splunk Search 12-06-2022 0 0	0	0
	How to use "original" search value if map has no result? Hi Splunkers, I use many alerts where the result contains the username. Then a map search looks for this user, in the... by norbertt911 Communicator in Splunk Search 12-06-2022 0 3	0	3
	How to calculate through bin command ? Hi all,I would like to use bin command to make the demo data sets into 10 bins according to Exe_time and list Substag... by Jouman Path Finder in Splunk Search 12-06-2022 0 5	0	5
	Can I use lookup for whitelisting based on 2 columns? I have to whitelist fields based on 2 columns in a lookup, but the second column has multiple values.So we have to wh... by izzie123 Path Finder in Splunk Search 12-06-2022 0 1	0	1
	Compatible issue with the app Whois- are there any alternatives? Hi, I am looking for alternative app like WHOIS app(excute a whois lookup on the given domain/given ip) from splunkba... by balu1211 Path Finder in Splunk Search 12-05-2022 0 0	0	0
	How to count hits per minutes? My search is not working. I want to get Hit per minutes like this But my search dont have any about that: by jacknguyen Path Finder in Splunk Search 12-05-2022 0 2	0	2
	Using wild card in table column formating I want to change the column cell background based on the value, but I also want to use a wild card.Example Field valu... by splunkuser320 Path Finder in Splunk Search 12-05-2022 0 3	0	3
	How to combine index queries from different field names? I have two indexes: IndexA has a `thisId` field. IndexB has fields `otherId` and `name`. I want to write a query whic... by cclva Explorer in Splunk Search 12-05-2022 0 3	0	3
	Why do match and like not working for some users? Hello Splunkers!!We have a dashboard which works on the loadjob. When users try accessing the dashboard, they are get... by Manasa_401 Communicator in Splunk Search 12-05-2022 0 4	0	4
	How to extract, kv pair from jvm_cmd value & print those in Splunk search? raw event {... "jvm_cmd":"bin/java -Dp -Dp1=v1-Dp2=v2 -Dq -Dp3=v3 ..."} How to extract, kv pair from jvm_cmd value & ... by pmittal Engager in Splunk Search 12-05-2022 0 13	0	13
	How to marry lookup table and index data? Hello Champs I've index data table change records errors B221205A1090B221205B14800B221205C33360B221205D25818 I also h... by splunklearner99 Engager in Splunk Search 12-05-2022 0 1	0	1
	How to send alert via nlp and bot? Hi Need to send alert like machine investigate something and after that send alert. I mean something like gptchat tal... by indeed_2000 Motivator in Splunk Search 12-05-2022 0 0	0	0