Splunk Search

Community Activity

	How to extract multiple attribute name value pair from XML? Hi, Our system holds XML logs and the way it is structured, some of values are held inside a common set of name/value... by Astro Engager in Splunk Search 11-21-2022 0 1	0	1
	How to perform two lookups with same table and two different lookup fields? I am having trouble getting this to work. I have a lookup table with 4 columns: A,B,C,D ======= 1,a,,, ,,2,b I want ... by the_wolverine Champion in Splunk Search 11-21-2022 0 4	0	4
	How to compare a column with multiple columns in Splunk and highlight the cell not matching with red? I am trying to compare a static column(Baseline) with multiple columns(hosts) and if there is a difference I need to ... by vrmandadi Builder in Splunk Search 11-21-2022 0 4	0	4
	How to join two consecutive events and their _time fields? I have a log file with events that indicate activities in a server. I am interested in the Login and Logout activiti... by PrisonMike Explorer in Splunk Search 11-21-2022 0 7	0	7
	How to see a difference between previous month to this month? I have a simple search which is satisfaction_date=0 OR close_date=0 AND status=8 in the previous month. I now have a ... by vishalduttauk Communicator in Splunk Search 11-21-2022 0 2	0	2
	Set attribute for all elements having a certain ID when 2 values are availabe witin the elements having this id Hi everyone,I try to set an attribute to true for all elements having a certain ID, when 2 defined activities are ava... by lukas1 Explorer in Splunk Search 11-21-2022 0 2	0	2
	How to extract specific field based on another field in a nested json array? I have below json data: {<!-- -->"source": "Mule","sourcetype": "_json","index": "metrics","event": [{<!-- -->"date": "2022-11-19T13... by ashish_boss Explorer in Splunk Search 11-21-2022 0 10	0	10
	How to extract specific data from a value? Hello, I would like to extract specific values from a log and display it in my Dashboard. For example, the value is: ... by msarkaus Path Finder in Splunk Search 11-21-2022 0 3	0	3
	Rex removing a sub string is not working? Hi, Been banging my head on this brick wall for a while so reaching out for some of expertise. Seems pretty straightf... by johnnybillyd Explorer in Splunk Search 11-21-2022 0 4	0	4
	How to convert SHA1 value to integer with base 16? Hi ,, i am looking for the way if i could convert sha1 value to integer with base 16 to do the further arithmetic ope... by aps New Member in Splunk Search 11-21-2022 0 3	0	3
	How to perform mathematical operations on two saved search results I have two saved search reports with below outputs.saved search 1 (totalCountByClient) giving client_name, totalCount... by Splunk_321 Path Finder in Splunk Search 11-21-2022 0 1	0	1
	Why is collect command not writing correct results to summary index? Hi Everyone, I am using the collect command to write data in summary index and it is giving the values properly when ... by Splunk4 Explorer in Splunk Search 11-20-2022 0 4	0	4
	How to split a time period into hourly intervals? index="dummy" url="https://www.dummy.com" status="200 OK" \| stats count by id \| where count > 10 If I apply... by jtest372 Explorer in Splunk Search 11-20-2022 0 8	0	8
	How to separate string with regex? Hi! I would like to separate the field Privilegio \|---------------------------\|------------------------------------... by m0rt1f4g0 Explorer in Splunk Search 11-19-2022 0 3	0	3
	How can I remove duplicate from multiple columns at once? Paranumber Name 95929 Magnolia Jones Sr. 35716 Leslie Streich 99265 Magnoli... by marceldera Explorer in Splunk Search 11-19-2022 0 3	0	3
	How to combine or merge two or more fields? Hi. How do I combine these two fields, since the username is similar?The result of my query is the following: user ... by m0rt1f4g0 Explorer in Splunk Search 11-18-2022 0 2	0	2
	How to search weekly trending for the past 30 days? I have this query index = tenable sourcetype="tenable:io:vuln" state!=fixed eventtype="*" \| dedup dns_name plugin.id ... by marceldera Explorer in Splunk Search 11-18-2022 0 2	0	2
	How to Group and count values by group? I have a table like below: Servername Category Status Server_1 C_1 Completed Ser... by rpradeep Path Finder in Splunk Search 11-18-2022 0 4	0	4
	Timechart RAM or CPU usage by Linux process 1. There will be 2 separate charts: CPU usage by process, and RAM usage by process.2. Sometimes more than one instanc... by mxanareckless Path Finder in Splunk Search 11-18-2022 0 1	0	1
	How to search field output? I am VERY new to splunk so please bear with me. I have a search, index=vulnerability "list of packages installed on ... by David_M Explorer in Splunk Search 11-18-2022 0 2	0	2
	How do you combine a pair of 2 fields into a column? I need to create a Dashboard with below columns from below event data. I couldn't able to get "Status" column valu... by anu41 Explorer in Splunk Search 11-18-2022 0 6	0	6
	Can someone help me with stats dc with subsearch? Let's say we have couple of fields in our dataset (called my_dataset) : event_time, event_type, user, field1 and fiel... by cbrbkrm Loves-to-Learn in Splunk Search 11-18-2022 0 1	0	1
	Why doesn't my post process search work when using timechart command? hello Why doesn't my post process search work when using timechart command? <search id="cap"> <query> `... by jip31 Motivator in Splunk Search 11-17-2022 0 17	0	17
	How to search string abc/efg in log using multiselect field? Hi, Splunkers, I want to search string like abc/efg in my log using multiselect field. I directly defined this ... by wangkevin1029 Communicator in Splunk Search 11-17-2022 0 2	0	2
	How to test if a lookup does exist? Hi Splunkers, I want to create a macro that will be looking inside a lookup file, but in a way that will not break th... by vagnet Explorer in Splunk Search 11-17-2022 0 4	0	4