Splunk Search

Community Activity

	Why when I use mvzip , mvexpand, mvindex(split, the first 4 fields keep repeating? index="main" sourcetype="vrea" \| eval nested_payload=mvzip(info, solution, "---") \| mvexpand nested_payload \| eval ... by karu0711 Communicator in Splunk Search 11-28-2022 0 2	0	2
	Splunk Java SDK - help with query time range? I'm using Java SDK to query splunk. I'm getting proper results when I don't give time range to the search query. But ... by arunstg1 New Member in Splunk Search 11-28-2022 0 6	0	6
	MaxMind DB Usage (more than just City): How to store and link DBs? All, Hopefully I have this in the correct location, I'm still new to all of this. Anyway, we have a subscription to M... by frog22 Explorer in Splunk Search 11-28-2022 0 6	0	6
	How to join three sources without join? Hi everyone, I want to join 3 sources from the same inidex. The Problem is, that with join i lose Date because im o... by Splunk_User2806 Explorer in Splunk Search 11-28-2022 0 8	0	8
	How to perform a regex where grouping multiple lines to a single field/value? below is the value of a field. what i would like to do is do a regex where i would output node# + temperature. ex... by tha_ghost99 Path Finder in Splunk Search 11-28-2022 0 10	0	10
	Why are Cisco Textmail timestamps not parsing correctly? Hi we have a heavy forwarder with the Splunk_TA_cisco-esa app and a props.conf as below: TIME_FORMAT=%y>%b %d %H:%M:... by datablkellyp New Member in Splunk Search 11-28-2022 0 1	0	1
	Is it possible to get data in via python script or read file? Hello Splunk Community I have a python script that checks a certain family of cisco devices that tells me if the ... by eholz1 Builder in Splunk Search 11-28-2022 0 8	0	8
	Timechart, how to display value of field without function? index="redis" sourcetype="csv" total_commands_processed="*" \| timechart span=5m total_commands_processed In the searc... by Chaser Explorer in Splunk Search 11-28-2022 0 2	0	2
	Dynamically sort field by specific order? Hi Splunk community,I have an excel file that sorts a field at certain order and possibly changes over timeThe excel ... by boxmetal Path Finder in Splunk Search 11-28-2022 0 1	0	1
	How to find differences between two saved searches based on a common field? I have two saved searches 1) Metrics-Location-Client -- Gives LocationId, Client_Name as output 2) Matched-Locations... by Splunk_321 Path Finder in Splunk Search 11-27-2022 0 1	0	1
	How to achieve sum of two fields excluding null fields? Hi, can any one help me how to get splunk query for below requirement. index="abc"\| search "message"="Exit" \| search ... by monicateja Explorer in Splunk Search 11-27-2022 0 3	0	3
	How to parse and extract field from my raw data? I Have a log like this, how do I Parse it into fields?? Is there a way to use Splunk to parse this and extract one ... by imam28 Engager in Splunk Search 11-27-2022 0 10	0	10
	How to convert msDS-UserPasswordExpiryTimeComputed in date? Hi, From splunk search how to convert "msDS-UserPasswordExpiryTimeComputed" value recover from AD in date ? I wish to... by Stitif Observer in Splunk Search 11-27-2022 0 5	0	5
	What is the quickest way to find 100 max values of "Q" on huge log file? Hi What is the quickest way to find 100 max values of "Q" on huge log file? here is my query: index="myindex" \| re... by indeed_2000 Motivator in Splunk Search 11-27-2022 0 8	0	8
	Does rex have an impact on my search performance? Hi I have couple of rex on my search query that not use anywhere. now question is does it have negative impact on my ... by indeed_2000 Motivator in Splunk Search 11-27-2022 0 1	0	1
	Increasing UI timeout in LDAP Group configuration I am trying to increase the "Network Socket timeout" in the LDAP group configuration. I tried modifying parameters as... by sdkp03 Communicator in Splunk Search 11-26-2022 0 0	0	0
	Rest API - Returning 401 Unauthorized I'm getting a 401 Unauthorized error no matter what I try, when trying to access the REST API. I've tried with curl a... by scriv Explorer in Splunk Search 11-26-2022 0 17	0	17
	Is it possible to make the data source used by the dashboard conditional on the dropdown choice? I know with Splunk Dashboard Studio, conditional dashboard on dropdown choice aren't a possibility anymore, but is it... by MPJ44 Loves-to-Learn Everything in Splunk Search 11-26-2022 0 2	0	2
	How to efficiently expand json array entries? I have a scenario where i want to expand the field and show as individual events. Below is my query, which works fine... by Splunk_321 Path Finder in Splunk Search 11-25-2022 0 1	0	1
	How to create new columns from results? I'm trying to create table with the top 5 results split into columns, so that I can have multiple results per line, g... by CyberMage Engager in Splunk Search 11-25-2022 0 1	0	1
	Help with Search != litsearch --- In 'litsearch' there are extra unwanted key=value statements We are spending a tremendous amount of time tuning our search structures lately. One thing we have run across in our ... by dural_yyz Motivator in Splunk Search 11-25-2022 0 2	0	2
	Splunk DS deletes props.conf on universal forwarder Hello,I use Splunk as Indexer and deployment server und I have one universal forwarder installed. I'm getting an erro... by alpeen_splunk Explorer in Splunk Search 11-25-2022 0 3	0	3
	How to create search for date field? Hello splunk lovers!i want help with date field and i want fast. i have field, format example: data_started 01.01.20... by splunk_enjoyer Explorer in Splunk Search 11-25-2022 0 1	0	1
	What regex to use to remove \\ form the hostname fields? Hi All, I have a hostname stating \\sent134 I need to remove this \\ using regex and it should be like this: sent134... by SabariRajanT Path Finder in Splunk Search 11-25-2022 0 2	0	2
	How to group results and list common occurrences by time? I have the following data: { "remote_addr": "1.2.3.4", "remote_user": "-", "time_local": "24/Nov/2022:09:55... by guywood13 Path Finder in Splunk Search 11-25-2022 0 3	0	3