Splunk Search

Community Activity

	How to remove duplicate values only in one column out of four columns? Hello All, When using the "stats count by column1, column2, column3, column4" I get the below result Existing table... by im_bharath Path Finder in Splunk Search 11-22-2022 0 5	0	5
	Why is the SPL is not removing the 'status' from the output while the below one is ? Hi, I have a question on 'fields' please. sourcetype=* status IN ("200", "400","500") \| fields -status \| stats cou... by SumanPalisetty Path Finder in Splunk Search 11-22-2022 0 2	0	2
	How to separate search results? Hi all, My search results are formatted similar to that of HTML, eg: <last_modified_date>1669004771000</last_modified... by ba_nathan New Member in Splunk Search 11-22-2022 0 1	0	1
	How to combine multiple regex rules into single search query? I have the following search queries: API Error Alert --------------- index=myindex sourcetype=my-app:app \|spath... by alwinaugustin Engager in Splunk Search 11-21-2022 0 2	0	2
	Real-time query with click on table doesn't work? Hello, I have a table with a custom Splunk Query, and a custom Click on an Cell.. work fine if I select to filter a... by fpedrosa Engager in Splunk Search 11-21-2022 0 1	0	1
	How to search using values from another search result? Please help...1st search query is where I get a value from the result. (value can be in either 1 of 3 fields) ind... by iammax Explorer in Splunk Search 11-21-2022 0 5	0	5
	How to extract multiple attribute name value pair from XML? Hi, Our system holds XML logs and the way it is structured, some of values are held inside a common set of name/value... by Astro Engager in Splunk Search 11-21-2022 0 1	0	1
	How to perform two lookups with same table and two different lookup fields? I am having trouble getting this to work. I have a lookup table with 4 columns: A,B,C,D ======= 1,a,,, ,,2,b I want ... by the_wolverine Champion in Splunk Search 11-21-2022 0 4	0	4
	How to compare a column with multiple columns in Splunk and highlight the cell not matching with red? I am trying to compare a static column(Baseline) with multiple columns(hosts) and if there is a difference I need to ... by vrmandadi Builder in Splunk Search 11-21-2022 0 4	0	4
	How to join two consecutive events and their _time fields? I have a log file with events that indicate activities in a server. I am interested in the Login and Logout activiti... by PrisonMike Explorer in Splunk Search 11-21-2022 0 7	0	7
	How to see a difference between previous month to this month? I have a simple search which is satisfaction_date=0 OR close_date=0 AND status=8 in the previous month. I now have a ... by vishalduttauk Communicator in Splunk Search 11-21-2022 0 2	0	2
	Set attribute for all elements having a certain ID when 2 values are availabe witin the elements having this id Hi everyone,I try to set an attribute to true for all elements having a certain ID, when 2 defined activities are ava... by lukas1 Explorer in Splunk Search 11-21-2022 0 2	0	2
	How to extract specific field based on another field in a nested json array? I have below json data: {<!-- -->"source": "Mule","sourcetype": "_json","index": "metrics","event": [{<!-- -->"date": "2022-11-19T13... by ashish_boss Explorer in Splunk Search 11-21-2022 0 10	0	10
	How to extract specific data from a value? Hello, I would like to extract specific values from a log and display it in my Dashboard. For example, the value is: ... by msarkaus Path Finder in Splunk Search 11-21-2022 0 3	0	3
	Rex removing a sub string is not working? Hi, Been banging my head on this brick wall for a while so reaching out for some of expertise. Seems pretty straightf... by johnnybillyd Explorer in Splunk Search 11-21-2022 0 4	0	4
	How to convert SHA1 value to integer with base 16? Hi ,, i am looking for the way if i could convert sha1 value to integer with base 16 to do the further arithmetic ope... by aps New Member in Splunk Search 11-21-2022 0 3	0	3
	How to perform mathematical operations on two saved search results I have two saved search reports with below outputs.saved search 1 (totalCountByClient) giving client_name, totalCount... by Splunk_321 Path Finder in Splunk Search 11-21-2022 0 1	0	1
	Why is collect command not writing correct results to summary index? Hi Everyone, I am using the collect command to write data in summary index and it is giving the values properly when ... by Splunk4 Explorer in Splunk Search 11-20-2022 0 4	0	4
	How to split a time period into hourly intervals? index="dummy" url="https://www.dummy.com" status="200 OK" \| stats count by id \| where count > 10 If I apply... by jtest372 Explorer in Splunk Search 11-20-2022 0 8	0	8
	How to separate string with regex? Hi! I would like to separate the field Privilegio \|---------------------------\|------------------------------------... by m0rt1f4g0 Explorer in Splunk Search 11-19-2022 0 3	0	3
	How can I remove duplicate from multiple columns at once? Paranumber Name 95929 Magnolia Jones Sr. 35716 Leslie Streich 99265 Magnoli... by marceldera Explorer in Splunk Search 11-19-2022 0 3	0	3
	How to combine or merge two or more fields? Hi. How do I combine these two fields, since the username is similar?The result of my query is the following: user ... by m0rt1f4g0 Explorer in Splunk Search 11-18-2022 0 2	0	2
	How to search weekly trending for the past 30 days? I have this query index = tenable sourcetype="tenable:io:vuln" state!=fixed eventtype="*" \| dedup dns_name plugin.id ... by marceldera Explorer in Splunk Search 11-18-2022 0 2	0	2
	How to Group and count values by group? I have a table like below: Servername Category Status Server_1 C_1 Completed Ser... by rpradeep Path Finder in Splunk Search 11-18-2022 0 4	0	4
	Timechart RAM or CPU usage by Linux process 1. There will be 2 separate charts: CPU usage by process, and RAM usage by process.2. Sometimes more than one instanc... by mxanareckless Path Finder in Splunk Search 11-18-2022 0 1	0	1