Splunk Search

Community Activity

Help with search for week event analysis Hello Team, I have used to ask the same question in my previous ask :https://community.splunk.com/t5/Splunk-Search/Ho... by uagraw01 Motivator in Splunk Search 11-10-2022 0 6	0	6
How can I optimize my query ? I have the following query with multiple joins and using max=0 which is not giving me all results as I think the size... by vrmandadi Builder in Splunk Search 11-10-2022 0 3	0	3
How to split a column into two based on condition? Hi all, Pls consider this subset of data,... - Date - Fruit - Seller - Bad_count - ...11/8 - Apple - X - 311/8 - Appl... by shreyp Explorer in Splunk Search 11-10-2022 0 13	0	13
Error The expression is malformed. An unexpected character is reached at '<> triggered only in Splunk v 8.2.2112.1 Hi,We are running Splunk on 3 EnvironmentsEnv#1 is Splunk Cloud v 8.2.2112.1Env#2 is Splunk Cloud v 9.0.2208.3Env#3 i... by mlevsh Builder in Splunk Search 11-10-2022 0 2	0	2
Using CIDRMatch with a lookup of range IP Hello community,I have a query returning result with an IP address value (src_ip).I used to add a line to match some ... by aymane96 Engager in Splunk Search 11-10-2022 0 2	0	2
How to split up a string into multiple fields? Hi, let's say there is a field like this: FieldA = product.country.price Is it possible to extract this value into 3 ... by HeinzWaescher Motivator in Splunk Search 11-10-2022 2 9	2	9
Dedup vs. Stats performance Hi Splunkers! Some days ago, one of my colleagues told me that "if you want to delete duplicates on your search, usi... by faguilar Path Finder in Splunk Search 11-10-2022 5 5	5	5
How to get list from inputlookup and run search on this smaller list? Hi All, I have a SPL query that runs on an index , sourcetype which has milions of jobnames. I want to my SPL to read... by mihir_hardas Explorer in Splunk Search 11-10-2022 0 10	0	10
How do I join a search with a list of jobnames from a file DepC_listofjobs.csv? How do I join a search with a list of jobnames from a file DepC_listofjobs.csv. This file has only one column which h... by mihir_hardas Explorer in Splunk Search 11-10-2022 0 3	0	3
How to format _time column to display only month name Hi i have a column _time getting displayed in the results due to timechart used in the query. Its currently getting d... by sudeep5689 Explorer in Splunk Search 11-10-2022 0 4	0	4
How to avoid excessive memory usage error? Hello,I am performing a search in Splunk Cloud but I am getting the following error, does anyone know how to resolve ... by Neonbeeflash Explorer in Splunk Search 11-10-2022 0 0	0	0
Can I use Splunk's anomaly detection in MLTK to enable ops folks to identify recent unusual log messages? I want our operations folks to be able to quickly see which unusual log messages have started showing up. That is rat... by tlevine New Member in Splunk Search 11-10-2022 0 1	0	1
Importing error code reasons from URL to Splunk query Hi all.My company is working with GlobalScope and I wish to enter their error code description to Splunk.As of right ... by NizanCohen Explorer in Splunk Search 11-09-2022 0 1	0	1
Why is my chart overlay not working? Hi, I need to overlay two values in one chart with a common X axis and a Y axis on either side chart 1 - column cha... by namritha Path Finder in Splunk Search 11-09-2022 0 6	0	6
What regex to use to drop everything after the last occurrence of a symbol? Hi Splunk Community, I am working on a regex to filter the sources I am getting from logs. I am trying to drop everyt... by jpfrancetic Path Finder in Splunk Search 11-09-2022 0 3	0	3
Filtering out part of a value? Hi all. I'm working with a FTP server which include a session number with each status and I wish to exclude the sessi... by NizanCohen Explorer in Splunk Search 11-09-2022 0 6	0	6
How to use extract using rex command? "Context":"{"user id":"jane.doe.sen", "Expense Date":"11/10/2022", How to use extract this rex command? to come ... by wvsgo215 Engager in Splunk Search 11-09-2022 0 1	0	1
How to use Wildcards with eval, stats, and count? Hello! I have a field called "Customers Email" and I wanted to get a count of all the emails that end in .gov, .edu, ... by cdson Explorer in Splunk Search 11-09-2022 0 2	0	2
Way to exclude results from Values() based on # returned? I'm trying to do a search to find IPs trying to login in using multiple usernames (using Duo). I have it working ver... by JR_Akaviri Engager in Splunk Search 11-09-2022 0 2	0	2
Align all values of a table to the left (for PDF export) Hello, I am currently trying to create a table on which every value, whether number or string, is aligned to the lef... by ckunath Communicator in Splunk Search 11-09-2022 0 8	0	8
How to dedup in a search with a Lookup table? I have a working search that uses a look up, that is like this: index=MyIndex [\| inputlookup MyCSVFile \| stat... by earriaga Path Finder in Splunk Search 11-09-2022 0 1	0	1
How to combine two field values into one field from a .csv file? Hello! I have a csv file where there are two fields called "Customers First Name" and "Customers Last Name". I was ... by cdson Explorer in Splunk Search 11-09-2022 0 2	0	2
Why do transforming commands not work after upgrade to Splunk 8? Hello, I have recently upgraded from Splunk 7 to Splunk 8.2.4. After the upgrade, I noticed that some transform co... by sistemistiposta Path Finder in Splunk Search 11-09-2022 0 23	0	23
How to search duration of job? Hi, I am trying to build a query where I need Job duration. Each job could run multiple time and its start/end time ... by AKG11 Path Finder in Splunk Search 11-09-2022 0 3	0	3
How to change timestamp value on old data in an index? Hi there, I have a requirement where I have a large number of events which was uploaded on the 4th November but that ... by vishalduttauk Communicator in Splunk Search 11-09-2022 0 7	0	7