Splunk Search

Community Activity

	How to filter out first instance of a query Hi everyone.I'm doing a query in which I sort it by time according to a variable and then calculate some metrics over... by pedropiin Path Finder in Splunk Search 02-14-2025 0 1	0	1
	Splunk lookup failing, even on itself Running a lookup where I have verified the fields exist and match and its not returning an output field. So, I verifi... by eandres Explorer in Splunk Search 02-13-2025 0 3	0	3
	Need help with SPL for windows logins Hello,I have the below SPL where I am looking to fetch the user accounts that have not logged in for 30 days or more ... by Roy_9 Motivator in Splunk Search 02-13-2025 0 3	0	3
	LIst all universal forwarder hosts sending to an index but limit the host count to 5 HelloI'm looking to modify this search I've found and using. I like the result set but would like to limit the host c... by davidaj Explorer in Splunk Search 02-13-2025 0 4	0	4
	How to get dashboard not accessed by anyone in splunk I am want to get the list of dashboard which is not used by anyone for more than 90 days. i have tired to use the bel... by harishsplunk7 Explorer in Splunk Search 02-13-2025 0 3	0	3
	what is large What is the definition of large? Is it measured in total bytes? Number of records? And in either case how much? by splunkermack New Member in Splunk Search 02-12-2025 0 2	0	2
	Need help with a search with join, append or appendcols Hello, I need help with a search query, that at first seem easy but suprising difficult to execute. I have a money tr... by tungpx Explorer in Splunk Search 02-12-2025 0 6	0	6
	Is splunklib api code portable to splunk-sdk How much syntax has changed from splunklib (which ran on Python 2.x) to splunk-sdk (which runs on Python 3.x)? Just s... by DavidGuarneri Path Finder in Splunk Search 02-12-2025 0 1	0	1
	Using the xpath command with namespace declarations (xmlns='mynamespace') Splunk's xpath documentation does not show any examples on how to use the xpath command if the XML contains namespace... by yeahnah Motivator in Splunk Search 02-12-2025 0 2	0	2
	Python splunk-sdk vs Python requests library Is there any particular reason for using Python splunk-sdk over standard restful API libraries or tools (such as Pyth... by DavidGuarneri Path Finder in Splunk Search 02-12-2025 0 1	0	1
	Can't format table with stats to exclude unwanted matches Good day, I'm hoping someone smarter than me can help me figure this out. In the search below, I'm trying to correlat... by dtaylor Path Finder in Splunk Search 02-12-2025 0 9	0	9
	Query for sender, recipient(s) and sender's IP Hello,Below is a sample for a single message from Proofpoint log. It looks simple, but I am struggling to write a que... by SplunkUser001 Explorer in Splunk Search 02-11-2025 0 5	0	5
	extract all the key-value pairs from the json data Hi splunk team, I have a question about how to extract the key-value pair from json data. Let's say for example I hav... by darrfang Explorer in Splunk Search 02-11-2025 0 3	0	3
	search by Http code 500 is not working Team,when we search by http code 500 internal server error in the Splunk is working fine. the same query which we use... by BalajiRaju Loves-to-Learn Everything in Splunk Search 02-11-2025 0 15	0	15
	Display Dashboard in Stacked row Hello There,I'm having 3 panles, where i need to display panel 1 in left side, In the same row I need to display Panl... by smanojkumar Contributor in Splunk Search 02-11-2025 0 3	0	3
	Combining multiple text strings and fields into one common field I'm wondering if anyone could advise on how to best standardize a log of events with different fields. Basically, I h... by apiprek2 Explorer in Splunk Search 02-11-2025 0 2	0	2
	Exclude Names from a dashboard How do I exclude 6 names from my dashboards? They come up in all my multiselects and several panels by emkenick New Member in Splunk Search 02-10-2025 0 3	0	3
	Extract names and ids within array I have the following log from splunk where i want to extract names and their respective ids. Please help with the spl... by Tajuddin Explorer in Splunk Search 02-10-2025 0 6	0	6
	ignore a line in splunk payload if a variable is null Hi,I want to ignore below line inside splunk alerts payload if email address is not provided buy user."action.email.t... by guru333 Engager in Splunk Search 02-10-2025 0 1	0	1
	check if url in a lookup match logs Hello, I have a lookup with url like urlwww.url.com.url.comsite.url.com And i try to match it with my proxy logs to c... by y4m373 Explorer in Splunk Search 02-10-2025 0 5	0	5
	Metrics search average and max Hi guys! I've been struggeling for a while understanding metrics. When making a line chart for both average and max ... by HaakonRuud Explorer in Splunk Search 02-10-2025 0 2	0	2
	How to get multiple values from xml using xpath and spath? I am trying to get multiple values from xml as shows below I have tried xpath and spath and both shows nothing I am l... by ritesh14 Explorer in Splunk Search 02-09-2025 0 2	0	2
	tstats with \| search() TLDR; does, \| search(), operate differently in tstats, especially with wildcards, NOT, OR, AND, parentheses, etc.?I'm... by antoniolamonica SplunkTrust in Splunk Search 02-09-2025 0 1	0	1
	Applied Group Policy Objects for all domain joined computers report Hello,I am trying to find a way to report on all Applied Group Policy Objects for all of our domain joined computers.... by cdavidsonbp Observer in Splunk Search 02-08-2025 0 4	0	4
	Product of a Column I'm trying to find a simple way to calculate the product of a single column, e.g.value_a0.440.250.67Ideally, I could ... by kalverra Engager in Splunk Search 02-07-2025 0 5	0	5