Splunk Search

Community Activity

Suggestions on Minimum message type (json)? Good afternoon!We have a problem in the workflow: a part of the customer's system, which is not developed by us, is n... by metylkinandrey Communicator in Splunk Search 10-31-2022 0 4	0	4
Need help in extraction and creating table Below query is in string text format need to separate each field and create a table with all columns for operator , ... by monicateja Explorer in Splunk Search 10-31-2022 0 2	0	2
Regex search help? log: {“timeMillis”:“1667091964927",“timestamp”:“2022-10-30T01:06:04.927Z”,“thread”:“reactor-http-epoll-3",“level”:“IN... by monicateja Explorer in Splunk Search 10-31-2022 0 1	0	1
How to lookup two files with same column name and display only the difference? This is my first question here! And I just started my journey with Splunk.I have two files test1.csv and test2.csv wi... by nihvk Explorer in Splunk Search 10-31-2022 0 3	0	3
How to search for newly established connection between members of the Splunk infrastructure? Hello again community Today I received notice that on every Friday morning at a particular time there are a lot of ne... by fatsug Builder in Splunk Search 10-30-2022 0 2	0	2
Join a lookup to events in an index where the date is one day prior? I have an index that snapshots an inventory system every day. The inventory is a list of all active circuits. There... by adomenico Explorer in Splunk Search 10-30-2022 0 1	0	1
How to use OR operator between subsearch and fields? Hey Splunkers, I have the following search but it is not working as expected. What I am trying to achieve is if one... by splunkxorsplunk Explorer in Splunk Search 10-28-2022 0 4	0	4
Stats count as a percentage as the total? I have a search which I am using stats to generate a data grid. Something to the affect of Choice1 10 Choice2 50 Choi... by christopherutz Path Finder in Splunk Search 10-28-2022 1 6	1	6
Help with rex- Unbalanced quotes when there are \ and " in string Hey community, Can someone help me out with a rex related question! Many many thanks! I am trying to rex the V1 out o... by jhcbazinga95 Loves-to-Learn Everything in Splunk Search 10-28-2022 0 2	0	2
Why does transaction command seems to be encoding characters? Hello all, This is my first post here. I have been learning Splunk over the past few months and I am loving it. I a... by jplasencia Explorer in Splunk Search 10-28-2022 0 0	0	0
Why can't I see preliminary search results when using associate command? In my SPL I use the associate command. However, I've noticed that when I use the command, any previous preliminary s... by TAE Engager in Splunk Search 10-28-2022 0 4	0	4
How to produce a csv based on a complex business logic? We have a Splunk UI that allows the users to export a certain set of the rows from a lookup. The caveat is that each ... by danielbb Motivator in Splunk Search 10-28-2022 0 6	0	6
How to extract key/value with dynamic key name? I found this, but I am unable to replicate it. I am not understanding where I am messing up here. Problem: I feed bto... by oliverja Path Finder in Splunk Search 10-28-2022 0 5	0	5
How to extract 2 values from different events based on another 2 common fields? Hello,I'm new here, tried to find the answer for my problem by failed. I'm looking for a method to extract values fro... by BYQ Engager in Splunk Search 10-28-2022 0 2	0	2
How to add severity to fetched errors messages? Hi All, I am trying to add severity column to output of first command, could you please let me know how to do it. Que... by PraveenThakur Engager in Splunk Search 10-28-2022 0 2	0	2
How to search to track the OS migration on the host? Hi folks, I need your support to build a search query to track the migration activity. We have a requirement to track... by srlakshm New Member in Splunk Search 10-28-2022 0 7	0	7
Event mismatch to different forwarding servers? We re-routed data from Splunk SaaS cloud to On-perm but we see event mismatch between these two instances, if I route... by sathiyasun Explorer in Splunk Search 10-27-2022 0 1	0	1
How do I find the time difference for each change in the location of the city? I have a query like this:\| dbxquery connection=xxxxx query="select xxx FROM xxx WHERE xxx and to_char(LOG_DATE_TIME,... by time2200 Explorer in Splunk Search 10-27-2022 0 5	0	5
Help with stats building a wrong result on my table Hello,I have a lots of records, some one has account_id field filled.. others has org_id field filled, and some ones ... by fpedrosa Engager in Splunk Search 10-27-2022 0 1	0	1
How to rename column and row labels after using transpose? Hi All, I am having no luck renaming "column" and "row1, row2,..." successfully to "fields" and "event 1, event 2, e... by packet_hunter Contributor in Splunk Search 10-27-2022 1 7	1	7
How can I customize color for cell value based on condition? Hi All,Currently we have a table like below , Target values are fixed for each row but Columns will added dynamically... by SanjayReddy SplunkTrust in Splunk Search 10-27-2022 0 1	0	1
Does a Heavy Forwarder have a limit for thruput ? Hello Splunkers,Everything is in the title, I've read the limits.conf documentation,[thruput] maxKBps = <integer>I kn... by GaetanVP Contributor in Splunk Search 10-27-2022 0 2	0	2
Splunk Alert for Response Time- How to add the time condition value? Hi Team, I want a splunk search query for alert creation. My requirement is service Response time is > 3 seconds and ... by asplunk789 Loves-to-Learn Everything in Splunk Search 10-27-2022 0 7	0	7
Create Alert if condition is met? Hi , I have a scenario where the files needs to be transferred for both inbound and outbound at 2 am daily. I need ... by Chinni611 Loves-to-Learn Lots in Splunk Search 10-27-2022 0 3	0	3
Help with a simple search: How do I count how many days match a certain criteria? (example below) I have this search which builds a tablemy_search \| timechart span=1d sum(eval(b/1024/1024/1024)) AS volume_bit will b... by dritjon Path Finder in Splunk Search 10-27-2022 0 1	0	1