Splunk Search

Community Activity

	How to create an alert for an system performance with sample job run logs? Hi there,Kindly help me on Search to trigger an alert by scan the logs for scheduled job and check elapsed time (thr... by thejasplunk67 Engager in Splunk Search 10-18-2022 0 2	0	2
	How to change specific value of grouped values? Hi,I have a lot of event data, where every instance can be idendified by a unique ID. Every instance contains several... by lukas1 Explorer in Splunk Search 10-18-2022 0 6	0	6
	Is there way to find the missing logs using some advanced search? Splunk logs missing for few scheduler jobsIs there way to find the missing logs using some advanced search by acj Observer in Splunk Search 10-18-2022 0 5	0	5
	ldapfilter - Why can't I use fields from events? Hello, I'm trying to use ldapfilter to add some info to events I collect from MS Exchange but as soon as my ldapfilte... by patpro Path Finder in Splunk Search 10-18-2022 0 6	0	6
	How do I display mismatch data between last 30days data to last 15mnts data? please help I need to compare and display the last 30days data and last 15mnts data by lucky Explorer in Splunk Search 10-18-2022 0 10	0	10
	How to create a search and subsearch to exclude results in a query? I need to create a search and subsearch to exclude results in a query. the primary search is a lookup table. the sub... by pc1234 Explorer in Splunk Search 10-17-2022 0 1	0	1
	How to pass static string via lookup to stats command? I'm attempting to utilize a lookup to pass static strings to create 'stats' commands. The result is sent to the searc... by dfphere Explorer in Splunk Search 10-17-2022 0 3	0	3
	How to join or append searches in Splunk, with rest and subsearches? I tried to do it this way, but the results don't match.How can i show the result of the first search and then the sec... by Zarack Engager in Splunk Search 10-17-2022 0 1	0	1
	How to subtract two timestamps by session/ transaction_id? I have two events where in order to get a response time, I need to subtract the two timestamps. However, this needs t... by user33 Path Finder in Splunk Search 10-17-2022 0 3	0	3
	How do I extract a part of a field via reg ex? I have a field with data like this: loggingObject.methodName="WXYX.MNOController.myMethodName". loggingObject.methodN... by alakhotia Explorer in Splunk Search 10-17-2022 0 3	0	3
	What is the most efficient way to aggregate events by day over two separate streams? I have two streams of data coming into a HEC. one has call direction (i.e. inbound) and the other has call dispositi... by loganseth Path Finder in Splunk Search 10-17-2022 0 9	0	9
	Joining fields from 2 indexes- Why am I showing 0 results found? Hi All, Before i post here i have tried everything under https://community.splunk.com/t5/Splunk-Search/How-to-join-2... by neerajs_81 Builder in Splunk Search 10-17-2022 0 5	0	5
	How to replace values outputted from a stats with lookup table values? I've done a simple search like this:index=fw_cisco \| stats dc(dest_ip) as NrDestIp by src_ipI have defined a lookup f... by dritjon Path Finder in Splunk Search 10-17-2022 0 1	0	1
	How to use the same lookup file for different fields? Let me be more clear: I have defined a lookup file (ip_lookup) which has two colums: IPHost and DNShostNow I have a s... by dritjon Path Finder in Splunk Search 10-17-2022 0 3	0	3
	How to make a calculated field? I am trying to figure out a way to calculate a field in a set of data. In my search im returned events from a long li... by zbsplunker Engager in Splunk Search 10-17-2022 0 2	0	2
	Help to onboard automatically a csv in splunk HelloI try to summarize the different steps to onboard automatically a csv file in Splunk1) On the forwarder:- I need... by jip31 Motivator in Splunk Search 10-17-2022 0 2	0	2
	Field Extraction with Dynamic Data Structure (Field/Value Pair)? Hello, I have a data source with dynamic structure, position of comma separated field/value changes for some of the e... by SplunkDash Motivator in Splunk Search 10-16-2022 0 8	0	8
	Showing errors when try to send data to splunk cloud in reactjs but it's working fine with postman and curl in terminal? Using fecth in reactjs: fetch('https://[SUBDOMAIN].splunkcloud.com:8088/services/collector/event/1.0', {<!-- --> method: 'PO... by Herry New Member in Splunk Search 10-16-2022 0 1	0	1
	How can I resolve this error: KVStorageProvider --- saveBatchData:upsert --- No collection available i keep seeing this error in the internal logs kvstorageprovider - an error occurred during the last operation ('saveb... by moorvogi Path Finder in Splunk Search 10-16-2022 0 6	0	6
	Extract user field from log? I have a log which looks like follow: Request received :: Id assigned. --- Id=1, BODY={"userIds":["11"],"email":"tes... by user9025 Path Finder in Splunk Search 10-15-2022 0 4	0	4
	Displaying successful and failed results in timechart? Hi, I am trying to show successful validations and failures in one of the dashboard panels. I am logging exceptions ... by aasiaa Path Finder in Splunk Search 10-15-2022 0 6	0	6
	Combining results from 2 indexes? I am looking to create a splunk query but finding it complex to start with. Use case: Index 1 has two logs like ... by user9025 Path Finder in Splunk Search 10-15-2022 0 7	0	7
	Grouping and counting items based on values in the list? I have below JSON event where there are errors present in a field which is a list. I want to extract the values in th... by ghostrider Path Finder in Splunk Search 10-14-2022 0 3	0	3
	Comparing Dates in Results- How do I get a laterdate? Hello, I have the search built that generates the results I want. But, the goal is to also be able to track high numb... by jedimuffin Observer in Splunk Search 10-14-2022 0 5	0	5
	Do you know of a way to assign an increasing numerical value to each new event sent to the index? Hi eveybody, I have a series of alerts that generate new events that are sent to a specific index and also send an em... by JohnnyMnemonic Explorer in Splunk Search 10-14-2022 0 7	0	7