Splunk Search

Community Activity

	How to extract values inside of the {}? Hello Splunk Ninjas! I will require your assistance with designing my regex expression. I need to filter for the valu... by napoleon182 Explorer in Splunk Search 10-20-2022 0 2	0	2
	How to make timechart active connections between start end end times? Hi, Any thoughts appreciated. I have some connection data captured at connection termination, it has connection start... by mcaulsc Path Finder in Splunk Search 10-20-2022 0 6	0	6
	Help with search with multiple NOT IN subqueries The goal is to take all eventIds with "operation failed" and exclude events with "Duplicate key" and "Event processed... by usarios Engager in Splunk Search 10-20-2022 0 2	0	2
	How to write a search to compare two weeks errors, and highlight any new errors? Hello Splunkers !! Last weekCurrent weekNew Error "enableEnhancedCheckout" "enableEnhancedCheckout" "error_in_pytho... by uagraw01 Motivator in Splunk Search 10-20-2022 0 9	0	9
	Alert scheduler question- How to run in seconds? Good afternoon! I figured out how to set up alerts. Understood with the parameter: Cron Expression. Currently I am us... by metylkinandrey Communicator in Splunk Search 10-20-2022 0 3	0	3
	How to extract and display in a table form? I have splunk logs as given below. However, I wanted display fields in between square brackets "[ ]" in a table as gi... by Manth Explorer in Splunk Search 10-19-2022 0 3	0	3
	How to pass a token in base search? i want to pass the input token to my base search. In the panel its shows no results found, but when try click on "ope... by restinlinux Explorer in Splunk Search 10-19-2022 0 1	0	1
	Splunk integration with Cisco ISE using pxGrid- How do I integrate with Splunk Trial? Hi,I am struggling with the configuration pxGrid on Splunk for Rapid Threat Containment with ISE.I just installed a n... by mnowaczy New Member in Splunk Search 10-19-2022 0 1	0	1
	Search results might be incomplete: the search process on the local peer:%s ended prematurely? Hi All, When running a search the following error will appear in the job inspector. Users get this message intermitte... by RichieH Explorer in Splunk Search 10-19-2022 0 4	0	4
	Splunk search command- How to get table? Hello, Assuming i have numbers, let's say 1-2-3-4-5-6. And each of those represent Ip adressnumber of requestmethod1.... by dj56 Explorer in Splunk Search 10-19-2022 0 9	0	9
	How to set an alert running every day hourly? how to set an alert running every day hourly? ex - if new transactions /events occur alert the user by wanda619 Path Finder in Splunk Search 10-19-2022 0 3	0	3
	How can I whitelist based on this 3 conditions- where condition with 3 arguments? Hi, I have an inputlookup with wSender, wSubject and wRecipient. I want to whitelist some of the emails sent by an us... by danutmatei Explorer in Splunk Search 10-19-2022 0 2	0	2
	How to calculate the duration? Hi, I`ve got the following search that I would like to amend as follows: 1. swipe_in and swipe_out times to show on t... by tomapatan Contributor in Splunk Search 10-19-2022 0 6	0	6
	How to use output of a 1st query list as input in second query? I have an ```index=xyz data.id=1```which gives me list of unique id's [1,2,3,4,5]Not sure how to store the above resu... by agupta13 Engager in Splunk Search 10-18-2022 0 2	0	2
	How would I assign 1 sourcetype 2 different indexes? Hello, How I would assign one source type to two different indexes, one after another. As an example: I assigned sour... by SplunkDash Motivator in Splunk Search 10-18-2022 0 16	0	16
	Are there any recommendations for Installing ARUBA TA in SPLUNK? Hello, I need to install ARUBA TA; do you have any recommendations on how to proceed. Your recommendations will be h... by SplunkDash Motivator in Splunk Search 10-18-2022 0 0	0	0
	Why does my date format change when downloading CSV? Hello,When I run a query I get the results as I need them in a table from Splunk but when I download the .csv file, t... by splunkcol Builder in Splunk Search 10-18-2022 0 3	0	3
	How to filter out main search results with subsearch? Hi I am trying to capture all event="DcSyncs" from my index. This index also contains event="DcID". The event "DCSync... by upranger101 Engager in Splunk Search 10-18-2022 0 2	0	2
	Help with union with joins? Hi All, I'm trying to optimize the following search because it runs very slow. Looking for some help w/it. I've bee... by Racer73b Explorer in Splunk Search 10-18-2022 0 10	0	10
	Why does lookup have matching multivalue field? I am trying to add fields from a lookup table. However, the matching field is a multivalue field. I need to expand th... by adent Explorer in Splunk Search 10-18-2022 0 3	0	3
	How to create a new field using rex? Hi Spelunker, I want to create a field "Credentialed checks:" with this field value. Please help. regards, Nessus ver... by Rithekakan Path Finder in Splunk Search 10-18-2022 0 2	0	2
	How to wrap text in a table? I have a query in a panel, that is being outputted in a table. Can I adjust the width of one of the columns, shrinkin... by alakhotia Explorer in Splunk Search 10-18-2022 0 7	0	7
	How to search list of IPs to check if they're sending data to Splunk? I have a list of IPs and want to check if they are sending data to Splunk but using a single query.The devices in thi... by Mr_Data_2018 New Member in Splunk Search 10-18-2022 0 1	0	1
	How to read data from two different indexes? Hello Team, I'm new to splunk, trying to get some insight/help for the below issue I'm trying to read data from 2 dif... by splkjk Explorer in Splunk Search 10-18-2022 0 6	0	6
	How to increase number of events in format? I have a lookup table that I want to use in a search. So I load the lookup table and use format. However I noticed th... by klim Path Finder in Splunk Search 10-18-2022 0 3	0	3