Splunk Search

Community Activity

Exclude Names from a dashboard How do I exclude 6 names from my dashboards? They come up in all my multiselects and several panels by emkenick New Member in Splunk Search 02-10-2025 0 3	0	3
Extract names and ids within array I have the following log from splunk where i want to extract names and their respective ids. Please help with the spl... by Tajuddin Explorer in Splunk Search 02-10-2025 0 6	0	6
ignore a line in splunk payload if a variable is null Hi,I want to ignore below line inside splunk alerts payload if email address is not provided buy user."action.email.t... by guru333 Engager in Splunk Search 02-10-2025 0 1	0	1
check if url in a lookup match logs Hello, I have a lookup with url like urlwww.url.com.url.comsite.url.com And i try to match it with my proxy logs to c... by y4m373 Explorer in Splunk Search 02-10-2025 0 5	0	5
Metrics search average and max Hi guys! I've been struggeling for a while understanding metrics. When making a line chart for both average and max ... by HaakonRuud Explorer in Splunk Search 02-10-2025 0 2	0	2
How to get multiple values from xml using xpath and spath? I am trying to get multiple values from xml as shows below I have tried xpath and spath and both shows nothing I am l... by ritesh14 Explorer in Splunk Search 02-09-2025 0 2	0	2
tstats with \| search() TLDR; does, \| search(), operate differently in tstats, especially with wildcards, NOT, OR, AND, parentheses, etc.?I'm... by antoniolamonica SplunkTrust in Splunk Search 02-09-2025 0 1	0	1
Applied Group Policy Objects for all domain joined computers report Hello,I am trying to find a way to report on all Applied Group Policy Objects for all of our domain joined computers.... by cdavidsonbp Observer in Splunk Search 02-08-2025 0 4	0	4
Product of a Column I'm trying to find a simple way to calculate the product of a single column, e.g.value_a0.440.250.67Ideally, I could ... by kalverra Engager in Splunk Search 02-07-2025 0 5	0	5
How do I change time format in dashboard? Hello,I would like to display dates in a dashboard studio table,i want the format to be "%Y-%m-%d" but it is not disp... by joseph_mbimbi Engager in Splunk Search 02-07-2025 2 7	2	7
How to use substr or regex to extract part of text I have string like this , {"code":"1234","bday":"15-02-06T07:02:01.731+00:00" "name":"Alex", "role":"student","age":"... by vvkarur New Member in Splunk Search 02-07-2025 0 4	0	4
Eval command Hello,We have separate indexes created for non-prod and prod. Sample index name :sony_app_XXXXXX_non_prod - for non-p... by splunklearner Communicator in Splunk Search 02-07-2025 0 6	0	6
Combining events over time I am not sure where to even start on this one. I have 2 log file types I need to extract data to get final accounts.... by jparso09 New Member in Splunk Search 02-07-2025 0 2	0	2
Replicating the Output of a Field Popup/Bubble? Possibly a silly question, but I've wondered this for a while and now it'd actually be exactly what I need; I've got ... by interrobang Explorer in Splunk Search 02-06-2025 0 4	0	4
dashboard time token with multiple ealiest/latest search It's a bit long, hope i will not bore you.I made a splunk graph with two lines I need to see the values compared to ... by alex_tc80 Explorer in Splunk Search 02-06-2025 0 8	0	8
How to change span alignment I've tried a few methods shared here to adjust the start/end times of span. Mainly:1 - \| eval _time=_time-3600 \| bin... by R15 Communicator in Splunk Search 02-06-2025 0 8	0	8
paranthesis error in search query Hi,Im trying to use an OR function in the below query trying to combine two indexes and then use stats function like ... by secure Path Finder in Splunk Search 02-06-2025 0 5	0	5
Match IDs in 2 search and ensure a non-match is from the right source HelloI have a search like index=index1 \| rename Number__c as EventId \| append [search index=index2 sourcetype="api"... by tkwaller1 Path Finder in Splunk Search 02-05-2025 0 3	0	3
multiple base search Hi i have a complex base search where iam comparing data from two indexes using left join and getting the results in ... by secure Path Finder in Splunk Search 02-05-2025 0 3	0	3
forwarder Hello I have a index name msad and i want to know which forwarder is sending data to this index . And also the data i... by SN1 Path Finder in Splunk Search 02-05-2025 0 2	0	2
Need rex to extract the parameter in field product_name Want to extract HIGCommercialAuto and MLM-RS-Honly from below logs in field product name.HIGCommercialAuto higawsacc... by Hemant_h Engager in Splunk Search 02-05-2025 0 9	0	9
field extraction Hi, Please extract DUSTER and JUNIPER as app_name from following sample events - 1. unit_hostname="GBWDC111AD011HMA.s... by splunklearner Communicator in Splunk Search 02-05-2025 0 2	0	2
How to evaluate data match from 2 sources I have a search that searches 2 different indexes. We expect that there is 1 record from each index for a single id. ... by tkwaller1 Path Finder in Splunk Search 02-04-2025 0 3	0	3
Permanent Field extraction Trying to get permanent field extraction for a field. Tried to use field extraction tabs in fields given regex there ... by Karthikeya Communicator in Splunk Search 02-04-2025 0 2	0	2
Merge Events Hi,Some of my events doesn't have an timestamp and its has been written as multiple line items in the log.I want to m... by ckarthikin Loves-to-Learn Everything in Splunk Search 02-04-2025 0 8	0	8