Splunk Search

Discussions

Thread Info

Getting the occurrence count when there is no event for the same

This is the dummy dataset which has been created to address the issue I am facing.I want to count the number of occur...

by Explorer in

Geostats by phone number

Hi I have field in my log that call “MobileNumber” that need to show count of MobileNumber by location on map. e....

by Motivator in

rex extracr mq errors

Hi what is the rex for mq error code here is the log: 2021-10-08 06:52:12,785 ERROR TOPIC-00000 [Utility] MQJC...

by Motivator in

rex for error number

hi what is the rex for error number and error message of this log: (separately) 23:43:51.411 app module: 100: N...

by Motivator in

Query to see which application has followed which integration method to on board the data like HEC,TCP,DB connect

Query to see which application has followed which integration method to on board the data on Splunk cloud like HEC,TC...

by New Member in

Splunk Simple Math Expression using Eval

I need a way to evaluate a simple math expression. The following query works, and expr evaluates to result with a v...

by Engager in

percentile 99th count

Hi, I'm trying to build a search to find the count, min,max and Avg within the 99th percentile, all work apart from...

by Communicator in

adding lookup in query ending with incorrect result

i am getting two diffrent results in total. query1 is providing acurate result. query2 as soom as adding |lookup l...

by Explorer in

Write Cron Expression to Schedule Python Scripts

Hello, I have 4 python scripts to parse data that we receive in Linux machine once a day where HF has installed. C...

by Motivator in

combine two search in a one table

HiI have log file like this, need to extract "id" from lines that A=20 and match these lines to lines where that B=10...

by Motivator in

New to Splunk Searching, anyone able to help?

I need to create a table that includes the filename, the domain name of which file came from, the source IP, the dest...

by Engager in

I am looking for simple SPL to detect activity from users without MFA in AWS

Hello I am looking a simple SPL to to detect activity from users without MFA in AWS. I have the search below which...

by New Member in

How to delete fields name

I want to delete this field (VID) from one of my search query, this is not available under Field extractions. and ...

by Explorer in

create search input as a part of a result

Hallo.can anyone please help me.i want search sourcetype for this IP10.2.123.123 OR 22.222.222.22 OR 33.333.333.33 | ...

by New Member in

How to view AWS Simple Queue Serivce (SQS) logs in splunk

Hi, I have recently integrated and migrated AWS Simple Queue Serivce (SQS) logs to splunk. I am trying to s...

by Path Finder in

How would I stop and restart my UF and HF

Hello, I have Universal Forward and Heavy Forward in Linux machine, how would I stop and restart them. Any help wi...

by Motivator in

command="sendemail", (535, '5.7.3 Authentication unsuccessful') while sending mail to

hi i want to use sendmail spl command but it give me below error command="sendemail", (535, '5.7.3 Authentication u...

by Motivator in

What level permission is needed to install a dashboard in Security Essentials? ES Admin? or Ent Admin ? Thank u

We have Splunk Ent. + ES. I have a dashboard that I 'd like to install in Security Essentials. What level permission ...

by Builder in

Search for peers with status=down

What search can I do to find peers with status=down. Looking to form an alert when this happens but can't find it wit...

by Path Finder in

Lookup tables and multiple fields values

I need help to use the values from a lookup table into multiple fields, where the output from the lookup table is a l...

by Explorer in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Getting the occurrence count when there is no event for the same

Geostats by phone number

rex extracr mq errors

rex for error number

Query to see which application has followed which integration method to on board the data like HEC,TCP,DB connect

Splunk Simple Math Expression using Eval

percentile 99th count

adding lookup in query ending with incorrect result

Write Cron Expression to Schedule Python Scripts

combine two search in a one table

New to Splunk Searching, anyone able to help?

I am looking for simple SPL to detect activity from users without MFA in AWS

How to delete fields name

create search input as a part of a result

How to view AWS Simple Queue Serivce (SQS) logs in splunk

How would I stop and restart my UF and HF

command="sendemail", (535, '5.7.3 Authentication unsuccessful') while sending mail to

What level permission is needed to install a dashboard in Security Essentials? ES Admin? or Ent Admin ? Thank u

Search for peers with status=down

Lookup tables and multiple fields values

Dashboard Studio Challenge - Learn New Tricks, Showcase Your Skills, and Win Prizes!

Introducing Edge Processor: Next Gen Data Transformation

Take the 2021 Splunk Career Survey for $50 in Amazon Cash

How can I build a use case scenario for MFA login ...

Will Splunk searches using lookup get affected if ...

How to delay with search result when run via Splun...

KV Store status is currently unknown- How to resol...

Combining results in metric index?