Splunk Search

Community Activity

How to make a new row in a table based on one of the tables column value? Hello!!!I am doing calculations for the time it takes when a machine is undergoing maintenance. Right now, I calculat... by ichesla1111 Path Finder in Splunk Search 09-18-2022 0 3	0	3
How can get an alert for each host in a lookup? I currently have a lookup that contains two columns. Hostnames and Location. I can use the following formula to sear... by weddi_eddy Explorer in Splunk Search 09-18-2022 0 3	0	3
Could someone help me with inputlookup within a search? Hi all, I am quite new to Splunk and now trying to create a dashboard panel using a query that does the following: pu... by desperate Engager in Splunk Search 09-18-2022 0 3	0	3
How to write case statement for below log? Hi Splunkers. I have two level of logs (NOTICE,ERROR), for Error logs(json), method_name and message is automatically... by Emyamy Explorer in Splunk Search 09-18-2022 0 2	0	2
How to find Abuse of GitHub? Hi Team,I'm new to Splunk Tool, I just have a question how to hunt below things in Splunk:1). Investigate net connect... by Gani New Member in Splunk Search 09-17-2022 0 0	0	0
How do I use rex to remove everything after a specific character, but not said character Hello, I am using rex to remove everything after a specific character, but i need to keep the specific character. Cur... by superisk Explorer in Splunk Search 09-17-2022 0 2	0	2
How do I add search results to lookup AND send entire lookup by email? I was asked to archive search results in a CSV then send those results periodically by email. My solution is to do th... by spadler Explorer in Splunk Search 09-16-2022 0 5	0	5
How to join search based on multiple values? Hi, I am trying to build a correlation that matches traffic to threat intel to figure out if it has been blocked or n... by KMoryson Explorer in Splunk Search 09-16-2022 0 1	0	1
How to filter out timestamp without miliseconds? We have 2 types of orders in the system, some are entered manually by phone and some are processed automatically as t... by DPOIRE Path Finder in Splunk Search 09-16-2022 0 2	0	2
How to create multisearch with different transactions times and find a distinct average time for each transaction? Hello Friends, I have an interesting query that I would like help on. I have three transactions that we are tracking ... by amaralt808 Path Finder in Splunk Search 09-16-2022 0 4	0	4
How to compare 2 Search's percentage results? Hey Team, I am trying to generate a search which returns a complete set of results from today and then compares it wi... by EBVanguard Engager in Splunk Search 09-16-2022 0 1	0	1
Why is my Splunk index showing "0"? I push the logs to splunk using hec method using this end point "/services/collector" that index data showing in 1 ... by tcsec2user Explorer in Splunk Search 09-16-2022 0 6	0	6
Why is timechart with where and streamstat not retrieving same results as where and stats? I am running a query where the following fetches the latency above 1000 milliseconds: As you can see the query uses ... by kimsej Explorer in Splunk Search 09-16-2022 0 4	0	4
How to create an eval and use of like? I am trying to an eval with like to assign priority to certain IPs/hosts and running into an issue where the priority... by jwalzerpitt Influencer in Splunk Search 09-16-2022 0 8	0	8
How to insert checkboxes in a simple statistics results table? Hello Splunkers, I have a situation where I have to replace the first cell in each row in a statistics table with a ... by allan_newton Path Finder in Splunk Search 09-16-2022 1 10	1	10
How do I compare times to find the closest to time in a column? Hi everyone, From dbxquery, I retrieve this table: idstart_time1end_time1start_time2end_time2123413/09/2022 21:46:43.... by Julia1231 Communicator in Splunk Search 09-16-2022 0 1	0	1
Display total count of unique values of a field? Hi, Fundamentals question but one of those brain teasers. How do i get a total count of distinct values of a field... by neerajs_81 Builder in Splunk Search 09-16-2022 0 4	0	4
Splunk search- How to capitalize the first letter of every filed column? Hello Splunkers !! As per the below screenshot I want to capitalise the first letter of every filed column.So for the... by uagraw01 Motivator in Splunk Search 09-15-2022 0 6	0	6
Why am I unable to filter log data from extracted fields? scenario : - I had a log file. I am able to extract the fields from the log event and also see the data in the extrac... by Manideep Loves-to-Learn Lots in Splunk Search 09-15-2022 0 3	0	3
How to extract a number of a string and check the count? Hi, I have data like A-001, A-002, A-003..... I would like to know how to extract the numbers from these strings: 00... by zoe Path Finder in Splunk Search 09-15-2022 0 3	0	3
CLI Search - Export JSON File? Can I run a CLI search that will output the results to a file in json format? Thanks, Joe by cramasta Builder in Splunk Search 09-15-2022 1 3	1	3
Please delete this question Hello, by ichesla1111 Path Finder in Splunk Search 09-15-2022 0 1	0	1
How to exclude results if some conditions? Hi All, I have the following saved search: \| tstats summariesonly=true fillnull_value="N/D" count from datamodel=Chan... by marco_massari11 Communicator in Splunk Search 09-15-2022 0 5	0	5
How do I auto extract fields from JSON event? Hi there after much searching and testing i feel i'm stuck. Or even unsure what i want is possible. What i wantI have... by comcordriro Explorer in Splunk Search 09-15-2022 0 2	0	2
How to search a log if a match hasn't been seen in 24 hours? I currently have a lookup that contains two columns. Hostnames and Location. I can use the following formula to sear... by weddi_eddy Explorer in Splunk Search 09-15-2022 0 2	0	2