Splunk Search

Community Activity

How to find values between two string I have this event:(pool-4-thread-1 18a68b34-f4af-4940-9339-6201b5004bb8) (********): do_SMSGW (Request) : &from=TULBU... by baljkastr Engager in Splunk Search 08-30-2022 0 1	0	1
When using appendcols, one column doesn't have events? My Query: index=test sourcetype=true AND private AND beta \|rex field=_raw "\[private]\s(?<category>\S+\s+\S+\s+\S+)"... by SS1 Path Finder in Splunk Search 08-30-2022 0 3	0	3
How to combine searches from multiple source files? I have the following 2 logs DRT.log: This consists of the following log lines: {"date_time":"20220823-13:11:11.622... by toernerg Observer in Splunk Search 08-30-2022 0 1	0	1
How to use the map command to add the total event times between created beginning and end times? I want to use the map command to add the total event times for each day during the time interval from 6am-6pm.For eac... by ichesla1111 Path Finder in Splunk Search 08-30-2022 0 2	0	2
How to not Display Data that is less than 10 days old? Hello all, I know this has been asked many different ways but, I cant seem to get the search correct. I am attempting... by IndyJones1345 Loves-to-Learn in Splunk Search 08-30-2022 0 1	0	1
How to get Splunk triggered alerts results url? Hi Splunkers , Im trying to build a dashboard to capture all the triggered alerts with some custom actions to be ap... by spl_unker Explorer in Splunk Search 08-30-2022 0 1	0	1
How to set up Alert setting, in case of a large interval between messages? Good afternoon!I receive messages from systems on splunk, several messages from one system line up in a message chain... by metylkinandrey Communicator in Splunk Search 08-30-2022 0 1	0	1
How to get pie chart value and name to be reflected in Available and Not Available name label? I need the count and count % to be reflected in Available and Not Available line with the value. Appreciate if i get ... by ShamGowda Loves-to-Learn Lots in Splunk Search 08-30-2022 0 1	0	1
How can I display a chain of all ten messages? I have a message thread, these messages are coming on splunk.The chain consists of ten different messages: five messa... by SajarKumarPat New Member in Splunk Search 08-30-2022 0 3	0	3
How to change the heigh of panels in XML ? Hi,How can I make both of these panels be the same height ? by Edwin1471 Path Finder in Splunk Search 08-30-2022 0 1	0	1
Why is timestamp not showing as the default in column1 when I load the dashboard? Hi Experts , i want to show Column1 timestamp selected as default in Date/Time Range From not sure what i am doing wr... by vamsi354 Explorer in Splunk Search 08-30-2022 0 2	0	2
How to write search to find error percentage for each group? My data looks as follows: host col2 ---- ---- A SUCCESS A ERROR B ERROR B SUCCESS B SUCCESS C ERROR Here ... by kimberlytrayson Path Finder in Splunk Search 08-30-2022 0 1	0	1
How to write correlation search to show these alerts? Hi Community, I have these alerts on EDR and I want to create a correlation search to show these alerts on the Splu... by m_khatibo88 New Member in Splunk Search 08-30-2022 0 1	0	1
How to display field value into column? status=Auto, Manual car= BMW, Honda, Audi index * \| stats count(status) as Total by car Is there anyway I can get the... by Khuzair81 Path Finder in Splunk Search 08-29-2022 0 2	0	2
How do list multiple sources in a query: sourcetype=xml source="/wealthsuite/tti/current/"? How do list multiple sources in a query: sourcetype=xml source="/wealthsuite/tti/current/"? by mcristinzio New Member in Splunk Search 08-29-2022 0 3	0	3
How do I change the title text on the tabs from default text to a custom text? I want to change the title text on the tabs from, for example, "Login\|Splunk" or "Dashboards \| Splunk 7.1.2" to a tex... by sh254087 Communicator in Splunk Search 08-29-2022 0 4	0	4
Formalizing MAC address to XX:XX:XX:XX:XX:XX format I was searing for a simple way to convert all types of mac address to "more" standard format. Found various solution... by jotne Builder in Splunk Search 08-29-2022 1 0	1	0
How to create a search for BST ( British Summer Time) Search Time Interval Change? Hi I have a SPL query that needs to adjust at search time when we are falling in and out of BST. During BST, the se... by djcascione Explorer in Splunk Search 08-29-2022 0 7	0	7
How can I rename the value of the policy name from = to "contains"? How can i rename the value of the policy name from = to "contains". Instead of saying "index=tenable* sourcetype="*"... by marceldera Explorer in Splunk Search 08-29-2022 0 1	0	1
Is there a way in Splunk to compare and find delta of the duration from the previous runs? Hi All, We are generating a log that records in and out timestamp in epoch for a specific set of transactions and we ... by maniishpawar Path Finder in Splunk Search 08-29-2022 0 3	0	3
How to count number of values in multi-valued field , dynamically? <input type="multiselect" token="product_token" searchWhenChanged="true"><label>Product types</label><choice value="*... by vijay_k Engager in Splunk Search 08-29-2022 0 5	0	5
How to force the display of a value when the search is empty? Hello community, I have a problem with a search that does not return a result. For the purposes of a dashboard, I nee... by Rajaion Path Finder in Splunk Search 08-29-2022 0 2	0	2
Re-order table columns with dynamic names? Hello, I have a chart with dynamic field names displayed as table and would like to change the order of the columns: ... by mspoerr Path Finder in Splunk Search 08-28-2022 0 3	0	3
How to extract cancelled transactions from logs? I'm looking at events and I'm trying to determine which files are not "deleted" from the folder on a server after fi... by syed Observer in Splunk Search 08-28-2022 0 6	0	6
How to normalize MAC address format? We have different log sources that may format the MAC address as: af:af:af:af:af:af af-af-af-af-af-af af.af.a... by jeff Contributor in Splunk Search 08-28-2022 0 9	0	9