Splunk Search

Community Activity

	How to find the top 10 events within 24 hours? Hi, I am new to Splunk, I would like to create a command where it can find top 10 events happened within 24 hours. in... by N0Excuse_ New Member in Splunk Search 08-21-2022 0 2	0	2
	How to return string in macro after some logics I have following eval based macro to return a string, in the end I am expecting macro to return something like "earli... by madhavanv New Member in Splunk Search 08-20-2022 0 1	0	1
	How to create table using nested json? Hi All I have a nested JSON in my log event. On that basis, I have to create a dynamic table.{<!-- -->status: FINISHED data... by bharat149 Explorer in Splunk Search 08-20-2022 0 5	0	5
	How to get the combinations of a set of values? Given a set of values (e.g. A,B,C) in a multi-value field, I want to get all the combinations that can be generated b... by teresachila Path Finder in Splunk Search 08-20-2022 0 1	0	1
	How to limit number of column in xyseries with TOP or RARE? Hi,I'm building a report to count the numbers of events per AWS accounts vs Regions with stats and xyseries. It works... by ephenix Explorer in Splunk Search 08-19-2022 0 4	0	4
	Why am I getting inconsistent stats? I am befuddled why the below two searches return different counts for the same period of time. The tstats one returns... by fredclown Builder in Splunk Search 08-19-2022 0 4	0	4
	How to fix "no module named splunklib" error for python splunk sdk on Windows? reated splunk python script and set splunk web on "data input" and added all proceduresbut my script is not running i... by rockzers Path Finder in Splunk Search 08-19-2022 0 4	0	4
	Any guidance on CyberArk TA v1.2 Installation? Hello, I need some guidance to install CyberArk TA in a single-server SPLUNK enterprise environment. How would I proc... by SplunkDash Motivator in Splunk Search 08-19-2022 0 9	0	9
	How do I remove an IP Range from a Search? We currently have the user case - High Number of Login Failures from a single source turned on We would like to excl... by AidanMarkSmith Observer in Splunk Search 08-19-2022 0 5	0	5
	How to plot a graph based on values of a field? I have a search whish results in these events: userlast_eventuser12021-12-30 08:57:36.77user22022-03-12 22:29:52.3... by dritjon Path Finder in Splunk Search 08-19-2022 0 5	0	5
	Getting an intermittent error searching against a kvstore with json using inputlookup and lookup- How to fix? on splunk cloud 8.2.2202.2 issuing the command as follows I get an error one times out of four - \| inputlookup app... by donelliot Path Finder in Splunk Search 08-18-2022 0 1	0	1
	Why doesn't my if clause work completely? So i have the following SPL query: <basic search> \| chart count by path_template, http_status_code \| addtotals fieldn... by djoobbani Path Finder in Splunk Search 08-18-2022 0 4	0	4
	How do I perform field extraction and index the data contained in the one detail field which is json within json? I have a modular input to write to Splunk using event = Event() event.data = json.dumps(data) ew.write_event(event) T... by jet Explorer in Splunk Search 08-18-2022 0 5	0	5
	How to add if clause in a foreach eval [ statement for the following query? Dear splunk community: I have the following search query which basically shows the number of counts and percentage of... by djoobbani Path Finder in Splunk Search 08-18-2022 0 2	0	2
	How to write a search that groups values to be used in a dropdown on a dashboard? Hi All, I am new to Splunk and the SPL in general so I will try and explain as best I can. I have been tasked to pro... by quietferret Loves-to-Learn in Splunk Search 08-18-2022 0 2	0	2
	How can I exclude list of IPs? Hello, I have a .csv with 2 columns: hostname and ip. How can I exclude the IPs from that list ? Tried something like... by danutmatei Explorer in Splunk Search 08-18-2022 0 1	0	1
	Help with Regex Hi, Can someone help me with field extraction for string : /home/mysqld/databasename/audit/audit.log I want to extrac... by shruti14 Explorer in Splunk Search 08-18-2022 0 1	0	1
	How to lookup table wildcard search? I'm trying to do a search with a lookup table and can't seem to get the search to perform what I'm wanting. I have so... by splunkuser924 Engager in Splunk Search 08-18-2022 0 1	0	1
	Iterate through dbxquery (SQL) results? HelloI have a search which is gathering 8 columns from a table. (below)I want to make col1 available to query against... by lukenorthern Engager in Splunk Search 08-18-2022 0 4	0	4
	Why does this generic search not return results that are returned in a more specific search? I am developing a query that shows stats for events with the same orderId. There is a flaw though. When I run the que... by scaparelli Explorer in Splunk Search 08-18-2022 0 5	0	5
	What is the best solution to table list of keys which can be eventually used for input dropdown in dashboard? Hello Folks , I have json data in below format. I am looking for a best solution to table list of Keys which can be e... by kirangurram Explorer in Splunk Search 08-18-2022 0 2	0	2
	Disable the alerts while disable maintenance mode in master app? Hello Splunk team,I am trying for a logic to disable the alerts in the particular app while I disable maintenance mod... by Veeru Path Finder in Splunk Search 08-18-2022 0 3	0	3
	How do I extract multiple fields from a json array? I'm having issues properly extracting all the fields I'm after from some json. The logs are from a script that dumps... by user_303_user Observer in Splunk Search 08-18-2022 0 4	0	4
	Help with Spath for Nested Json Hi All, Can someone pls assist me in extracting the different Recipients out this nested Json ? This is from O365 lo... by neerajs_81 Builder in Splunk Search 08-18-2022 0 13	0	13
	How do I create a dashboard to log any New Firewall rule that has been committed to Panorama? Creating A dashboard to log any New Firewall rule that has been committed to Panorama. How do i go about this? Any as... by SPLKwame28 Engager in Splunk Search 08-18-2022 0 6	0	6