Splunk Search

Community Activity

	How. to replace string if preceded or followed by particular characters? Given the below example events: Initial event: [stuff] apple.bean.carrot2donut.57.egg.fish(10) max:311 min 15 avg 101... by firstname Explorer in Splunk Search 08-22-2022 0 4	0	4
	Lookup files permissions- Is there a way to view lookup file without changing permission in GUI? Hi All,I am trying to view a lookup file that has the sharing set on this app only from another app than it is define... by Sanz Explorer in Splunk Search 08-22-2022 0 3	0	3
	Update kvstore based on recalculated metrics? I have a kvstore like below populated with about 1mil rows. _keynamecount1count2calculated_number1calculated_number2... by sgtlongwell New Member in Splunk Search 08-22-2022 0 1	0	1
	How to get stats by month? Hi,I have my current search giving below output, I want to have stats listed by Month. Can someone help on this oneCu... by SS1 Path Finder in Splunk Search 08-22-2022 0 5	0	5
	Searching for multiple strings within all fields of index Hi I'm trying to search for multiple strings within all fields of my index using fieldsummary, e.g. index=centre_data... by deton0 Explorer in Splunk Search 08-22-2022 0 2	0	2
	How to write a Regex to capture the Path(\Απεσταλμένα) and Subject (TYPICAL MAIN SHELF)? I want to capture the Path (\Απεσταλμένα) and Subject (TYPICAL MAIN SHELF) . I am using below regex Subject\W\s(?<Su... by biswa2112 Engager in Splunk Search 08-22-2022 0 1	0	1
	How to extract the 3 words after [yyy] using regex? Hi, I need help to extract the 3 words after [yyy] using regex, True [xxx] [yyy] Issue with ios phone 11 False [yyy]... by SS1 Path Finder in Splunk Search 08-22-2022 0 2	0	2
	How to rename a value in a table? Hi, Is there a way to rename a specific value in the column of the table. For example: by Edwin1471 Path Finder in Splunk Search 08-22-2022 0 1	0	1
	How to extract the userID? Hi I want to extract the unique user ID for the users that are successfully logging in the KTB system [2/11/00 12:45:... by tankhanandita Explorer in Splunk Search 08-22-2022 0 1	0	1
	Compare values of most recent event to event before -- Show only the difference? How do I compare the values of the most recent event to the event before that and show only the difference?In one exa... by dmbr Explorer in Splunk Search 08-21-2022 0 1	0	1
	How to get the chart of count and percentage by- in one column? So i am representing endpoint url (y-axis) and http status code (x-axis). I can show the count of each url & status c... by djoobbani Path Finder in Splunk Search 08-21-2022 0 10	0	10
	Field values from look up to query? Hi All, I have one dashboard in that I am fetching the results from a input look up file. I am getting the results b... by Santosh2 Path Finder in Splunk Search 08-21-2022 0 2	0	2
	How to find the top 10 events within 24 hours? Hi, I am new to Splunk, I would like to create a command where it can find top 10 events happened within 24 hours. in... by N0Excuse_ New Member in Splunk Search 08-21-2022 0 2	0	2
	How to return string in macro after some logics I have following eval based macro to return a string, in the end I am expecting macro to return something like "earli... by madhavanv New Member in Splunk Search 08-20-2022 0 1	0	1
	How to create table using nested json? Hi All I have a nested JSON in my log event. On that basis, I have to create a dynamic table.{<!-- -->status: FINISHED data... by bharat149 Explorer in Splunk Search 08-20-2022 0 5	0	5
	How to get the combinations of a set of values? Given a set of values (e.g. A,B,C) in a multi-value field, I want to get all the combinations that can be generated b... by teresachila Path Finder in Splunk Search 08-20-2022 0 1	0	1
	How to limit number of column in xyseries with TOP or RARE? Hi,I'm building a report to count the numbers of events per AWS accounts vs Regions with stats and xyseries. It works... by ephenix Explorer in Splunk Search 08-19-2022 0 4	0	4
	Why am I getting inconsistent stats? I am befuddled why the below two searches return different counts for the same period of time. The tstats one returns... by fredclown Builder in Splunk Search 08-19-2022 0 4	0	4
	How to fix "no module named splunklib" error for python splunk sdk on Windows? reated splunk python script and set splunk web on "data input" and added all proceduresbut my script is not running i... by rockzers Path Finder in Splunk Search 08-19-2022 0 4	0	4
	Any guidance on CyberArk TA v1.2 Installation? Hello, I need some guidance to install CyberArk TA in a single-server SPLUNK enterprise environment. How would I proc... by SplunkDash Motivator in Splunk Search 08-19-2022 0 9	0	9
	How do I remove an IP Range from a Search? We currently have the user case - High Number of Login Failures from a single source turned on We would like to excl... by AidanMarkSmith Observer in Splunk Search 08-19-2022 0 5	0	5
	How to plot a graph based on values of a field? I have a search whish results in these events: userlast_eventuser12021-12-30 08:57:36.77user22022-03-12 22:29:52.3... by dritjon Path Finder in Splunk Search 08-19-2022 0 5	0	5
	Getting an intermittent error searching against a kvstore with json using inputlookup and lookup- How to fix? on splunk cloud 8.2.2202.2 issuing the command as follows I get an error one times out of four - \| inputlookup app... by donelliot Path Finder in Splunk Search 08-18-2022 0 1	0	1
	Why doesn't my if clause work completely? So i have the following SPL query: <basic search> \| chart count by path_template, http_status_code \| addtotals fieldn... by djoobbani Path Finder in Splunk Search 08-18-2022 0 4	0	4
	How do I perform field extraction and index the data contained in the one detail field which is json within json? I have a modular input to write to Splunk using event = Event() event.data = json.dumps(data) ew.write_event(event) T... by jet Explorer in Splunk Search 08-18-2022 0 5	0	5