Splunk Search

Community Activity

	Match a column from a main query with a column in a subquery Hi Experts,The file ACF2DS_Data.csv contains columns including TIMESTAMP, DS_NAME, and JOBNAME.I need to match the DS... by ravikumar_sri20 Engager in Splunk Search 02-16-2025 0 6	0	6
	Filter MV field for specified value I've been smashing my head against this issue for the past few hours. I need to check a multivalue field to see if it... by dtaylor Path Finder in Splunk Search 02-16-2025 0 7	0	7
	Can not search by sourcetype while events are there Hello Team,9.4.0, thsooting prod, replicated the issue in staging, i have 1 indexer only. Performing all searches on ... by MichalG1 Path Finder in Splunk Search 02-16-2025 0 1	0	1
	LDAP Search with REGEX to table out members of specific groups Trying to build a search that will leverage ldapsearch to pull a current list of users that are members of a specific... by silversides Loves-to-Learn in Splunk Search 02-15-2025 0 7	0	7
	Apply the same query to multiple days given day interval Hi everyone.I have a query that calculates a number of metrics, such as average, max value, etc, for a specific date,... by pedropiin Path Finder in Splunk Search 02-15-2025 0 4	0	4
	How to filter out first instance of a query Hi everyone.I'm doing a query in which I sort it by time according to a variable and then calculate some metrics over... by pedropiin Path Finder in Splunk Search 02-14-2025 0 1	0	1
	Splunk lookup failing, even on itself Running a lookup where I have verified the fields exist and match and its not returning an output field. So, I verifi... by eandres Explorer in Splunk Search 02-13-2025 0 3	0	3
	Need help with SPL for windows logins Hello,I have the below SPL where I am looking to fetch the user accounts that have not logged in for 30 days or more ... by Roy_9 Motivator in Splunk Search 02-13-2025 0 3	0	3
	LIst all universal forwarder hosts sending to an index but limit the host count to 5 HelloI'm looking to modify this search I've found and using. I like the result set but would like to limit the host c... by davidaj Explorer in Splunk Search 02-13-2025 0 4	0	4
	How to get dashboard not accessed by anyone in splunk I am want to get the list of dashboard which is not used by anyone for more than 90 days. i have tired to use the bel... by harishsplunk7 Explorer in Splunk Search 02-13-2025 0 3	0	3
	what is large What is the definition of large? Is it measured in total bytes? Number of records? And in either case how much? by splunkermack New Member in Splunk Search 02-12-2025 0 2	0	2
	Need help with a search with join, append or appendcols Hello, I need help with a search query, that at first seem easy but suprising difficult to execute. I have a money tr... by tungpx Explorer in Splunk Search 02-12-2025 0 6	0	6
	Is splunklib api code portable to splunk-sdk How much syntax has changed from splunklib (which ran on Python 2.x) to splunk-sdk (which runs on Python 3.x)? Just s... by DavidGuarneri Path Finder in Splunk Search 02-12-2025 0 1	0	1
	Using the xpath command with namespace declarations (xmlns='mynamespace') Splunk's xpath documentation does not show any examples on how to use the xpath command if the XML contains namespace... by yeahnah Motivator in Splunk Search 02-12-2025 0 2	0	2
	Python splunk-sdk vs Python requests library Is there any particular reason for using Python splunk-sdk over standard restful API libraries or tools (such as Pyth... by DavidGuarneri Path Finder in Splunk Search 02-12-2025 0 1	0	1
	Can't format table with stats to exclude unwanted matches Good day, I'm hoping someone smarter than me can help me figure this out. In the search below, I'm trying to correlat... by dtaylor Path Finder in Splunk Search 02-12-2025 0 9	0	9
	Query for sender, recipient(s) and sender's IP Hello,Below is a sample for a single message from Proofpoint log. It looks simple, but I am struggling to write a que... by SplunkUser001 Explorer in Splunk Search 02-11-2025 0 5	0	5
	extract all the key-value pairs from the json data Hi splunk team, I have a question about how to extract the key-value pair from json data. Let's say for example I hav... by darrfang Explorer in Splunk Search 02-11-2025 0 3	0	3
	search by Http code 500 is not working Team,when we search by http code 500 internal server error in the Splunk is working fine. the same query which we use... by BalajiRaju Loves-to-Learn Everything in Splunk Search 02-11-2025 0 15	0	15
	Display Dashboard in Stacked row Hello There,I'm having 3 panles, where i need to display panel 1 in left side, In the same row I need to display Panl... by smanojkumar Contributor in Splunk Search 02-11-2025 0 3	0	3
	Combining multiple text strings and fields into one common field I'm wondering if anyone could advise on how to best standardize a log of events with different fields. Basically, I h... by apiprek2 Explorer in Splunk Search 02-11-2025 0 2	0	2
	Exclude Names from a dashboard How do I exclude 6 names from my dashboards? They come up in all my multiselects and several panels by emkenick New Member in Splunk Search 02-10-2025 0 3	0	3
	Extract names and ids within array I have the following log from splunk where i want to extract names and their respective ids. Please help with the spl... by Tajuddin Explorer in Splunk Search 02-10-2025 0 6	0	6
	ignore a line in splunk payload if a variable is null Hi,I want to ignore below line inside splunk alerts payload if email address is not provided buy user."action.email.t... by guru333 Engager in Splunk Search 02-10-2025 0 1	0	1
	check if url in a lookup match logs Hello, I have a lookup with url like urlwww.url.com.url.comsite.url.com And i try to match it with my proxy logs to c... by y4m373 Explorer in Splunk Search 02-10-2025 0 5	0	5