Splunk Search

Community Activity

	Python 2.7 present and shouldn't be I am getting an integrity check error on /opt/splunk/bin/python2.7 that says present_but_shouldnt_be. I can find the ... by cmuesing Explorer in Splunk Search 01-22-2025 0 8	0	8
	Block IP addresses by creating lookup file Hello,We have a field called client_ip which contains different IP addresses and in events different threat messages ... by Karthikeya Communicator in Splunk Search 01-21-2025 0 6	0	6
	Logs i want to know in which index is microsoft defender logs getting stored , I know some important fields which are ther... by SN1 Path Finder in Splunk Search 01-21-2025 0 2	0	2
	Capture similar strings in the logs Is there any way to search for similar strings dynamically in different logs?I want to group unique error string com... by poojak2579 Path Finder in Splunk Search 01-21-2025 0 13	0	13
	return results even when the count of a field value is zero Stupid form editor adds extra CRs.Having trouble getting this search to work as desired. I've tried these 2 methods a... by JyPl4wNYu7GV1uL Explorer in Splunk Search 01-21-2025 0 2	0	2
	Need Help with Splunk Alert I need help with below splunk query index=XXX_XXX_XXX \| eval job_status=if( 'MSGTXT' = "ABEND","ko","ok") \| where... by Amit79 Loves-to-Learn Everything in Splunk Search 01-21-2025 0 1	0	1
	Limit to first 10 counts Hello community,I am having a problem displaying a graph. I have an index that contains incidents from several monito... by Rajaion Path Finder in Splunk Search 01-21-2025 0 3	0	3
	How to Check the times from 2 Events and alert if over 15 mins So I have an Index which contains the following"Starting iteration"on 1 event and "Stopping iteration" on another eve... by LizAndy123 Path Finder in Splunk Search 01-21-2025 0 7	0	7
	Use Lookup Table with IP addresses to search in Splunk and find hostnames that match the IPs I have a lookup table with a bunch of IP addresses (ipaddress.csv) and a blank column called hostname. I would like t... by Obsidian_RS400 New Member in Splunk Search 01-21-2025 0 1	0	1
	Given variable as value of field and not token I have such a search and it works fine but not in Dashboard! index=unis \| search sarch \| eval name = coalesce(C_... by woodman2 Loves-to-Learn Everything in Splunk Search 01-21-2025 0 5	0	5
	Splunk searches does not return expected values even though the data is completed Hi, We recently migrated from a standalone Search Head to a clustered one. However, we are having some issue running ... by josephp Loves-to-Learn Everything in Splunk Search 01-21-2025 0 3	0	3
	Need stats count per host and process_name Right now a have a table list with fields populated where one process_name is repeating across multiples hosts with s... by deckard1984 Engager in Splunk Search 01-21-2025 0 3	0	3
	Logs are showing raw, how do I get them to show as highlighted? When I click on the raw log and back out of it it shows up as highlighted. How do I default the sourcetype/source to ... by bryhoffman Explorer in Splunk Search 01-21-2025 0 4	0	4
	search with sub search doesnt get the correct defined time range Hey, lately i was working on an SPL and wondered why this aint working. This is simplified index IN(anonymized_inde... by splunkinator53 Explorer in Splunk Search 01-20-2025 0 4	0	4
	Howto escape double quote in regex when using rex I have the following regex that I (currently) use at search time (it will be a field extraction once I get it ironed ... by jmartens Path Finder in Splunk Search 01-20-2025 0 3	0	3
	Loop through splunk search for multiple values I want to get the below search executed and display the results in a table for all comma separated values that gets p... by anmohan0 Explorer in Splunk Search 01-19-2025 0 3	0	3
	Using Machine Learning Toolkit to detect auth abuse Hello,I’m trying to tune Machine Learning Toolkit in order to detect authentication abuse on a web portal (based upon... by patpro Path Finder in Splunk Search 01-19-2025 0 0	0	0
	How can we show events prior to the one that matches the criteria? We have a case where we can search and find events that match the search criteria. The client would like to see the e... by danielbb Motivator in Splunk Search 01-19-2025 0 3	0	3
	How to refresh multiselect options with Javascript (re-execute the mutliselect search) We have a custom dashboard in Splunk that has a few filters, one of which is a multiselect. This dashboard allows use... by Afterimage Engager in Splunk Search 01-17-2025 0 3	0	3
	Search using IF statement Hi All, Could you please help me with " if "query to search a condition is true then need to display some values f... by tech_soul New Member in Splunk Search 01-16-2025 0 4	0	4
	List of the indexes that do not have attached a self-storage Hi,I'm trying to get a query for a table containing all the indexes that do not have a self storage attached, but I c... by esteban593 Explorer in Splunk Search 01-16-2025 0 4	0	4
	Use Case for Privileged Users, SPL Question I'm trying to create a search in which the following should be done: - look for a user creation process (ID 4720) - ... by avoelk Communicator in Splunk Search 01-16-2025 0 3	0	3
	Why does tstats command alter time stamps when I run it by _time? I am wondering why tstats command alters time stamps when I run it by _time. \| tstats values(text_len) as text_len v... by LIS Path Finder in Splunk Search 01-16-2025 0 8	0	8
	Monitoring email status Hi everyone!My goal is to create an alert to monitor in ALL saved search if there's any email that no longer exist (m... by nonno_pinto Explorer in Splunk Search 01-16-2025 0 1	0	1
	Make table column header indicate the sort order of data in underlying search results? I want the sort indicators (up/down arrowheads) in table visualization column headings to reflect the default sort or... by Graham_Hanningt Builder in Splunk Search 01-16-2025 0 7	0	7