Splunk Search

Community Activity

Remove segmenters in search (lispy) for Norwegian characters Hi folks. Whenever you do a search in Splunk you can review the lispy in search.log. For example, if I search for my ... by hettervik Builder in Splunk Search 07-14-2022 0 4	0	4
How to create aa chart using xyseries command syntax? Dears, i would like to create chart that contain two different x axis and one y axis using xyseries command but i cou... by Ahmedkhalil Communicator in Splunk Search 07-14-2022 0 3	0	3
How to get values from a Splunk field to particular decimals? Hi Team,I have a field like below :Cost :0.45655345534530.00004354634660.00213456677880.0000000005657I want to get va... by Poojitha Communicator in Splunk Search 07-14-2022 0 4	0	4
How to find comman value from multiple watchlist Hi below is one of the requirementI have multiple lookuptableexample number name lookuptable1 abc ... by akshayinnamuri Loves-to-Learn Lots in Splunk Search 07-14-2022 0 2	0	2
Can't get past subsearch limit I seem to be stuck with the 100 result limit for a subsearch. I've changed maxout= to 10000 in limits.conf (and resta... by msallman Explorer in Splunk Search 07-14-2022 3 5	3	5
Whats the splunk equivalent of SQL IN clause What is the Splunk equivalent of an SQL IN clause. I want to run a query where some field has a value which is presen... by jmc82 Explorer in Splunk Search 07-14-2022 5 14	5	14
Making sense of stats results for 1 source to multiple destination Hi All, I have this simple search that shows logins from same SRC IP to multiple Destination hosts. Can someone pls... by neerajs_81 Builder in Splunk Search 07-14-2022 0 4	0	4
How to find common values between two searches? I have two queries from the same set of index and app names using different search terms from which I am extracting a... by shyam_v New Member in Splunk Search 07-13-2022 0 2	0	2
Any idea about the query optimization with using join or subsearch? Hi, I am trying to get all events with two different kinds of objectname(A or B vs C) but with the same username and ... by mchuli934 Loves-to-Learn Lots in Splunk Search 07-13-2022 0 3	0	3
How to create custom fields from syslog? Hello, I have the following log: Month date time, ip address, host, [system] 2022 194 16:15:14 X01: Freq error: phas... by Splunky21 Explorer in Splunk Search 07-13-2022 0 4	0	4
How to achieve using Eval equals to a field from lookup? Need some help. I can't wrap my head around this. Need to lookup a csv which contains clientip, and compare against m... by solaced Explorer in Splunk Search 07-13-2022 0 2	0	2
How do I add Vertical headers in dashboards? I am trying to override the standard CSS to format table header in order to rotate the text by 90 degrees. I need thi... by marios_kstone Path Finder in Splunk Search 07-13-2022 0 4	0	4
Suspicious behaviour of splunk when index log file- Log only showing events from 12:00-23:59 Hi I have suspecious behaviour of splunk when index log file. here is the issue when I search through yesterday log ... by indeed_2000 Motivator in Splunk Search 07-13-2022 0 10	0	10
How can I create a chart with the range start and end date in the y-axis? Example data : start_date end_date batch_name 2017-11... by venkatsivab New Member in Splunk Search 07-13-2022 0 3	0	3
Splunk Cloud: How to learn about status page? i am using splunk cloud and need to about splunk status page in that there are multiple services are there while ope... by sekhar463 Path Finder in Splunk Search 07-13-2022 0 5	0	5
Multi Line Field Extraction for XML Data Hello,I have XML files with Multi Line field values and have some issues with extracting those values. Sample field e... by SplunkDash Motivator in Splunk Search 07-13-2022 0 13	0	13
How to use eval to convert everything to same unit before indexing as metrics? Hello splunkers,I need your help to find a solution for the following issue.I have a log file as a source that I'm in... by djluke Path Finder in Splunk Search 07-12-2022 0 4	0	4
How to resolve error: Problem replicating config (bundle) to search peer. failed; error="Cannot resolve hostname". Problem replicating config (bundle) to search peer ' hostname:8089 ', Upload bundle="/SPLUNK/splunk/var/run/EF6-16xxx... by Sirius_27 Explorer in Splunk Search 07-12-2022 0 1	0	1
How to take an average of a time log? Hello peeps,Currently I have a list of processing times. And I am trying to create a dashboard that shows the average... by amaralt808 Path Finder in Splunk Search 07-12-2022 0 7	0	7
How to find same values in different sources? Our login page is developed by team1 and the main home page (After login) is developed by team2. The event logs from ... by Momgineer Engager in Splunk Search 07-12-2022 0 5	0	5
How to replace Unique Values? Hello, I have several events in the _raw field that add a unique identification number. I would like to replace thes... by mcscjlf Explorer in Splunk Search 07-12-2022 0 4	0	4
Is it possible to Search within a table on a dashboard? I have created a dashboard panel which displays events from a firewall log. Importantly, this panel is intended to s... by JunkyardDog New Member in Splunk Search 07-12-2022 0 1	0	1
How to Convert time format? Hi, i need to write a query that converts time format from minutes to format Xh Xmin Xs my query \| eval finish... by Edwin1471 Path Finder in Splunk Search 07-12-2022 0 1	0	1
How to Add multiple field values for the matching value of another field I want to create a query, that would combine all the duration values into one by adding them for each Time Date. The... by Edwin1471 Path Finder in Splunk Search 07-12-2022 0 3	0	3
CISCO ESA - simple search email query (sender, recipient,subject) Hi,I have Splunk 8.1.4 with Splunk Add-on for CISCO ESA 1.5.0. I also have the old app Cisco Secuirty Suite that eve... by corti77 Contributor in Splunk Search 07-12-2022 0 1	0	1