Splunk Search

Community Activity

	How are our forwarders working without an Outputs.conf file so recently I went to troubleshoot some servers that were not showing up in our queries and that's when I discovered ... by Gregski11 Contributor in Splunk Search 06-15-2022 0 2	0	2
	Which permission do I need to share sourcetype with users? Hey everyone and I hope your having a great day!I have configured a custom field extraction in the Splunk search app ... by test2001 Observer in Splunk Search 06-15-2022 0 1	0	1
	How to extract a content or string between 2 strings AL9851 \| Z1 \| [https://example1.com/] recording played asia location is DownAL9851 \| Z1 \| [http://alphabeta/] record... by sekhar463 Path Finder in Splunk Search 06-15-2022 0 8	0	8
	How to include unique attributes to the result after comparing 2 different lists from 2 different searches ? Hi community, I have 2 different lists with fields as follow :list A - ip_address, source, account_idlist B - ip_addr... by vincentgoh98 Engager in Splunk Search 06-15-2022 0 2	0	2
	Help with Splunk search based on eventType dynamic table value Hello Team, I am new to splunk and have requirement to create table based on raw data This is how the data looks in s... by dmuley Explorer in Splunk Search 06-15-2022 0 12	0	12
	How to show same data for different timezones in single timechart ? I have a panel which shows the usage of a dashboard in GMT timezone. Is it possible to show the same data in differen... by sangs8788 Communicator in Splunk Search 06-15-2022 0 2	0	2
	ES Use case - How to detect an ongoing activity using Transaction ? Hello, Is there a way to use transaction command to let us know if an activity/attack is ongoing ?Scenario : Creat... by neerajs_81 Builder in Splunk Search 06-15-2022 0 7	0	7
	How to find an authentication activities of an app which is integrated via Azure AD ? If an cloud application like Servicenow or Salesforce is integrated with central authentication like Azure AD for aut... by dm1 Contributor in Splunk Search 06-15-2022 0 0	0	0
	How to get token of span used in timechart? Hello, I have a search (timechart) with a dynamic span (minspan=1h) Is there a way (token ?) to get the span used to ... by mxh7777 Path Finder in Splunk Search 06-15-2022 0 4	0	4
	How to combine similar values into one table column Hello everyone, I am having two events with different sourcetypes that have similar fields with similar values howeve... by aristidiskantas Engager in Splunk Search 06-15-2022 0 3	0	3
	How to find out tickets moved from one queue to other I have a real time Splunk index pushing records into two source types. Source type 1 holds fields including assignmen... by architkhanna Path Finder in Splunk Search 06-15-2022 0 12	0	12
	How to join three tables? I am trying parse data from three tables. In one table I have MAC_ADDR and HOST_NAME info, the second table has MAC_A... by npstr009 Explorer in Splunk Search 06-15-2022 0 6	0	6
	How to Fill missing times from stats command I am running something like the following. \| bin _time span=1s \| stats count by fuzz When doing this thou... by SMM10 Explorer in Splunk Search 06-14-2022 0 1	0	1
	How to extract the specific part for data from the file path? To extract the specific part for data from the file path, C:/Users/USSACDev/AppData/Local/Temp/WindowsAETemp/35018_22... by smanojkumar Contributor in Splunk Search 06-14-2022 0 2	0	2
	How to extract Json file format as Fields using props.conf and Transform.conf file? Hi ,Thanks in Advance, My json file . how to extract fields using props and transform configuration file. {<!-- -->"AAA": {<!-- -->"m... by karthi2809 Builder in Splunk Search 06-14-2022 0 11	0	11
	How to create a time series from a log file? I have a log file with a unique identifier (requestid) for a sequence of events. I want to show a breakup of all even... by amdosh Explorer in Splunk Search 06-14-2022 0 1	0	1
	How to add to search based on the token being set I want to add a few rex statements to my existing search based on the token being set. Please see example below. ex:\|... by amdosh Explorer in Splunk Search 06-14-2022 0 0	0	0
	Help with SQL query to Splunk Need a similar query for Splunk. SELECT a.[CUSTOMER ID], a.[NAME], SUM(b.[AMOUNT]) AS [TOTAL AMOUNT] FROM RES_DATA ... by davalabih Engager in Splunk Search 06-14-2022 0 4	0	4
	Windows based DNS, does anyone know of a few search examples i could utilize to look up DNS entries Like a A record? Windows based DNS, does anyone know of a few search examples i could utilize to look up DNS entries Like a A record p... by chrodriguez Engager in Splunk Search 06-14-2022 0 0	0	0
	Why are blob csv files are not formatted correctly? I have connected my blob storage to splunk the files are uploading to the index but the csv format is not working, ea... by mcohen13 Loves-to-Learn in Splunk Search 06-14-2022 0 0	0	0
	Why is .net SDK unable to run a blocking search? Hello all, if anybody had luck running a blocking search using the C# SDK, would appreciate your help.I am trying to ... by vinaypradhan Explorer in Splunk Search 06-14-2022 0 2	0	2
	Can you do Splunk Input with cv2? Thanks in Advance, I have a search setup to see whenever someone access's a certain document. This works just fine, ... by judges88 Explorer in Splunk Search 06-14-2022 0 5	0	5
	How to Transpose table and group by values of other column? Hi, Say I have this table: NameDateFlowsa2022-06-13 23:01:26200a2022-06-13 10:01:26301b2022-06-13 23:01:26504b2022-06... by yifatcy Path Finder in Splunk Search 06-14-2022 0 2	0	2
	\|search Necessary after DBXQUERY? When using DBXQUERY, is the a \|search needed after the query? \| dbxquery connection="DRTP-Connection" query=" ... by lennys26 Communicator in Splunk Search 06-14-2022 0 2	0	2
	Why am I Unable to use time for filtering events in the new dashboard? Hi Community, I have a dashboard that gives me an overview of the details. When I click on one of the rows it driv... by _pravin Contributor in Splunk Search 06-14-2022 0 0	0	0