Splunk Search

Community Activity

Retrieving data from one query and using it to find data from another I have a query From source A that i need to get a list of 3 parameters back and for one of these parameters which is ... by momagic Engager in Splunk Search 01-31-2025 0 2	0	2
Splunk is not displaying the latest time of lookup updated Splunk is not displaying the latest time of lookup updated \| rest /servicesNS/-/-/data/lookup-table-files \| search ... by ganji Explorer in Splunk Search 01-31-2025 1 9	1	9
Formatting in CSV when using Stats I'm using stats to group sets of data by IP C blocks. When I export the data I am looking for( in this case multiple... by NicholasC Explorer in Splunk Search 01-31-2025 3 14	3	14
Data Display I dont get why the uploaded data is displayed like this. I am unable to create dashboards as it is not identifying al... by Aedah New Member in Splunk Search 01-30-2025 0 4	0	4
Adding another column to table Hello, I am trying to add another index column to this table. Currently using the search below.\| tstats count where i... by anthony_king Engager in Splunk Search 01-30-2025 0 3	0	3
See the results of Splunk alerts in a search. I'm trying to optimize the alerts since I'm having issues. Where I work, it's somewhat slow to solve the problem (1 t... by Aresndiz Explorer in Splunk Search 01-30-2025 0 3	0	3
Need a help with Query Below was the question for me"I need a running report to be exported, with the number of errors on each of the servic... by SR Observer in Splunk Search 01-30-2025 0 4	0	4
Filtering logs for a string only based on date Hi All, I have a requirement where I need to filter the virtual machine outage occurrence from the kernel logs. I... by shenoyveer Path Finder in Splunk Search 01-30-2025 0 20	0	20
rename field with * Hi i have a field with name server__count. the is coming from an input dropdown ALL where value is * how can i ren... by secure Path Finder in Splunk Search 01-29-2025 0 4	0	4
breaking multiple mv fields into single events based on array index I have data that looks something like this, coming in as JSON:time, application, feature, username, hostnameThe probl... by pmdba Builder in Splunk Search 01-29-2025 0 2	0	2
writing a splunk query to isolate login event im trying to write a splunk search to extract the user id and time of a login. log sample below: trx# datetime ... by pc1234 Explorer in Splunk Search 01-29-2025 0 1	0	1
Need help to format result I'm trying to add up 2 values per minute to display the max total value per hour. This is my search result. As you c... by Splunked_Kid Explorer in Splunk Search 01-29-2025 0 3	0	3
How to get latest SID I am using splunk-sdk in my python code, I want to get latest sid of saved report each time it is refreshed.I tried u... by gk33 New Member in Splunk Search 01-29-2025 0 1	0	1
Search result evaluates to true when it is false Hello, trying to figure out why this eval statement testing for a null value always evaluates to "true", even when th... by shaunm001 Path Finder in Splunk Search 01-29-2025 0 4	0	4
Parsing Hello community,I need help with configuring Splunk to correctly process timestamp information in my UDP messages. Wh... by user3344 Engager in Splunk Search 01-29-2025 0 6	0	6
Rearrange the stats output. Team,I got stats output as below and I need to rearrangestats current output :-transaction_id source count12345 ... by onthakur Explorer in Splunk Search 01-29-2025 1 3	1	3
How do I keep the value of the minutes in a span=1h timechart if I want to keep only the max value of the hour. Hello, I'm trying to add up the MIPS of each of the partitions per minute and then keep only the maximum MIPS per day... by Splunked_Kid Explorer in Splunk Search 01-28-2025 0 5	0	5
Search same transaction_id in 2 different services. Team, I have a situation where user is calling service 1 and then service1 calls service2 using same transaction_idso... by onthakur Explorer in Splunk Search 01-28-2025 0 3	0	3
Filter field only if it exists Good day, I'm having an issue with an email dashboard I'm attempting to create in Splunk. This dashboard filters on t... by dtaylor Path Finder in Splunk Search 01-27-2025 0 8	0	8
How to search for serach with 746 lines I need help with the structure of this searchindex=indexnameI need help with the structure of this search I would lik... by bond77s Explorer in Splunk Search 01-27-2025 0 6	0	6
Help on a REX extract - and count So I have an IndexIndex= xxxxxx "Stopping iteration"I have the rex for getting the unique IdEvent Sample : Stopping i... by LizAndy123 Path Finder in Splunk Search 01-27-2025 0 6	0	6
Manual Search and Alert providing different number of events searched/output as result Hi Splunkers! The issue I am having is regarding different results from alerts when some condition is met, compared t... by CrossWordKnower Explorer in Splunk Search 01-27-2025 0 6	0	6
How to search a string Hi Community, please help me how to extract BOLD/underlines value from below string:[2025-01-22 13:33:33,899] INFO Se... by RGullur New Member in Splunk Search 01-26-2025 0 5	0	5
custom aggregation function for stats command Hello,I am building a splunk app , where I want to have my own custom aggregate function for stats command. Below is ... by welcomerrr Observer in Splunk Search 01-26-2025 0 6	0	6
How to get alert result through API? I'm calling the API from BTP IS and want to get the result of an alert that I created from before. My alert name is P... by BrianLam Engager in Splunk Search 01-26-2025 0 3	0	3