Splunk Search

Community Activity

	Why is splunk not detecting All Files during search? Hi, im currently facing problem where splunk can detect all my files in directory but when doing searching, splunk ca... by aamirulh New Member in Splunk Search 06-06-2022 0 1	0	1
	How to edit my regex to remove all text before ":" if there is more than one Hello Team, Splunkers, I am working on a correlation search and need to use a regex expression to strip all text bef... by nikolaevnz Engager in Splunk Search 06-06-2022 0 2	0	2
	How to use an evaluated field in search command? Could you please let me know how to use an evaluated field in search command index=main sourcetype="access_combined" ... by biju_babu Explorer in Splunk Search 06-06-2022 0 6	0	6
	How to create a kvpair from two automatically extracted JSON arrays? I'm in a situation where by sourcetype, I'm already having a nested JSON array broken into 2 fields: DeviceProperties... by mjones414 Contributor in Splunk Search 06-06-2022 0 2	0	2
	Is it possible to get dropdown token display name and value? Hi I have a dropdown in my dashboard studio which has some static values like TokenName: appName Display NameValueAp... by biju_babu Explorer in Splunk Search 06-06-2022 0 4	0	4
	How to sort based on column values? I have some data that's coming in as follows: "data": { "a": 100, "b": 200 } "data": { "a": 50, "c": 75 } ... ... by mldavis195 Explorer in Splunk Search 06-06-2022 0 3	0	3
	Why is extracted field not showing up in the results page? I have a search criteria with extraction, It seems to be extracting the value. But it's showing up in it's own column... by rmalghan Explorer in Splunk Search 06-06-2022 0 5	0	5
	Why is Automated lookup using kvstore collection not working? I have created a collection in app/local/collections.conf a matching lookup in app/local/transforms.conf I have 5 key... by wmuselle Path Finder in Splunk Search 06-06-2022 0 2	0	2
	Why is iplocation command returning wrong countries? Hi everyone I am currently getting logs from microsoft 365 and one of its panels shows the impossible simultaneous lo... by juancamiloll Explorer in Splunk Search 06-05-2022 0 4	0	4
	How to create rex for multiple fields? HelloGood Day!I have the events in the raw data where i want to extract the drive information into few field and con... by Veeru Path Finder in Splunk Search 06-05-2022 0 3	0	3
	How to extract Multivalue fields? Lets just say I have multiple events like this: names John Sam Todd favorite_colors Blue Yellow Green Each event mig... by shrek Engager in Splunk Search 06-04-2022 0 2	0	2
	How to calculate the average for all values in a single column? This one seems pretty straight forward, but I haven't been able to find an answer anywhere. I'm looking to calculate ... by jpolcari Communicator in Splunk Search 06-04-2022 0 6	0	6
	How to extract data from HTTP request payload? Newbie in Splunk here. How do I extract the value zzz@zzz.com(at the end of the below payload) in a new field named "... by thedonaldblake Engager in Splunk Search 06-03-2022 0 1	0	1
	How to create a search for proxy avoidance/bypass ? Hi I am using Cisco WSA proxy and i need help on creating a usecase for Proxy avoindance/bypass can you please help... by umeshchandra Observer in Splunk Search 06-03-2022 0 0	0	0
	How to calculate date and int columns? please i will be glad to get answer to this query \| eval InT = if(((lastpickupdate + DaysOfARVRefil + 28) > IIT), "... by ositaumeozulu Explorer in Splunk Search 06-03-2022 0 3	0	3
	How to create an algo for finding card numbers? Hi All, I have been working on the luhn algorithm to validate the credit card. For that, I have used the below link q... by Kk Path Finder in Splunk Search 06-03-2022 0 2	0	2
	How to append rest command to my search? I need help to append this rest command to my query. The problem is that the rest command is adding to the first row ... by Italy1358 Path Finder in Splunk Search 06-03-2022 0 2	0	2
	Whaat is the tstats dynamic way to set the value on index to prevent wildcard? Hi Splunkers,I was wondering if this is possible on tstats command. Get the dynamic value from savedsearch result or ... by kelz Explorer in Splunk Search 06-03-2022 0 2	0	2
	How to create two multi value fields to produce a json object of name value pairs? I have this Query that produces two multi value fields, keys and values. What i need to do is pair each entry in the... by spinnerdog Explorer in Splunk Search 06-03-2022 0 3	0	3
	How to calculate duration? Hi, I try to calculate the duration I have extracted 2 fields, start_time and end_time -- I believe both times shoul... by edwinmae Path Finder in Splunk Search 06-03-2022 0 2	0	2
	How to use a field outside of map as map's search query? I have a field called query that's like so:(index="abc" OR index="def") (host="ghi" OR host="jkl") (sourcetype="mno" ... by yaharga Path Finder in Splunk Search 06-03-2022 0 7	0	7
	How to create Search for orphaned assets from a lookup - reverse wildcard? Hi, I am working on a way to find an orphaned asset based on asset inventory I have in a lookup, which looks somethin... by KMoryson Explorer in Splunk Search 06-03-2022 0 4	0	4
	Reg - How do I extract username? Hi All, I'm trying to extract the username from the _raw field using regex, how do I extract the username. The u... by Sasti Engager in Splunk Search 06-03-2022 0 6	0	6
	How to search with Splunk eval using a different search results to populate field value Hopefully I can explain this in a way where it can be understood and fingers crossed answered. I have a search that ... by michael92956 New Member in Splunk Search 06-03-2022 0 1	0	1
	How to extract only first word from a field value? Hi I need to extract only name values (first word value eg:james) from the below Name filed I tried with rex field=N... by sashib Explorer in Splunk Search 06-03-2022 0 4	0	4