Splunk Search

Community Activity

How to take the output from one search and use data to search again within the same index but a different sourcetype? I have what is hopefully a really straightforward issue. Essentially I want to take the output (data within a speci... by qcjacobo2577 Path Finder in Splunk Search 05-27-2022 0 12	0	12
Tenable Add-On for Splunk- How can I filter the results based on the scan name? For the latest version, Version 5.2.4, I have vulnerability data coming in from Tenable.SC. How can I filter the resu... by osasfrancis Path Finder in Splunk Search 05-27-2022 0 3	0	3
How to extract the value before a specific character using regex or rex? I would like to extract the string before the first period in the field using regex or rex example: extract ir7utbws... by leagawa New Member in Splunk Search 05-27-2022 0 4	0	4
How to list out all the lookups and display count of records present in each lookup? Hi Friends, I am trying to list out all the available splunk lookups and want to display count of records present i... by himanshu1 Loves-to-Learn Lots in Splunk Search 05-27-2022 0 2	0	2
Exclusion of values on dashboard- How to fix this? Hi, I have an filter for selecting the country values, provided this as a drop down. we have options like singapore,m... by sahana Engager in Splunk Search 05-27-2022 0 7	0	7
How to extract multiple values from a single value in a field? I have a field called "Risk Type" that has categorical data associated with the type of risk of an event. For example... by xoamanda12xo Explorer in Splunk Search 05-27-2022 0 4	0	4
Is there an alternative to append? Hello, Splunkers! Need help in finding the alternative to the append command.I have a data with 8 fields [say A,B,C,D... by Vikasreddys Engager in Splunk Search 05-27-2022 1 4	1	4
How to run a search query with a scheduler (crontab) I would like to run a search query every few min, how can i do that.E.g. index = "a" sourcetype = "b"Any help is appr... by YungLee Engager in Splunk Search 05-26-2022 0 1	0	1
How to get a count of active transactions to visualize in timechart? I have a transactions defined by users logging in and out. The Goal is to have a timechart showing count of active t... by giovere Path Finder in Splunk Search 05-26-2022 0 8	0	8
WinEventLog - Appliction and Services Logs- Does anyone have a doc or suggestion? Trying to collect information from a sub folder in a Windows server event log. Specifically in the Applications and S... by ttiller Engager in Splunk Search 05-26-2022 0 5	0	5
Appending lookup fields into search Hi guys, I'm a splunk noob here and I'm going nuts. I know this is an extremely simple search and I can't get it ri... by weetabixsplunk Explorer in Splunk Search 05-26-2022 0 11	0	11
Legacy users have issue with how splunk work, How can I help them use Splunk effectively? HiSome users complain about Splunk search. Before Splunk, they simply open the log file and look for issues. 1-As you... by indeed_2000 Motivator in Splunk Search 05-26-2022 0 4	0	4
How to update the table token results depending on the dynamic token selected on radio and passit to multiple link list? Hi Splunkers, Is it possible to make a dynamic token results based on the radio and multiple link with same token val... by kelz Explorer in Splunk Search 05-25-2022 0 1	0	1
How to create custom command search? Hi guys, I'm using splunk 8.0 I want to create a command that can send some infos to another via web or api. I read t... by lnn2204 Path Finder in Splunk Search 05-25-2022 0 4	0	4
Why am I receiving error on cidrmatch case statement? I am having trouble getting this case statement to work (I receive "Error in eval command"): \| eval match=case(ci... by mistydennis Communicator in Splunk Search 05-25-2022 0 2	0	2
How to split multi-line events at search time? I have events that look like this: [abc] logline1 [def] logline 2 [ghi] logline 3 and I would like to split those ... by aa123s Explorer in Splunk Search 05-25-2022 1 9	1	9
How to find values that are larger than average? Hi, I am trying to create a query to get all values that are larger than the average value. I have a file size field... by splunkuser320 Path Finder in Splunk Search 05-25-2022 0 1	0	1
How to rex extract two last word? Hi how can I extract only last 2 word that exist in className I have log like this: 2022-05-24 16:29:51,918 INFO [APP... by indeed_2000 Motivator in Splunk Search 05-25-2022 0 2	0	2
How to divide the results of a timechart by statement? Hi I have a basic statement, however, I want the answers to be in per second. So I need to provide all the results by... by robertlynch2020 Influencer in Splunk Search 05-25-2022 0 2	0	2
How to write search with multiple BY clause in chart/stat column? Hello,I have a query which returns Planned_Sprint, Total Hours,Actual Hours,Team,Type. Now i want a stacked bar and l... by GOSWAMIGAURAV Explorer in Splunk Search 05-25-2022 0 8	0	8
How would I write the following if statements in Splunk? How would I write the following statements in Splunk?Variables are start_access and last_accessStatementIf 20 days ha... by troy44112 Explorer in Splunk Search 05-25-2022 0 1	0	1
How to search Data correlation solution Hi Community, I have this problem about data correlation, here's the detail. The source file is a test result summary... by cecilia_cheng1 Explorer in Splunk Search 05-25-2022 0 10	0	10
Why do we have the --not exporting configurations globally to system-- message? We have this message popping out - -- Search peer SH name has the following message: Health Check: One or more apps... by danielbb Motivator in Splunk Search 05-25-2022 0 7	0	7
How to Fill Null for fail or exception Hi here is my spl, that show different status: index="myindex" \| rex "status\[(?<status>\w+)"\| stats count(status) by... by indeed_2000 Motivator in Splunk Search 05-25-2022 0 4	0	4
Help comparing outputcsv to inputcsv Hi Team.I have a big ol search that tables a bunch of resource usage data. Now i smack and outputcsv on that badboy, ... by michaelnorup Communicator in Splunk Search 05-24-2022 0 4	0	4