Splunk Search

Community Activity

What is the configuration so that the following events show independently in the Splunk search? Could someone help me with the Splunk configuration so that the following events show independently in the Splunk sea... by cesarbmx Engager in Splunk Search 05-11-2022 0 2	0	2
How to create a drop down with add and remove choices that will then remove or add the user? Would like a way to create a drop down with add and remove choices that will then remove or add the user from the loo... by Italy1358 Path Finder in Splunk Search 05-11-2022 0 6	0	6
Why does this field extraction and rex give different results? I'm completely stuck here. I'm trying to extract the "Path" from a logfile with this format: Time: 05/10/2022 11:26... by tfilip Engager in Splunk Search 05-11-2022 0 2	0	2
How to extract desired data from search result? Hi Team, We are trying below search: index=index_123 host=xyz source="/sys_apps_01/pqr/logs/xyz/mapper_xyz.log" Con... by sneha03 New Member in Splunk Search 05-11-2022 0 2	0	2
How to filter Specific Data from a host? Hi there - I am trying to filter out some noisy rules in a specific firewall (FWCL01) from being ingested into splunk... by nick_currie Path Finder in Splunk Search 05-11-2022 0 6	0	6
Help creating search to combine multiple message lines to create timechart We have Splunk setup in our firm and our application logs writes TLS connections information that span across multipl... by varadack Engager in Splunk Search 05-11-2022 0 7	0	7
Help showing top tenants by number of hosts in pie chart I would like to make a pie chart which shows the Top 10 tenants by number of hosts and then put everything else under... by marcorivera Loves-to-Learn Lots in Splunk Search 05-11-2022 0 3	0	3
How to add Filler gauge cpu/ram to dashboard? Hi I have this json in my splunk : Serverip, serverRamUsage, TotalRAM, ServiceRAMUsage, serverCPUUsage, TotalCPU, Ser... by lorineg1 Observer in Splunk Search 05-11-2022 0 0	0	0
How to set this date search automatically? Need to set alert for yesterdays date search index=* namespace="dk1017-j" sourcetype="kube:container:kafka-clickhouse-snapshot-writer" message="*Snapshot event pu... by bhaskar5428 Explorer in Splunk Search 05-11-2022 0 5	0	5
Correlating logs from two different sources Hi Team,I have two log sources ,say x and y.For x we need to extract a field x1 and then for each x1 we need to take ... by sneha03 New Member in Splunk Search 05-10-2022 0 1	0	1
Drilldown option is not working for Custom Search Hi there, I am trying to enable drilldown on a dashboard view to use a custom search(see below search string snippet)... by Trex1 Explorer in Splunk Search 05-10-2022 0 10	0	10
Subsearch using time from lookup in main search I am performing a lookup in a main search which returns earliest_event and latest_event timestamp values. I would li... by adamblock2 Path Finder in Splunk Search 05-10-2022 0 1	0	1
Splunk integration with grafana Splunk newbie here!My usecase is to1. monitor AWS EC2 webserver metrics (how do I push cpu, iostat, other stats to sp... by icykewl New Member in Splunk Search 05-10-2022 0 1	0	1
How do I select first and second match as separate fields using Rex? Hello, I have 1 field in Splunk which contains 2 short email headers in plain-text, for example: From: Me (me@... by aherrington Path Finder in Splunk Search 05-10-2022 0 7	0	7
Why does the map search break my base search? So I have this search looking to send emails to people logging into a legacy SH, but the map command breaks my result... by andrew_burnett Path Finder in Splunk Search 05-10-2022 0 11	0	11
How to change Splunk Health Status - Red? Currently, Splunk cloud health is in RED. We are unable to search any query. Please help me to overcome from this cir... by alexspunkshell Contributor in Splunk Search 05-10-2022 0 2	0	2
How do I filter-out the 'resultToToss' based on the fact there's only 1 'SecondaryField' result for it? I am trying to create a Splunk Alert which -- well, the details will take too long to explain  The issue is that I'm... by ttovarzoll Path Finder in Splunk Search 05-10-2022 0 6	0	6
Why is only the first word of the value is getting extracted? Hello!I'm trying to pull in full product names into a table, but only the first word is getting pulled in. The field ... by KyleMcDougall Path Finder in Splunk Search 05-10-2022 0 6	0	6
Help on chart from subsearch- How to display a bar chart with the site field in x axis hello I need to display a bar chart with the site field in x axis For each site, I need to display 2 bar The first ba... by jip31 Motivator in Splunk Search 05-10-2022 0 1	0	1
How to Calculate time difference with _metrics events? We recently started working with metrics data. The application is sending metrics events with the dimensions: compone... by jordanking1992 Path Finder in Splunk Search 05-10-2022 0 0	0	0
How to Move the table values to the top with query? Hii,I have a data in the Splunk table like the below image. Arista ConsoleRule Host ... by vinod743374 Communicator in Splunk Search 05-10-2022 0 2	0	2
How to search a list of servers from a text file? Hello, I have been given a list of 40 servers in a text file, all servers are separated by commas for example: server... by supersnedz Path Finder in Splunk Search 05-10-2022 0 3	0	3
Why does Splunk query not return Count? Hi, I am running below query and expecting count of failureCount, warningCount in table as total count (1 row only), ... by dezmadi Path Finder in Splunk Search 05-10-2022 0 4	0	4
What can be the query so that i can display the field " API.V1.WEBS_ENTITLED_PRODUCTS" and not its value? I have the logs in this way : measures: {<!-- --> API.V1.WEBS_ENTITLED_PRODUCTS: 296 success: 300 } what can be... by payyachamy Observer in Splunk Search 05-10-2022 0 5	0	5
How to convert seconds into hours, minutes and seconds? Hi all I'm not sure if somebody already asked a question like mine.How can I convert a field containing a duartion (n... by Simon Contributor in Splunk Search 05-10-2022 2 18	2	18