Splunk Search

Community Activity

	How can I find values present in one table but not in other without subsearch? I have to prepare reporting dashboards in Splunk for which I used this query until now: field1=GTIN_RECEIVED field2... by bhavyajain Engager in Splunk Search 04-30-2022 0 2	0	2
	How to add + or - before a percentage? hello I use the search below in order to calculate a percentage But I need to add + if s > s2 and - if s2 < s How to ... by jip31 Motivator in Splunk Search 04-30-2022 0 4	0	4
	How can I rename items with SPL query? Hello Splunkers, How can i rename all the OrderNumber1, OrderNumber2, OrderNumber3 as OrderNumber. And Country1, Coun... by uagraw01 Motivator in Splunk Search 04-30-2022 0 6	0	6
	Is it possible to round the current time in a quarter of hour ( quarter superior)? Hi Is it possible to round the current time in a quarter of hour ( quarter superior) For exemple if its 9h56 i would ... by jip31 Motivator in Splunk Search 04-30-2022 0 9	0	9
	How to filter search result using a multi field lookup table? So, I am trying to use a lookup table spammer.cvs to filter out results from my search but can't get the filtering lo... by edhealea Path Finder in Splunk Search 04-29-2022 0 4	0	4
	How to create a chart of the error rate over time? Hi, I would like to create a chart of the error rate over time. I have data that shows status= DOWNLOAD_COMPLETE an... by tmtcollins Explorer in Splunk Search 04-29-2022 0 2	0	2
	Could someone aid with this Regex Regex for From: FA.south dam.australia-mb.ccjbhneed to get only: ccjbh by shreyasamin64 Explorer in Splunk Search 04-29-2022 0 4	0	4
	Is there a way to search for a comma in Splunk query? is there away we can search for a , to find multi locale or multi country basically instead of the underlined index=... by siksaw33 Path Finder in Splunk Search 04-29-2022 0 2	0	2
	How to get subset of lines from log Hi,We have requirement where we have to get the start till end log of one process and when we get the log we can see ... by Splunklearning2 New Member in Splunk Search 04-29-2022 0 5	0	5
	How to extract events from logs Hi All, I have number of events with error srtring in event.I need to fetch al the events with error string except... by vineela Path Finder in Splunk Search 04-29-2022 0 1	0	1
	Correlate events from different indexes with different field names & values Hi, how can i correlate events from different indexes when both( field names and values) are different ?For example:... by neerajs_81 Builder in Splunk Search 04-29-2022 0 11	0	11
	Why is my Splunk query not working for certain time range? i have a query to pull out stats and counts based on incoming applictiond and request path it gave me stats when i t... by ram_splunk New Member in Splunk Search 04-28-2022 0 1	0	1
	How to search for an id where its column values does not include a certain value Hi everyone, I am new to SPLUNK and I am trying to search for distinct IDs where its PRODUCT column does not include ... by amanda_dg Engager in Splunk Search 04-28-2022 0 9	0	9
	How retrieve value of second matching word? In a log if there are two similar words with different value , how to retrieve value of second word using regex ? Exa... by Aks_PC_20 Engager in Splunk Search 04-28-2022 0 7	0	7
	How can I optimize my search to run faster? Hello Splunkers While running the attached query, results are populating very slow. From that query i want to achieve... by uagraw01 Motivator in Splunk Search 04-28-2022 0 5	0	5
	How to display only the result corresponding to the current time? hello From the search below, I need to display only the result corresponding to the current time It means that if it'... by jip31 Motivator in Splunk Search 04-28-2022 0 2	0	2
	How to search multiple values using wildcard in a field? I am producing some stats in splunk but I want to extract data for about 10 uri_method instead of 100s currently disp... by nbhat Explorer in Splunk Search 04-28-2022 0 4	0	4
	Bad passwords logged in the DC Netlogon logs: Bad passwords logged in the DC Netlogon logs:for a specific account name: index=cim sourcetype=netlogon host=dc "0... by Bis Loves-to-Learn Lots in Splunk Search 04-28-2022 0 0	0	0
	How to find time between similar events? Hello, We are looking to create a search that will return when two similar events occur within 1 second of each other... by dl-it-serveradm Engager in Splunk Search 04-28-2022 0 3	0	3
	Error auto-canceled search Dear professional,I want to get the log size of each service in an index.This is my search stringindex="hcg_oapi_prod... by lamnguyentt1 Explorer in Splunk Search 04-28-2022 0 1	0	1
	Search for multiple apperances of a pattern in a field Hi, is there a way to search for more than one appearance of a pattern in a string?For example:Commandcmd.exe c:\wind... by KMoryson Explorer in Splunk Search 04-28-2022 0 4	0	4
	Splunk Query about Port Scanning attack attempts Hi Team,Please help me out in this case.I am searching the Port Scanning attack attempts by the following query.Spoil... by zeeshantayyab Loves-to-Learn in Splunk Search 04-28-2022 0 3	0	3
	How to compare the results of 2 single panel between 2 different dates? Hi I need to compare the results of 2 single panel between 2 different dates The first single panel concerns the resu... by jip31 Motivator in Splunk Search 04-27-2022 0 7	0	7
	Where can I start a new Splunk Search Can you please point me to the start up screen , where I can start a new search. by gilbert3 Engager in Splunk Search 04-27-2022 0 1	0	1
	Why does tstats returns events by sourcetype, but search doesn't? I have been using tstats to get event counts by day per sourcetype, but when I search for events in some of the ident... by jeremyhagand61 Communicator in Splunk Search 04-27-2022 0 3	0	3