Splunk Search

Community Activity

	How to create a search to join 2 csv files? Hello, I have 2 CSVs in my splunk: Alert.csv having below columns and data: Alert_Header Alert_type Date JNA/athe... by jinishshah Explorer in Splunk Search 04-13-2022 0 3	0	3
	Heavy Forwarder Search i have a need to search the HWF for the apps that are currently used frequently and also which apps are sending data ... by fmcgheeSplunk Splunk Employee in Splunk Search 04-13-2022 0 1	0	1
	How to extract info from nested data with specific parameter? I need to extract the Activity Score and Application UXI Average but only when the Application Name is a certain na... by paulito Explorer in Splunk Search 04-13-2022 0 2	0	2
	How to add values from different Indexes? Hello, I would like to add values from a search in one index and then to the result of another search from a differ... by diegomedinar New Member in Splunk Search 04-13-2022 0 3	0	3
	PROPS Configuration for text file with header Hello,I have a text source file with header. Some sample events (first line is a header) and props that I wrote given... by SplunkDash Motivator in Splunk Search 04-13-2022 0 11	0	11
	How to proceed to get only the Status column in the request? Hello,I have the request which normally show 4 rows, I need to display only one row with only the Status column. ind... by kwy Loves-to-Learn in Splunk Search 04-13-2022 0 1	0	1
	How to use thousand comma separator for chart command? Hi Everyone, below is my query to use thousand comma separator: \|inputlookup abc.csv \| chart sum(field1) as field1 ... by ND Path Finder in Splunk Search 04-13-2022 0 1	0	1
	How to Extract fields with alphanumeric values? I have to extract the highlighted value as a single field in splunk. Any help. by inkedia Explorer in Splunk Search 04-13-2022 0 4	0	4
	How to Parse Json array with inner condition? I cant seem to find an example parsing a json array with no parent. Meaning, I need to parse: [{"key1":"value2}, {"ke... by ofer_s Loves-to-Learn in Splunk Search 04-13-2022 0 1	0	1
	Are there any public whitelist databases that can be used to filter good network traffic? i want to have an overview of malicious network traffic in my network and i decided to filter out all the "good" traf... by splunkboob Explorer in Splunk Search 04-13-2022 0 1	0	1
	How to a query so that all the values in quotes are replaced by a placeholder? Considering a field like : field=select id from table where id In ["123","12"] limit 1 field=select id from table wh... by yk010123 Path Finder in Splunk Search 04-12-2022 0 2	0	2
	Receiving timestamp parsing error I am trying to set timestamp for the event : ======== Sat Mar 19 16:33:08 2022 -05:00 LENGTH : '228' ACTION :[7] 'CO... by vjsplunk Loves-to-Learn Everything in Splunk Search 04-12-2022 0 5	0	5
	Why splunk Search returning duplicates? As shown below I have only two events present on my indexBut when i execute the below search queryindex = **** \|rex f... by karthi25 Path Finder in Splunk Search 04-12-2022 0 3	0	3
	How can I count values by a subgroup? I have the following data : ServiceMessageService1Hello worldService2Another messageService1Hello worldService1Some ... by yk010123 Path Finder in Splunk Search 04-12-2022 0 2	0	2
	How to compare field with current weeks Monday? These are ticket platform logs with field 'lastupdated' which contains time and date [2022-04-12 12:12:17.160000+00:0... by ojtoids Explorer in Splunk Search 04-12-2022 0 1	0	1
	How to compare two fields from two different source types? Hello everybody, This is actually my first post here so forgive me if I missed up or posted in the wrong section. I'm... by ahmed_aladwani Engager in Splunk Search 04-12-2022 0 1	0	1
	How to write a query for average TPS and average response time in a single table? Hi, I am trying to write a query that would get me the average TPS and average response time for services in the same... by mrigs13 Explorer in Splunk Search 04-12-2022 0 10	0	10
	How to get my splunk to open my last file explorer when I go to export some results? I have a dashboard setup that returns a few searches for my organization. When I click the export button underneath t... by bheptinstall Engager in Splunk Search 04-12-2022 0 2	0	2
	How to Remove Rows With "NULL"? Greetings Splunk Community, I am currently working on a search and I am trying to drop rows that have "NULL" in them.... by jpfrancetic Path Finder in Splunk Search 04-12-2022 0 1	0	1
	How to filter out event in Splunk -IP address search via CIDR Hey Team, I have some 150+ ip addresses in CIDR format (IE 96.24.0.0/16, etc) , i am getting my search result with on... by saurav47 Loves-to-Learn Lots in Splunk Search 04-12-2022 0 1	0	1
	How to combine 2 searches with same value and field name. I have 2 searches and I want to link 2 together in one table.The first search: index=very_big_index caseNumber=123456... by Allene139 Explorer in Splunk Search 04-12-2022 0 4	0	4
	How to search for group user activities based on Login Logout time? GentlemenMy raw events have a field called login_time which has values of format ( 2022-04-11 10:52:08 ) . This is t... by neerajs_81 Builder in Splunk Search 04-12-2022 0 6	0	6
	Splunk API - JSON Expecting value: line 1 column 1 (char 0) Hi Team, when I use curl - I am able to get the output in JSON format. But when I am trying to use requests module, I... by bijodev1 Communicator in Splunk Search 04-12-2022 0 7	0	7
	Compare results from lookup and search - with a twist! Hi all, New to splunk and i have seen that this has been asked many times but most of the results are based on matchi... by greekleo89 Loves-to-Learn Everything in Splunk Search 04-12-2022 0 9	0	9
	Merging data from 2 different sourcetypes Hi All, I have two sourcetypes in the same index, however the fields names are different but the value is same for t... by neerajs_81 Builder in Splunk Search 04-12-2022 0 3	0	3