Splunk Search

Community Activity

How to compare search results with lookup? Hello, everyone! During search I got table like this timehostuseractionresult12:24:06host1Alexaction1success12:48:32h... by bosseres Contributor in Splunk Search 04-14-2022 0 5	0	5
How to find the difference between the max value and the min value in the multi-value field combined by transaction? I want to find the difference between the maximum value and the minimum value in the multi-value field that has been ... by Msugiyama Path Finder in Splunk Search 04-14-2022 0 4	0	4
How to extract the whole string based on substring? I have a record that results because it matches a particular sub string. Now, I want to extract the whole string the ... by vastav_n New Member in Splunk Search 04-14-2022 0 4	0	4
How to limit dashboard view based on User's IP address? Hi,I have a dashboard and I need to limit the view of this dashboard to people with certain IP addresses.Is this poss... by POR160893 Builder in Splunk Search 04-13-2022 0 3	0	3
How to fill empty field values to 0 in Splunk ? I have data in below format in Splunk where I extracted this as Brand,Files,Size. Now at some places, where size is... by nilbak1 Communicator in Splunk Search 04-13-2022 1 15	1	15
How to add percentages to all the fields? \| lookup local=true ipasncidr_def CIDR as dest_ip output Organization \| lookup src_eonid_name.csv SRC_EONID OUTPUT "... by inkedia Explorer in Splunk Search 04-13-2022 0 2	0	2
How to create a search to join 2 csv files? Hello, I have 2 CSVs in my splunk: Alert.csv having below columns and data: Alert_Header Alert_type Date JNA/athe... by jinishshah Explorer in Splunk Search 04-13-2022 0 3	0	3
Heavy Forwarder Search i have a need to search the HWF for the apps that are currently used frequently and also which apps are sending data ... by fmcgheeSplunk Splunk Employee in Splunk Search 04-13-2022 0 1	0	1
How to extract info from nested data with specific parameter? I need to extract the Activity Score and Application UXI Average but only when the Application Name is a certain na... by paulito Explorer in Splunk Search 04-13-2022 0 2	0	2
How to add values from different Indexes? Hello, I would like to add values from a search in one index and then to the result of another search from a differ... by diegomedinar New Member in Splunk Search 04-13-2022 0 3	0	3
PROPS Configuration for text file with header Hello,I have a text source file with header. Some sample events (first line is a header) and props that I wrote given... by SplunkDash Motivator in Splunk Search 04-13-2022 0 11	0	11
How to proceed to get only the Status column in the request? Hello,I have the request which normally show 4 rows, I need to display only one row with only the Status column. ind... by kwy Loves-to-Learn in Splunk Search 04-13-2022 0 1	0	1
How to use thousand comma separator for chart command? Hi Everyone, below is my query to use thousand comma separator: \|inputlookup abc.csv \| chart sum(field1) as field1 ... by ND Path Finder in Splunk Search 04-13-2022 0 1	0	1
How to Extract fields with alphanumeric values? I have to extract the highlighted value as a single field in splunk. Any help. by inkedia Explorer in Splunk Search 04-13-2022 0 4	0	4
How to Parse Json array with inner condition? I cant seem to find an example parsing a json array with no parent. Meaning, I need to parse: [{"key1":"value2}, {"ke... by ofer_s Loves-to-Learn in Splunk Search 04-13-2022 0 1	0	1
Are there any public whitelist databases that can be used to filter good network traffic? i want to have an overview of malicious network traffic in my network and i decided to filter out all the "good" traf... by splunkboob Explorer in Splunk Search 04-13-2022 0 1	0	1
How to a query so that all the values in quotes are replaced by a placeholder? Considering a field like : field=select id from table where id In ["123","12"] limit 1 field=select id from table wh... by yk010123 Path Finder in Splunk Search 04-12-2022 0 2	0	2
Receiving timestamp parsing error I am trying to set timestamp for the event : ======== Sat Mar 19 16:33:08 2022 -05:00 LENGTH : '228' ACTION :[7] 'CO... by vjsplunk Loves-to-Learn Everything in Splunk Search 04-12-2022 0 5	0	5
Why splunk Search returning duplicates? As shown below I have only two events present on my indexBut when i execute the below search queryindex = **** \|rex f... by karthi25 Path Finder in Splunk Search 04-12-2022 0 3	0	3
How can I count values by a subgroup? I have the following data : ServiceMessageService1Hello worldService2Another messageService1Hello worldService1Some ... by yk010123 Path Finder in Splunk Search 04-12-2022 0 2	0	2
How to compare field with current weeks Monday? These are ticket platform logs with field 'lastupdated' which contains time and date [2022-04-12 12:12:17.160000+00:0... by ojtoids Explorer in Splunk Search 04-12-2022 0 1	0	1
How to compare two fields from two different source types? Hello everybody, This is actually my first post here so forgive me if I missed up or posted in the wrong section. I'm... by ahmed_aladwani Engager in Splunk Search 04-12-2022 0 1	0	1
How to write a query for average TPS and average response time in a single table? Hi, I am trying to write a query that would get me the average TPS and average response time for services in the same... by mrigs13 Explorer in Splunk Search 04-12-2022 0 10	0	10
How to get my splunk to open my last file explorer when I go to export some results? I have a dashboard setup that returns a few searches for my organization. When I click the export button underneath t... by bheptinstall Engager in Splunk Search 04-12-2022 0 2	0	2
How to Remove Rows With "NULL"? Greetings Splunk Community, I am currently working on a search and I am trying to drop rows that have "NULL" in them.... by jpfrancetic Path Finder in Splunk Search 04-12-2022 0 1	0	1