Splunk Search

Discussions

Thread Info

How to setup DOD CAC Login for Splunk Web

I have been asked to ensure that the DOD CAC can be used to log into the Splunk Search Heads. Does anyone know how to...

by Contributor in

Events from windows and linux without domain name

Hello, I would like change bare host name to host name with a domain name. According to all articles I have change...

by Engager in

Combining 3 data sources with rolling ID

Hi, various tables from a database are read by Splunk. I need to combine fields from all 3 datasources. The ID-fiel...

by Explorer in

Warn and Error messages below search bar

While most Warn and Errors show up on the Job dropdown (1) some are also displayed in an area right below the search ...

by Explorer in

Top 10 of a top 10

Hello there, I want to make a top 10 of applications based on top 10 of categories. Here is an example: Categor...

by Explorer in

timechart command with subsearch yields no results after update to 8.2.4

Hi all, I have been using a subsearch in a timechart command to dynamically select the correct span. The query looks ...

by New Member in

Splunk Query

If i have n numbers of router in my index and i want to know the current status of router if its connected or failed...

by New Member in

How to find who deleted the file from a folder?

Hello,Can someone please help me with a query to find who deleted the files of users (user=x, y, z) from a folder. in...

by Path Finder in

How to add field from different event for data model purpose

Is there a way to add a field to an event from a different event assuming they have a common key using a simple searc...

by New Member in

SSO login banner when using a CAC

I've been able to configure SSO for CAC via Apache proxy and everything works fine. I'm trying to figure out how to d...

by Explorer in

Can search time limit be applied by index?

Can a search time limit be applied differently by index rather than by role? Currently, we have a search roll limi...

by Path Finder in

Need to modify the search by eliminating append commands.is it possible?

index IN (A,B) sourcetype IN (A,B) earliest=-12h latest=@m| transaction UUID keepevicted=true| eval ReportKey="Today"...

by Path Finder in

lookup CSV file and then search server disk performance

Hi All, I have done a index search for disk data and then lookup to the CSV to check as per the Application which s...

by Loves-to-Learn Lots in

fields are not extracted properly

recently we onboarded these logs but most of the fields are not extracted though these values are mentioned with =. I...

by Engager in

manipulating different table rows

Hi, I want to create the following excel table using splunk. The first 3 columns are based on the output of a quer...

by Engager in

Exclude empty fields from search

Dear Splunk Community, I'm trying to extract a list of changed fields, but they should only be listed if they have ...

by Explorer in

seperate fields of events by pipes

Hi I have events like this: 1900/10/26| 1900/10/25|333|CHECKOUT |U |2222|00...

by Motivator in

Usecase of integrating Splunk with ETL

Hi what is the usecase of integrating Splunk with ETL tools? Send splunk data to ETL? Send ETL data to splunk? ...

by Motivator in

How to get count of repeated, unique and total values by group?

Hi I am working on query to retrieve count of repeated, unique and total visits by user through different channels....

by Engager in

Using results of join in eval if

Hello, i have a question regarding the usage of the results of a join within an eval if. I have a couple of respon...

by Path Finder in

Search with _time

Hello, I am monitoring a csv file using universal forwarder and the first column in the csv file is Last_Updated_Da...

by Contributor in

csvfile search in values

Hi, I have csv file containing emailID and domain and I would like to search the email exchanges between these two...

by Explorer in

Looking for regex help in parsing data from curl output

I'm using curl in Spluk to download some data from an API and to build a lookup of the downloaded data. The data come...

by SplunkTrust in

Blacklist line not blacklisting events

Hi Everyone. I'm expanding my blacklist and i'm having issues with a seemingly simple blacklist line. Here is my c...

by Loves-to-Learn Everything in

Removing field from _raw field generated by collect for summary index

I am using a scheduled report to save data to a summary index with the following query: index=_internal | stats cou...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

How to setup DOD CAC Login for Splunk Web

Events from windows and linux without domain name

Combining 3 data sources with rolling ID

Warn and Error messages below search bar

Top 10 of a top 10

timechart command with subsearch yields no results after update to 8.2.4

Splunk Query

How to find who deleted the file from a folder?

How to add field from different event for data model purpose

SSO login banner when using a CAC

Can search time limit be applied by index?

Need to modify the search by eliminating append commands.is it possible?

lookup CSV file and then search server disk performance

fields are not extracted properly

manipulating different table rows

Exclude empty fields from search

seperate fields of events by pipes

Usecase of integrating Splunk with ETL

How to get count of repeated, unique and total values by group?

Using results of join in eval if

Search with _time

csvfile search in values

Looking for regex help in parsing data from curl output

Blacklist line not blacklisting events

Removing field from _raw field generated by collect for summary index

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

Using splunk-sdk in user-defined functions in Spar...

Verification of SAML assertion using IDP's cert fa...

ジョブを消しても復活する現象について

splunk threat intelligence taxii data

Splunk DB connect add-on InfluxDB 2.6