Splunk Search

Community Activity

	How to combine multiple search How do combine the below 2 searches into one? 1. * orderid\|stats count by id returns something like 2022-03-21T00:10... by msg4sunil Path Finder in Splunk Search 03-20-2022 0 4	0	4
	How to combine two searches from same index Hi,From these logs (unique index): 2022-03-16 16:43:43.279 traceId="1234" svc="Service1" url="/customer/{customerGuid... by fredv44 Explorer in Splunk Search 03-20-2022 0 4	0	4
	How do I use appdncols command in order to aggregate in a table the result of different search? hello I use appdncols command in order to aggregate in a table the result of different search I have 2 issues with t... by jip31 Motivator in Splunk Search 03-20-2022 0 11	0	11
	How do I fix this multisearch that is acting unexpectedly The message format we chose uses a field called scope to control the level of aggregation you want (by request_type, ... by dimigs Engager in Splunk Search 03-19-2022 0 6	0	6
	Is it possible to draw firewall connection diagram using Splunk Apps Greetings I am new to Splunk. I need to know if it is possible to draw a diagram using the below search results: Sour... by nnehme New Member in Splunk Search 03-19-2022 0 3	0	3
	How do I delete header with transpose? hello I use a transpose command in order to have _time field displayed in column instead row First question : how to ... by jip31 Motivator in Splunk Search 03-19-2022 0 4	0	4
	How do I filter based on average over time query \| bin _time span=30m \| chart avg(throughput) by _time server Hi, I want only the avg(throughput) by _time serve... by huan_an Explorer in Splunk Search 03-19-2022 0 1	0	1
	How to Merge Rows in Table With Similar Data, While Maintaining Records That Do Not Match Hello, We are currently working with two sets of data that have similar fields. We would like to align matching event... by Razziq Explorer in Splunk Search 03-19-2022 0 3	0	3
	How to find ELAPSED Time entries greater than a particular amount. Hello, I am trying to find the list of elapsed time over a specific time using our os process sourcetype.Looks someth... by umithchada Explorer in Splunk Search 03-18-2022 0 4	0	4
	How do I use mstats and changing aligntime to set up this alert I had a situation where I wanted to know if the mstats p90(cpu) over 5 minutes of a host was above a certain value; b... by JustinSC Explorer in Splunk Search 03-18-2022 0 0	0	0
	How to include results where count is 0 in a an existing search using a csv file? Currently I have a search query that will show when an event happens with the device_id, count, and the device name. ... by Rapidz Explorer in Splunk Search 03-18-2022 0 1	0	1
	How to search number of active VPN users over time Hi all, I've been working on getting the number of active VPN users from our ASA logs by a simple query to get the la... by trajedy New Member in Splunk Search 03-18-2022 0 2	0	2
	How to track Windows Login failure from expired or disabled account Hi Splunkers,I'm performing some searches to monitor Windows user failure attempts. The failure itself is not a probl... by SIEMStudent Path Finder in Splunk Search 03-18-2022 0 3	0	3
	How do I get unique within each group? Team, Can you please help me with the splunk query for the below? Thank you Splunk query returns the below 1 1 1 2 2... by msg4sunil Path Finder in Splunk Search 03-18-2022 0 8	0	8
	How to display charts based on condition by some field Hi , I want to display two charts , one column and line chart in single panel based on condition. For example, if re... by avni26 Explorer in Splunk Search 03-18-2022 0 5	0	5
	How to add average column to timewrap table for multiple fields? Hi there! I want to add columns to this table that I copied from the docs about timewrap. I want to add columns that ... by michaelsplunk1 Path Finder in Splunk Search 03-18-2022 0 1	0	1
	How to include several unique IP address in the search command with src=or can I use src IN(ip,ip,ip)? How can I include several unique IP address in the search command with src= or can I use src IN(ip,ip,ip) by lakaras1s New Member in Splunk Search 03-18-2022 0 1	0	1
	How to change stats on optional field? Hello Folks, I have the below query on one of my dashboard panel. Here I pass the IN_BUSINESSDATE field value from da... by rangarbus Path Finder in Splunk Search 03-18-2022 0 1	0	1
	How to check if multiple conditions are true? I am looking for a way to check for multiple conditions to match, and if they are met, output a specific word... such... by iomega311 Explorer in Splunk Search 03-18-2022 0 2	0	2
	How to create a lookup subsearch with NOT IN I am facing following challenge. I have a lookup table myids.csv with ID's in it: ID123 I have and index also with ID... by ub_ik Explorer in Splunk Search 03-17-2022 0 2	0	2
	How to create a search for when User visits url, do a transaction, and get the data based on time? Hi Everyone, I am trying to pull a result per customer, where he/she has visited url based on time_order I did someth... by bijodev1 Communicator in Splunk Search 03-17-2022 0 15	0	15
	How to find the number of days between two dates? Hi All, I have logs as below to check certificate validity:Valid from: Tue Jul 13 02:51:21 EDT 2021 until: Thu Jul 13... by Mrig342 Contributor in Splunk Search 03-17-2022 0 6	0	6
	Why is Cluster Count not working? Hi Everyone, I have created the below query in Splunk to fetch the Error messages index=abc ns=blazegateway-c2 CASE(E... by aditsss Motivator in Splunk Search 03-17-2022 0 5	0	5
	Why is there Circular dependency Issue in Data Model? Error: Error in 'SearchProcessor': Found circular dependency when expanding from.Network_Traffic.All_Traffic Backgrou... by kashz Explorer in Splunk Search 03-17-2022 0 1	0	1
	How to use Splunk AND command to find field 3? ++EXT-ID[05] FLD[Wallet Provider Device..] FRMT[TLV] LL[1] LEN[32] DATA[4AD74D9421FE60B5688EF727F1BC7488] ++EXT-ID[... by jayeshrajvir Explorer in Splunk Search 03-17-2022 0 17	0	17