Splunk Search

Community Activity

user success and failure login by month Hello Team, How to search specific app user successful and failure events by month for Jan to Dec? Base search, ... by navan1 Explorer in Splunk Search 01-07-2025 0 6	0	6
Fundamentals Question: Best practice of command structure I'm currently going over our alerts, cleaning them up and optimizing them. However, I recall there being a "best prac... by antoniolamonica SplunkTrust in Splunk Search 01-07-2025 0 2	0	2
Removing all-null columns from stats table I searched if someone had done this already but haven't found a good solution. So I wrote my own and thought I'd shar... by PickleRick SplunkTrust in Splunk Search 01-07-2025 0 2	0	2
How to get boolean fields from a stats max count (event number) How do I return field values from a specific max(eventnumber)?This was helpful but did not solve my issue Solved: How... by Seawheels51 Path Finder in Splunk Search 01-07-2025 0 5	0	5
tokenize on space and show only 1st part of starting I am getting result like this. query: index="webmethods_prd" host="USPGH-WMA2AISP*" source="/apps/WebMethods/Integ... by avikc100 Path Finder in Splunk Search 01-07-2025 0 3	0	3
How to edit position of column in statistic cable? I am looking to have the middle row of this table be in the left instead. I think something in the query is off and c... by jialiu907 Path Finder in Splunk Search 01-07-2025 0 4	0	4
How to export real event by AANAND Observer in Splunk Search 01-07-2025 0 2	0	2
Splunk to search only latest log file and not any historical data My requirement is simple, I have created a Certificate monitoring script and passing the log file through a splunk da... by shashankk Communicator in Splunk Search 01-06-2025 0 9	0	9
What kind of scenario we use eventstats vs stats? Hi, Could you pls let me know in what scenario would we use eventstats vs stats? by AL3Z Builder in Splunk Search 01-06-2025 0 3	0	3
wildcard matching in lookup input Can i do the wildcard matching in lookup?\|makeresults\|eval ip=192.168.101.10\|lookup ip.csv ip output hostIn my lookup... by RSS_STT Explorer in Splunk Search 01-06-2025 0 7	0	7
Can't Specify Fields Using Non-Standard Characters Back again with another question. I'm still playing with my search and whle this is an issue I've managed to work aro... by dtaylor Path Finder in Splunk Search 01-06-2025 0 5	0	5
Stats tables showing empty cells With the assistance of this forum, I managed to combine the events of two sourcetypes and run stats to correlate the ... by dtaylor Path Finder in Splunk Search 01-05-2025 0 4	0	4
How extract specific value ? Hello, I have big and complete log and want to extract specific value. Small part of log: "state":{<!-- -->"running":{<!-- -->"starte... by Jean-Sébastien Observer in Splunk Search 01-03-2025 0 4	0	4
add info about downstream jenkins jobs to upstream event Hi, I am trying to implement a dashboard in splunk that presents data basing on Jenkins events. I use Splunk App for ... by tommyleejones Observer in Splunk Search 01-03-2025 0 1	0	1
distinct results distinct results in splunk and how to show all data in selected fields vs the 100+ results by jmunsterman Engager in Splunk Search 01-03-2025 0 2	0	2
Joining searches on common columns HI query joining 2 searches on left join.Its matching some rows and not matching some rows although the column where ... by siu Loves-to-Learn Everything in Splunk Search 01-03-2025 0 38	0	38
Session Key Authentication fails sometimes Apologies if this is in the wrong place. Im using the Splunk REST API to connect and run search requests through a Py... by Sravan2 New Member in Splunk Search 01-02-2025 0 1	0	1
What does the error "File has no line endings" for a lookup table means? I'm trying to upload a file to be a new lookup table and I get the following error - What can it be? by ddrillic Ultra Champion in Splunk Search 01-02-2025 0 6	0	6
Replace host IP address with Name Hi Team, Need some help, while running below query I get host IP i.e. 10.65.x.x in Number display visualization but ... by cshewalkar Engager in Splunk Search 01-02-2025 0 4	0	4
Guidance Needed for Integrating Citrix NetScaler with Splunk Enterpris Hi everyone,I’m new to working with Citrix NetScaler and need assistance with integrating it into Splunk Enterprise. ... by Amira Explorer in Splunk Search 01-02-2025 0 1	0	1
Why are the results of set diff and join different? Each of the two lookups has URL information.And I queried it like this: 1) \| set diff [\| inputlookup test.csv] [\| ... by munang Path Finder in Splunk Search 01-01-2025 1 7	1	7
How to use the regex matched variables from the first search into the other search to get all matching results Hi All,I am searching UiPath Orchestrator Logs in Splunk as following: index="<indexname>" source = "user1" OR source... by sarathi125 Explorer in Splunk Search 01-01-2025 0 9	0	9
Is there a way to have a "sliding window" time span in a non real time search? I need to get the amount of users per web product every 5 minutes, grouped by 15 second bins. However, I need those ... by amalober Explorer in Splunk Search 12-31-2024 1 6	1	6
Is it possible to use streamstats over a 3 minute window over a 9 minute search to pick up three consecutive events? Hi I have an ask to create an alert that must trigger if there are more than 50 '404' status codes in a 3 min period.... by becksyboy Contributor in Splunk Search 12-31-2024 0 3	0	3
How to solve indexing issue? Can someone give some steps on this issue Push Unnecessary: manager-apps and master-apps are both populated. There c... by Kberko471 New Member in Splunk Search 12-31-2024 0 2	0	2