Splunk Search

Community Activity

How to get all values from a XML field? I have a xml _raw="2022-03-02 21:22:39.417 [MESSAGE] [default-threads - 8] [re_messages] - <?xml version="1.0" encodi... by jenniferhao Explorer in Splunk Search 03-05-2022 0 4	0	4
How to extract seven digit number with no special characters or white space before/after? Hello, I am attempting to extract from a field a seven digit number which can sometimes have a space or special chara... by rhenry Explorer in Splunk Search 03-04-2022 0 9	0	9
How to calculate how many times a letter is present consecutive in a string? Hi Team, I am wondering if there is any command to to calculate how many times a string consecutive present. for eg :... by bijodev1 Communicator in Splunk Search 03-04-2022 0 4	0	4
How to make table row count 100 over? Hello, All In Splunk Enterprise 8.0.1, I searched "index=_internal \| table _raw" and Visualization with Table. I'd... by cucuro11 Explorer in Splunk Search 03-04-2022 0 3	0	3
SPL I want to access the title, owner, etc., of the currently running scheduled alert via SPL syntax. I want to append t... by chiliconbeano Path Finder in Splunk Search 03-04-2022 0 5	0	5
How to combine values into one so that there is 1 exclusion that covers both values? Howdy folks This is my field: ABC_Account_Name I want to exclude these values: mcasgmcasI know I can do it this w... by verifi81 Path Finder in Splunk Search 03-04-2022 0 1	0	1
How to separate Multivalue row into their own multiple rows? I am trying to separate multi value rows into their own rows. I have been trying to separate by adding a comma after ... by jpfrancetic Path Finder in Splunk Search 03-04-2022 0 8	0	8
Unable to open Splunk WEB Hi, I am unable to open Splunk Web after enabling SSL under general settings. Could you please how to proceed. Than... by arpitadu Explorer in Splunk Search 03-04-2022 0 6	0	6
Create query to lookup multiple indexes Hi,Is it possible to make use of multiple indexes in one query. Below is the use case which I am trying to implement.... by Yadukrishnan Explorer in Splunk Search 03-04-2022 0 1	0	1
How to display search results like a heatmap? Hi I use the search below <row> <panel> <table> <search> <query>index=toto sourcetype=t... by jip31 Motivator in Splunk Search 03-04-2022 0 0	0	0
How to edit the time field in the index? I want to create a 30 day index of data that changes it's indexed timestamp as each day passes. Therefore the data wi... by klim Path Finder in Splunk Search 03-03-2022 0 8	0	8
How to get a field extraction of a field extraction within one regex? Hi there, so I have a line of log like this: http://some.url/path/?param=x,y,z So I want to extract a field "extract... by Marco204 Explorer in Splunk Search 03-03-2022 0 2	0	2
How to display a field ending with the same alphabet I have a field(eventCode) which has a code values, and few of them ends with certain alphabets , I want to extract o... by BT Path Finder in Splunk Search 03-03-2022 0 2	0	2
Regular Expression extract beginning and end of string- What am I missing? Hello, I have a situation where I am trying to pull from within a field the nomenclature of ABC-1234-56-7890 but want... by rhenry Explorer in Splunk Search 03-03-2022 0 5	0	5
Why am I receiving this license error? Hi Splunk team, I have a question when I search in Splunk console. I got an issue as below: Error in 'litsearch' com... by zhoayang Engager in Splunk Search 03-03-2022 0 7	0	7
Why converting hex doesn't work for 1 alert? [solved] EDIT: Solved. Used regex to target the printable portion first then converted to ascii For a couple dashboards, I'm u... by dantose Explorer in Splunk Search 03-03-2022 0 4	0	4
How to make presets as default in Splunk Cloud Default Time Picker? In Splunk Cloud, when I go to change the time picker it brings up relative options. It used to bring up presets. Ho... by sbgoldberg13 Explorer in Splunk Search 03-03-2022 0 1	0	1
How to sort this multi-value fields based on the latest timestamp and status? Hi Splunkers, I need help on how to sort this multi-value fields based on the latest timestamp and status. Here's my ... by kelz Explorer in Splunk Search 03-03-2022 0 2	0	2
PROPS Configuration with CSV Header- Requesting feedback and if there is a way to change field name Hello, I have CSV (with epoch time) source files (file with a few sample events given below) with header info. I wrot... by SplunkDash Motivator in Splunk Search 03-03-2022 0 1	0	1
Why is aggregating by custom Salesforce fields not working? I'm not sure if I'm missing something simple or not, but I've got event logs from my Salesforce instance fed in, as w... by arist0telis Explorer in Splunk Search 03-03-2022 0 0	0	0
How to count and compare the max amount of used different devices each day by groups for a week? Hello,I try to count and compare the max amount of used different devices each day by groups for a week with the maxi... by lemontree1 Explorer in Splunk Search 03-03-2022 0 4	0	4
Removing certain results from reports I'm attempting to extract statistics of user logins from a custom log format and create a bar chart. I have users A, ... by Sheela Path Finder in Splunk Search 03-03-2022 2 7	2	7
How to use Subsearch to achieve this ? I have 2 Splunk SPLs=====================index=computer_admin source=admin_priv sourcetype=prive:db account_name=admi... by zacksoft_wf Contributor in Splunk Search 03-03-2022 0 5	0	5
Help with temp tables and variables New to splunk and been struggling manipulating search results into a final result that I am looking for. In powershel... by AK89 Explorer in Splunk Search 03-03-2022 0 3	0	3
SPL: How to calculate the average user events per unique user, per day over a 14 day period (exclude weekends)? All, I need some help on a problem I am trying to solve. Problem: I need to calculate the average user events per uni... by mjuestel2 Path Finder in Splunk Search 03-03-2022 0 3	0	3