Splunk Search

Ask a Question

Discussions

Thread Info

How to get count of repeated, unique and total values by group?

Hi I am working on query to retrieve count of repeated, unique and total visits by user through different channels....

by Engager in

Using results of join in eval if

Hello, i have a question regarding the usage of the results of a join within an eval if. I have a couple of respon...

by Path Finder in

Search with _time

Hello, I am monitoring a csv file using universal forwarder and the first column in the csv file is Last_Updated_Da...

by Contributor in

csvfile search in values

Hi, I have csv file containing emailID and domain and I would like to search the email exchanges between these two...

by Explorer in

Looking for regex help in parsing data from curl output

I'm using curl in Spluk to download some data from an API and to build a lookup of the downloaded data. The data come...

by SplunkTrust in

Blacklist line not blacklisting events

Hi Everyone. I'm expanding my blacklist and i'm having issues with a seemingly simple blacklist line. Here is my c...

by Loves-to-Learn Everything in

Removing field from _raw field generated by collect for summary index

I am using a scheduled report to save data to a summary index with the following query: index=_internal | stats cou...

by Path Finder in

How to develop Regex to find invalid pattern in a skill level expression string.

Hi， Splunkers， I have some skill expression as below: Orange > 5 & apple < 0 & ( Peach = 0 | Tomato >) & (Straw...

by Communicator in

Error of Problem replicating config (bundle) to search peer ' 10.10.x.79:8089 ',

Greetings!! I need help!!! am experiencing an error while am doing search, the error is: Search peer Splkidx0...

by Communicator in

multivalue fields

Hi I'm trying to count the number of times of a specific values "not match" exist in a multi-value field, search for ...

by New Member in

How do I group 2 attributes for line graph Splunk

I'm trying to do a line graph using this command: source="filename.csv" sourcetype="csv" | stats sum(intake), value...

by Engager in

Human or Google web requests

We use Palo Alto, Barracuda, and McAfee WGs. All perform some form of Web Filtering / Blocking, which I'm now being...

by Path Finder in

Look up value from one log line in another log line

I have a log line for when the ip is added to the blacklist and another log line with ips that were removed from the ...

by Explorer in

Excluding internal to addresses from the from field using regex

I am trying to create a dash which uses tokens for different clients capturing any attachments sent externally. ...

by Engager in

Create dashboard for hosts that have no results from a specific sourcetype

Hey guys I'm trying to create a dashboard that shows any host with a group of specified hosts that are not returning ...

by Engager in

Measure time between two log events

Hi, I have an SBC (Session Board Controller) which is doing LDAP search and write the syslog of that. I'm trying to...

by Explorer in

Find Any windows login from a source IP other than the known one

Hi , I have a list of allowed IP addresses and want to use splunk to find any windows login from a source Ip other th...

by Engager in

split string with square brackets into individual fields

Hello, I'm new to Splunk and I'm looking for some advice. My search, e.g. <mysearch> | table attrib...

by Explorer in

How to match on value NOT in lookup table

I have a list of IP addresses in a lookup table that are network scanners. I am trying to build a search that exclu...

by Path Finder in

Getting last of a column value in a table

I have a splunk query that returns results like this. I want to modify the query such that I get the latest row for ...

by Explorer in

props.conf : regex in source stanza

Hi, I am trying to filter out events using props.conf and transforms.conf . I have requirement where there are ...

by Loves-to-Learn Lots in

What's the best way to search for a list of MD5?

Where can I find User Instructions for searching for a block of hashes on a regular basis, and emailing an alert if a...

by Engager in

Chart Visualization Updates

Hi, Could you help me why the values for the Y-Axis is not being set correctly? I specified 6000 with interval of 5...

by Path Finder in

Search a lookup with wildcard in values

Hi,I am stuck implementing below use case , please help me on this :I have a lookup say url_requested.csv. http_ur...

by Path Finder in

Check if csv files have been updated to latest versions

Is there a way of checking if the latest csv updates were successful and if they were the most up to date versions (a...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

How to get count of repeated, unique and total values by group?

Using results of join in eval if

Search with _time

csvfile search in values

Looking for regex help in parsing data from curl output

Blacklist line not blacklisting events

Removing field from _raw field generated by collect for summary index

How to develop Regex to find invalid pattern in a skill level expression string.

Error of Problem replicating config (bundle) to search peer ' 10.10.x.79:8089 ',

multivalue fields

How do I group 2 attributes for line graph Splunk

Human or Google web requests

Look up value from one log line in another log line

Excluding internal to addresses from the from field using regex

Create dashboard for hosts that have no results from a specific sourcetype

Measure time between two log events

Find Any windows login from a source IP other than the known one

split string with square brackets into individual fields

How to match on value NOT in lookup table

Getting last of a column value in a table

props.conf : regex in source stanza

What's the best way to search for a list of MD5?

Chart Visualization Updates

Search a lookup with wildcard in values

Check if csv files have been updated to latest versions

What's New in Splunk Cloud Platform 9.3.2411?

Buttercup Games: Further Dashboarding Techniques (Part 6)

Technical Workshop Series: Splunk Data Management and SPL2 | Register here!

bandwidth utilization percentage

ES8 + Mission Control Usage rest API

Search for triggered save searches and their actio...

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static