Splunk Search

Community Activity

Why am I unable to get Splunk Search query in Ansible Playbook (everything works with curl)? Currently we manually monitor splunk dashboards during our deploys. We would like to automate this. For this, we woul... by kumarvarun1252 New Member in Splunk Search 02-23-2022 0 1	0	1
How to write a search that divides values in two distinct tables? Hello all, I have a scenario where I need to make calculations regarding license consumed, per host. However, since... by nmsaraujo Explorer in Splunk Search 02-23-2022 0 0	0	0
How to search not equal with multivalued? host="SPL-SH-DC" sourcetype="csv" source="****" Severity!="Info"Severity!="low"Plugin_Name!="SSL Certificate with Wro... by Rithekakan Path Finder in Splunk Search 02-23-2022 0 4	0	4
How to lookup in Splunk? Hi Team, i have one abc.csv file with only one colunm as Source_IP where values are in10.10.10.0/24 format . next i ... by SharmaS2 Explorer in Splunk Search 02-23-2022 0 4	0	4
Does sort like "order by" in sql for list of fields? Hi, I'm new to Splunk. The question I want to ask is does sort like "order by" in sql for list of fields, which divid... by Jackiifilwhh Path Finder in Splunk Search 02-23-2022 0 8	0	8
How to extract all fields like DISK? ----------------------- DISK INFORMATION ---------------------------- DISK="/dev/sda" NAME="sda" HCTL="0:0:0:0" TYPE... by ranjithan Path Finder in Splunk Search 02-23-2022 0 4	0	4
How to extract all values? ----------------------- DISK INFORMATION ---------------------------- DISK="/dev/sda" NAME="sda" HCTL="0:0:0:0" TYPE=... by ranjithan Path Finder in Splunk Search 02-23-2022 0 6	0	6
How to build a query by last date Hello All, I need some help please. I would like to query for the last upddate. However, the field belegtyp and ... by Maik11 Observer in Splunk Search 02-23-2022 0 5	0	5
How to get the sum of each columns? Hello everyone, Thanks for reading, my english is not good at all. I have this: ABCDEFG110410012022090001308010040900... by HideOnCode82 Engager in Splunk Search 02-22-2022 0 2	0	2
Why is there a Regex Character Limitation I have a very long regex query (12,000) character long- it consist o different hostname and IP Address combinations. ... by jadengoho Builder in Splunk Search 02-22-2022 0 6	0	6
How to match my list of qualys events against the list of CVEs found in the KEV lookup? Hi, I'm looking to match my list of qualys events against the list of CVEs found in the KEV lookup on cisa.gov. I'm n... by TheBravoSierra Path Finder in Splunk Search 02-22-2022 0 1	0	1
How to table a single event field joined with a multi-event field? Hi. I am having trouble figuring out how to execute this, although it's probably simple: search 1 \| field 1 \| join [ ... by mkulicke Explorer in Splunk Search 02-22-2022 0 6	0	6
How to write rex so command can extract the fields from json data? hello, Please help me with the rex commands for extracting the below fields from the json data. "resourceName" : "abc... by manjunath_n Engager in Splunk Search 02-22-2022 0 1	0	1
Need Help Searching / Visualizing AWS WAF Data Good Afternoon Splunkers,Let me start by saying that I hope this is the right sub-forum for this question. I'm workin... by TheColorBlack Path Finder in Splunk Search 02-22-2022 0 2	0	2
How to detect a successful login after multiple failed logins? Hello, fellow splunkers! What I am trying to do is to detect a successful login after multiple failed attempts. I've ... by janedoe887 Explorer in Splunk Search 02-22-2022 2 18	2	18
How to use chart command to show results for only days with values? So I'm trying to chart blocked traffic(IPs) over 7 days... the purpose to help locate beaconing traffic (this has wor... by mchristian Loves-to-Learn in Splunk Search 02-22-2022 0 11	0	11
How to sort and match column based on last 4 strings based on column1 (ref1)? This is my first post here! _I am new and I am learning Hi Experts, I have data like below coming into a csv file. re... by pemancha Explorer in Splunk Search 02-22-2022 0 3	0	3
403 Forbidden - unable to post questions in Splunk community 403 Forbidden - unable to post questions in Splunk community ..My data is masked , but still why am I not allowed t... by zacksoft_wf Contributor in Splunk Search 02-22-2022 0 1	0	1
How to make tstats prestats=true with values() and sum() functions? I've been using tstats in many queries that I run against accelerated data models, however most of the time I use it ... by piukr Explorer in Splunk Search 02-22-2022 0 1	0	1
How to format distinguishedName to domain I am looking to format ldap extracted distinguishedName to a domain. Example CN=Username,OU=Folder,OU=Folder,DC=domai... by Meloow Engager in Splunk Search 02-22-2022 0 1	0	1
Minimaze and Maximize a Cell or Drilldown and short the Text in Zell Hi everyone,i have in a table the result of a scanning script. Of course, the cells are much too large. Is there a wa... by bnybln030 Engager in Splunk Search 02-22-2022 0 3	0	3
How to compare search results using csv as input containing two columns - and show difference (present and absent) I need to search using the input from csv and compare the results with the same csv containing two columns - and show... by itsppp1234 New Member in Splunk Search 02-22-2022 0 1	0	1
How to use report data in search query Hi everyone,I need help in figuring out a way to use my report (table data) into calculations in my dashboard panel. ... by s_absinthe Explorer in Splunk Search 02-22-2022 0 2	0	2
How to Exclude some events based on a different dataset The problem is a simple one: I have a base search from which I want to exclude a subset based on a criteria determine... by yuanliu SplunkTrust in Splunk Search 02-21-2022 0 3	0	3
How to search by comparing two String attributes that are unequal? Below is the usual Splunk Search line in addressVal is not equal to outAddressVal. I tried below Search but it did no... by akhil11 Loves-to-Learn in Splunk Search 02-21-2022 0 5	0	5