Splunk Search

Community Activity

How to search with times from another search? Hi. I've got a search looking for times and dates with "index=main host=web1 "/blarg=foo"\| table _time" how can I use... by nkuriger New Member in Splunk Search 02-10-2022 0 1	0	1
Transaction where one field changes over time? I have data as follows: time=1 msgid=1 event=new_msg time=2 msgid=1 delivery=1 event=start_delivery time=3 delivery=1... by mpdude Explorer in Splunk Search 02-10-2022 0 3	0	3
Splunk Add-on for Microsoft Windows - Remote Active Directory domain Hi. So I'm reading about this Add-on and the instructions seem to be pretty straightforward about getting the Add-on ... by BrendanCO Path Finder in Splunk Search 02-10-2022 0 4	0	4
No search results from Windows Servers (DC and EXCH)- what to do next? I recently inherited a newly configured Splunk Enterprise 8 environment after the former admin left. I have a basic u... by MBIT2022 Explorer in Splunk Search 02-10-2022 0 22	0	22
How to extract a field from two slightly different formatted events? Hi all, I'm trying to do a field extraction of database name (let's call the field "DBname") from logs that come in 2... by stefi_bozova Engager in Splunk Search 02-10-2022 1 3	1	3
How to extract a field value using Regex with Field Extractor Hi I am trying to use Regex with the Field Extractor to extract the value of a particular field in a given piece of t... by ezmo1982 Path Finder in Splunk Search 02-10-2022 0 4	0	4
Get Pattern or punct at search time for one specific field Does Splunk have any spl command like punct? The default punct field will get patterns on the _raw field. Is there an... by AnilPujar Path Finder in Splunk Search 02-10-2022 0 1	0	1
How to check for search string/data present in csv lookuptable and result present or not I am looking for something like this as belowI have a seach string = rubiand want to check this string presence in a ... by akshayinnamuri Loves-to-Learn Lots in Splunk Search 02-10-2022 0 1	0	1
compare data that not include in lookup file Dear All, Need your helpI have case to compare transaction data with lookup file, for example i have lookup file acc... by rahmatn Path Finder in Splunk Search 02-10-2022 0 4	0	4
Is it possible if a non matching domain is emailing us, it should display in a dashboard? Hi I am trying to explore more ways to check if business email compromise is being happening in our organization, jus... by tonyxavierj Engager in Splunk Search 02-10-2022 0 10	0	10
Compare two events with multiple key value pairs I have two events that are semi-colon separated key value pairs. I have applied the extract command to parse the even... by rizwan0683 Path Finder in Splunk Search 02-10-2022 0 9	0	9
How to hide the table rows base on the string match Hi ,I need a help in solving one of the issue, I have a table which is Shown below,I just want to hide the rows with ... by vinod743374 Communicator in Splunk Search 02-10-2022 0 1	0	1
How to eliminate duplicate rows before transaction command? How to eliminate duplicate rows before transaction command. Because of which I am getting wrong calculation.eg scenar... by priya1926 Path Finder in Splunk Search 02-10-2022 0 15	0	15
How to search Indexes with count = 0 Dear Team, I just want to use the simple search below to see which indexes are having zero count that day/week/whiche... by jto13 Explorer in Splunk Search 02-10-2022 0 1	0	1
How to get count for different values in a field when dealing with datamodels? I have a Data Model called Web_Events with a root object called Access. There is a field in Access called 'status_cat... by samakshkhatri Engager in Splunk Search 02-09-2022 0 2	0	2
Joining Tables Hello, I need your help please, I have two tables resulting from two searches and I need to join these two tables to ... by crmarley20 Explorer in Splunk Search 02-09-2022 0 3	0	3
How to extract the following fields? 2022-02-03 12:07:12 [machine-run-00000-hit-000000-step-00000] [[Card Onboarding] CCC Capture - Logging Framework] [Ca... by sphiwee Contributor in Splunk Search 02-09-2022 0 3	0	3
How to check migration is successful? There are 2000 dashboards in Splunk. Out of which, some are used and some are not. How to check that? How to migrate ... by frenz4vrarun New Member in Splunk Search 02-09-2022 0 1	0	1
How to check Splunk metrics in prometheus I'm deployed a Splunk in VM. How to get the instance application Splunk metrics in Prometheus. by MdSahirKhan Observer in Splunk Search 02-09-2022 0 0	0	0
How to extract field from one event and search field one by one in other event This event is printed eveytime UserPin AreaCode AreaNum Sector Short Sem are unique for each userid and come only ins... by cwer New Member in Splunk Search 02-09-2022 0 3	0	3
Why doesn't event one field value not match with lookup file field value? We have event having field "ip_client" and have lookup file i.e(F5_IPS_Exclusion.csv) having field "F5_Exclusion_IP" ... by Abhineet Loves-to-Learn Everything in Splunk Search 02-09-2022 0 5	0	5
Why is data extraction showing different time formats? In the query _time is already formatted. But when i try to export the data in csv its showing different formats. Qu... by priya1926 Path Finder in Splunk Search 02-09-2022 0 1	0	1
Grouping event by correlation id with the closest time Hi All,We have a number of micro services with correlation id flowing across the request and responses. What i'm tryi... by lucavi New Member in Splunk Search 02-09-2022 0 1	0	1
How to change SPL comparison dates in dashboard with a CASE clause dynamically? Hello, I'm new to Splunk and I was searching and trying many solutions before asking here, but I'm really stuck. I ha... by gazuluagac Engager in Splunk Search 02-09-2022 0 1	0	1
How to match the search string presence in lookuptable and show the presence as yes or not in result table Hi Guys,I have a string say example : abcthis string I want to lookup and match the presence in a lookup table \| loo... by akshayinnamuri Loves-to-Learn Lots in Splunk Search 02-09-2022 0 4	0	4