Splunk Search

Community Activity

	compare data that not include in lookup file Dear All, Need your helpI have case to compare transaction data with lookup file, for example i have lookup file acc... by rahmatn Path Finder in Splunk Search 02-10-2022 0 4	0	4
	Is it possible if a non matching domain is emailing us, it should display in a dashboard? Hi I am trying to explore more ways to check if business email compromise is being happening in our organization, jus... by tonyxavierj Engager in Splunk Search 02-10-2022 0 10	0	10
	Compare two events with multiple key value pairs I have two events that are semi-colon separated key value pairs. I have applied the extract command to parse the even... by rizwan0683 Path Finder in Splunk Search 02-10-2022 0 9	0	9
	How to hide the table rows base on the string match Hi ,I need a help in solving one of the issue, I have a table which is Shown below,I just want to hide the rows with ... by vinod743374 Communicator in Splunk Search 02-10-2022 0 1	0	1
	How to eliminate duplicate rows before transaction command? How to eliminate duplicate rows before transaction command. Because of which I am getting wrong calculation.eg scenar... by priya1926 Path Finder in Splunk Search 02-10-2022 0 15	0	15
	How to search Indexes with count = 0 Dear Team, I just want to use the simple search below to see which indexes are having zero count that day/week/whiche... by jto13 Explorer in Splunk Search 02-10-2022 0 1	0	1
	How to get count for different values in a field when dealing with datamodels? I have a Data Model called Web_Events with a root object called Access. There is a field in Access called 'status_cat... by samakshkhatri Engager in Splunk Search 02-09-2022 0 2	0	2
	Joining Tables Hello, I need your help please, I have two tables resulting from two searches and I need to join these two tables to ... by crmarley20 Explorer in Splunk Search 02-09-2022 0 3	0	3
	How to extract the following fields? 2022-02-03 12:07:12 [machine-run-00000-hit-000000-step-00000] [[Card Onboarding] CCC Capture - Logging Framework] [Ca... by sphiwee Contributor in Splunk Search 02-09-2022 0 3	0	3
	How to check migration is successful? There are 2000 dashboards in Splunk. Out of which, some are used and some are not. How to check that? How to migrate ... by frenz4vrarun New Member in Splunk Search 02-09-2022 0 1	0	1
	How to check Splunk metrics in prometheus I'm deployed a Splunk in VM. How to get the instance application Splunk metrics in Prometheus. by MdSahirKhan Observer in Splunk Search 02-09-2022 0 0	0	0
	How to extract field from one event and search field one by one in other event This event is printed eveytime UserPin AreaCode AreaNum Sector Short Sem are unique for each userid and come only ins... by cwer New Member in Splunk Search 02-09-2022 0 3	0	3
	Why doesn't event one field value not match with lookup file field value? We have event having field "ip_client" and have lookup file i.e(F5_IPS_Exclusion.csv) having field "F5_Exclusion_IP" ... by Abhineet Loves-to-Learn Everything in Splunk Search 02-09-2022 0 5	0	5
	Why is data extraction showing different time formats? In the query _time is already formatted. But when i try to export the data in csv its showing different formats. Qu... by priya1926 Path Finder in Splunk Search 02-09-2022 0 1	0	1
	Grouping event by correlation id with the closest time Hi All,We have a number of micro services with correlation id flowing across the request and responses. What i'm tryi... by lucavi New Member in Splunk Search 02-09-2022 0 1	0	1
	How to change SPL comparison dates in dashboard with a CASE clause dynamically? Hello, I'm new to Splunk and I was searching and trying many solutions before asking here, but I'm really stuck. I ha... by gazuluagac Engager in Splunk Search 02-09-2022 0 1	0	1
	How to match the search string presence in lookuptable and show the presence as yes or not in result table Hi Guys,I have a string say example : abcthis string I want to lookup and match the presence in a lookup table \| loo... by akshayinnamuri Loves-to-Learn Lots in Splunk Search 02-09-2022 0 4	0	4
	Why am I not receiving results for different time ranges in a subsearch and main search? Hello! I'm struggling with the time ranges within my query. I have two indexes (anonymized) index=documentation co... by chrkohm Path Finder in Splunk Search 02-09-2022 0 4	0	4
	How to calculate days for past and future days? Hello, I want to calculate the days in difference like below like future days should be in positive and past days sho... by DataOrg Builder in Splunk Search 02-09-2022 0 1	0	1
	Why is this query malformed after adding in a simple division statement? Good afternoon Guru's, I just was put into a position to teach myself how to splunk. I don't have experience with thi... by michaelhaedt Explorer in Splunk Search 02-09-2022 0 3	0	3
	How could I map one existing field with another csv file by using automatic lookups? Hi, all!I have one existing field which is CHECKPOINT_ID from my table 1 and another csv file which contains an inter... by Jennifer Path Finder in Splunk Search 02-09-2022 0 2	0	2
	Why am I not able to tag single events when they don't have a small enough field to use for the tags? The original problem I am trying to fix is that I am not able to tag single events since they dont have a small enoug... by npavlidis Engager in Splunk Search 02-09-2022 0 0	0	0
	How to delete the repeated rows and only keep the values that have a reason? Hello, Please I need your help, I have a dedup with a conditional. It happens that I have this table where when the ... by crmarley20 Explorer in Splunk Search 02-09-2022 0 5	0	5
	How to calculate percentage during runtime? This is give me data in integers, I want calculate percentages. How can we do it? \| savedsearch cbp_inc_base \| eval _... by neethan Path Finder in Splunk Search 02-08-2022 0 6	0	6
	How to exclude duplicates when using outputlookup ? Hello All, I have a lookup that is a saved as a schedule report that runs once a week. This schedule report will get... by MeMilo09 Path Finder in Splunk Search 02-08-2022 0 4	0	4