Splunk Search

Community Activity

Trying to find host that send logs over the last 7 days Hi, i am trying to search for host that are sending logs over the last 7 days. Anything more than 7 days i will like... by johnlzy0408 Loves-to-Learn Everything in Splunk Search 02-03-2022 0 1	0	1
Trying to exclude a specific value from an extracted field Hello all, I am trying to exclude an specific value within a field while retaining others. Can you please let me know... by srinivas_gowda Path Finder in Splunk Search 02-03-2022 0 2	0	2
How to change a specific value of a field in my events to another value in a search? i have these events: status \| host \| comments \| ticket_number ... inprogress ... by fdi01 Motivator in Splunk Search 02-03-2022 2 6	2	6
How to Regex match literal \U in directory path I am trying to match a directory path including the string "\Users" but Splunk is throwing an error: \| rex field=Targ... by frbuser Path Finder in Splunk Search 02-03-2022 0 6	0	6
Chart timing of several events I have an automated script that creates a log file that marks the beginning and end of specific events during a web p... by BradenFTL Explorer in Splunk Search 02-03-2022 0 6	0	6
How can i search 1 host at a time when index hits a number of hosts. I have an index which searches across 10 hosts. I am comparing 2 strings and evaluating the results to see if there i... by HelloItsMe76 Explorer in Splunk Search 02-03-2022 0 4	0	4
query to consider having an event if its available in any specific weekday in the given time range Hello,So the requirement was to find gaps of data unavailability(start time & end time) in the given time range, co... by Dhana Explorer in Splunk Search 02-03-2022 0 0	0	0
Regex to extract string from field when characters 5 and 6 match pattern Hello,I have a field 'narrative' which contains long strings describing what happened to a piece of equipment. Withi... by andyd Engager in Splunk Search 02-03-2022 0 3	0	3
Is there a way to set trigger conditions using SPL I am coming across an interesting problem where notables are being generated for each event in Splunk with unique not... by sm1tty Loves-to-Learn Lots in Splunk Search 02-03-2022 0 0	0	0
subsearch from previous results I need to run three different queries based on the each respective results. for example :1) In the first one query : ... by bijodev1 Communicator in Splunk Search 02-03-2022 0 2	0	2
SOLVED: Alternates of LEFT OUTER JOIN Hello,I have got 2 data sets resides in same index but with different source/host: index="tickets" host="RMM_DATA" i... by madhav_dholakia Contributor in Splunk Search 02-03-2022 0 11	0	11
Splunk index How can i populate data from primary index to summary index using collect command. By using collect command can we po... by kajalchopade071 Path Finder in Splunk Search 02-03-2022 0 2	0	2
Monitor a set of csv files for errors So I have a particular number of important csv files that I need to ensure have no errors - which I can lookup using ... by robnewman666 Path Finder in Splunk Search 02-03-2022 0 4	0	4
Timechart with TIME, IPADDRESS and count Hi All,I have below splunk data:"new request: 127.0.0.1;url=login.jsp"which contains the IPADDRESS (EX:127.0.0.1) and... by yatyat Observer in Splunk Search 02-03-2022 0 3	0	3
unable to list the unmatched values compared with lookup file I am trying to identify the values that are in the logs not matching with content in the lookup file. But i am not ge... by rboya_splunk Loves-to-Learn in Splunk Search 02-03-2022 0 4	0	4
Splunk query Username status User1 loginUser2 loginUser3 login User1 logout User1 loginUser1 logout N... by kajalchopade071 Path Finder in Splunk Search 02-03-2022 0 5	0	5
Error in 'eval' type check failed I have a json data from file generated from the okla speedtest -f json command. I have tried to cast it or eval in di... by jenkinsta Path Finder in Splunk Search 02-02-2022 0 2	0	2
Predict command not working with eval count. I have the following query that I am working to establish a prediction for. I am able to be the volume to predict but... by SMM10 Explorer in Splunk Search 02-02-2022 0 0	0	0
I want to provide read permission only one app not to all apps to a particular role I want to provide read permission for only one app not all apps to a particular role and in my environment under apps... by bapun18 Communicator in Splunk Search 02-02-2022 0 1	0	1
Add a link to another dashboard in the NEW dashboard Studio that has teh same time period of the master dashboard Hello Everyone I hope you are having a great day,This new dashboaard studio feature is GREAT 10/10 but I'm having a l... by andres91302 Communicator in Splunk Search 02-02-2022 0 1	0	1
Choropleth world map on.click drilldown to set token in dashboard studio missing I'm trying to set a new dashboard token on click of a country in a choropleth that would populate with the iso2 value... by mjones414 Contributor in Splunk Search 02-02-2022 0 1	0	1
Sumo Transaction States to Splunk Query Good Day, I am trying to come up with ideas to translate a Sumo Trasactional search with (States) Conditions to a Spl... by parkertctr Path Finder in Splunk Search 02-02-2022 0 0	0	0
Unable to parse macro name from map command I have a lookup table with a field that contains a macro name. the rows returned from the lookup table dictate which... by weidertc Contributor in Splunk Search 02-02-2022 0 3	0	3
Splunk query I have One primary index which contains 30 days logs, but i want from one year for this purpose i created One more sp... by kajalchopade071 Path Finder in Splunk Search 02-02-2022 0 3	0	3
Extract erros from logs Hi,I'm new to Splunk and I would like to get top errors on a table, but the external API returns a stack tracing maki... by haist Explorer in Splunk Search 02-02-2022 0 4	0	4