Splunk Search

Community Activity

	[Version 8.2.4] No longer able to use timestamps from return command in subsearch Hi,In the past (Splunk Enterprise v 7.x.x) I used the below search to run a report every few min. There were so many ... by steen Explorer in Splunk Search 01-21-2022 0 5	0	5
	case match command I am trying to use the case match command with more than one option. I keep getting an error message regarding the pa... by parkertctr Path Finder in Splunk Search 01-21-2022 0 2	0	2
	Create a table with different fields depending if their values match a condition I have a raw where each event looks like this (simplified for this exampel):{"time": "2022-01-20 16:40:02.325216", "n... by andres Loves-to-Learn Lots in Splunk Search 01-21-2022 0 2	0	2
	Hi Experts, I would like to count the multifield in the table where it has similar values I would like to count the multifield in the table where it has similar values. For Ex: I need output like below for ... by Ashwini_5 Explorer in Splunk Search 01-21-2022 0 2	0	2
	Date and time conversion Hi, in my index I have a couple time fields that are returned via a simple search_time = 1/20/2022 1:38:55.000 PM (th... by nate_washburn Engager in Splunk Search 01-21-2022 0 2	0	2
	How should we handle DB audit trails? We would like to ingest the Oracle's UNIFIED_AUDIT_TRAIL table and the SQL server's MSSQL\SQLAudit\*.sqlaudit files.H... by danielbb Motivator in Splunk Search 01-21-2022 0 2	0	2
	Extract and cleanse data into field for table Hi,In the following log entries, I wanted to extract uri in a specific format:log: a_level="INFO", a_time="null", a_t... by nbhat Explorer in Splunk Search 01-21-2022 0 1	0	1
	Date field comparison I need help regarding comparise a ISO 8601 date field with a specific date.Below is a simple example:index=devices \| ... by alexandrebas Explorer in Splunk Search 01-21-2022 0 1	0	1
	How to show data from TWO different sourcetypes ? I have,sourcetype_A (fields : ID, age, city, state)sourcetype_B (fields : ID, job, salary, gender)The fields "ID" i... by zacksoft_wf Contributor in Splunk Search 01-21-2022 0 2	0	2
	Extract raw data for URL into field Hi,In the following log, I wanted to extract Url, Method, ResponseTimeMs, StatusCode as a table:log: a_level="INFO", ... by nbhat Explorer in Splunk Search 01-21-2022 0 2	0	2
	Splunk Join is Left the same as outer in Splunk? Is Type=Left the same as type=outer in Splunk? If so why do they list it as three options?https://docs.splunk.com/Doc... by robertlynch2020 Influencer in Splunk Search 01-20-2022 0 2	0	2
	Is it possible to query IIS logs for a monthly web application hit count for multiple web applications on a domain? Hello,I was wondering if it is possible to use Splunk to query IIS logs for a monthly application hit count for multi... by jasonmhamilton New Member in Splunk Search 01-20-2022 0 3	0	3
	Count and chart two different queries Hey all,Newbie here learning Splunk. I'm starting to get into dashboards and want to create either a pie chart or jus... by zebulajams Explorer in Splunk Search 01-20-2022 0 5	0	5
	Did my search work or not? I've been trying to resolve this since October and not getting traction. Turning to the community for help:I have se... by awmorris Path Finder in Splunk Search 01-20-2022 0 0	0	0
	json Field value extraction I would like to get the list of those items in the properties field, like appName, levelId, etc. by EvansB Path Finder in Splunk Search 01-20-2022 0 4	0	4
	action field is not returning any results from all indexes Hello,Looks like the action field is not returning results for almost all of the indexes. This is only impacting one ... by majid87 Engager in Splunk Search 01-20-2022 0 4	0	4
	Searching for 2 different events on the same order number Hello Splunk Community,I'm fairly new to splunk and am using it to search and alert me for testing failures in my man... by Flaxamax Engager in Splunk Search 01-20-2022 0 3	0	3
	Create bar graph with ranges specified in the x axis I have created a bar graph. The following is the query.index= "cx_metrics_analysis" sourcetype="cx_metrics_httpevent"... by anooshac Communicator in Splunk Search 01-20-2022 0 4	0	4
	Convert years month days to Days Hey,Can anyone help me convert Age to Days? Have trouble parsing and calculating. Sample DataAge2 years 3 months 2 da... by figuringthings New Member in Splunk Search 01-19-2022 0 2	0	2
	Search peer and search process errors hello, Our physical servers had to restart and as such the splunk servers dropped. we are now having issues on ou... by willsy Communicator in Splunk Search 01-19-2022 0 2	0	2
	How to pass the search results to an email body by using sendresults I am using "sendresults" command and pass the search results to an email body template; however, the search results d... by lucas4394 Path Finder in Splunk Search 01-19-2022 0 0	0	0
	macro with calculated parameters I am trying to assign a value to a parameter in a macro that is based on a calculation of a value being sent to the m... by eranhauser Path Finder in Splunk Search 01-19-2022 0 3	0	3
	lookup table to search lookup table? I have been trying to figure out why this doesn't work.\|inputlookup ioc_domain.csv \| table query \| search NOT [inputl... by amask38 Engager in Splunk Search 01-19-2022 0 6	0	6
	Using variables with IN and LIKE functions I am using Splunk Enterprise V8.2.3.2. I am trying to alert when a scheduled search becomes disabled. The problem is ... by drezanka Explorer in Splunk Search 01-19-2022 0 4	0	4
	how to have one droplist input used for 2 panels with adding suffix for one panel? Hi,Splunkers,I have a dashboard with 2 Panels， which share one droplist input.droplist has name/values as ALL/*, ... by wangkevin1029 Communicator in Splunk Search 01-19-2022 0 16	0	16