Splunk Search

Community Activity

Want to ignore some fields Hi Team, In below query I don't want to show up the result as "Up" in state_to field, I just want to see data with d... by Ashish0405 Path Finder in Splunk Search 12-17-2024 0 10	0	10
Intermittent log data ingestion with Packetbeat JSON file Hello, I am experiencing intermittent log ingestion issues on some servers and have observed potential queue saturati... by s_s Observer in Splunk Search 12-17-2024 0 1	0	1
How to replace Join to search large data sets I've been working on a search that I finally managed to get working that would look for events generated by a provi... by dtaylor Path Finder in Splunk Search 12-17-2024 0 2	0	2
How to search and monitor Splunk user logins that are using LDAP based authentication? I have been going through several answers about how to get and track user logons and logoffs. Tried many of the searc... by anoopambli Communicator in Splunk Search 12-17-2024 1 12	1	12
data and lookup field problem Hi All i have a csv look up with below data Event_Code AUB01 AUB36 BUA12 i want to match it with a dataset which has ... by secure Path Finder in Splunk Search 12-17-2024 0 2	0	2
Need help in some formatting the result Hi Team,I am Firewall engineer and working on creation of some dashboard.I have created one dashboard whenever our fi... by Ashish0405 Path Finder in Splunk Search 12-16-2024 0 6	0	6
Sum values fields How can I get the total sum of the Duration fields?Regards. by Miguel3393 Path Finder in Splunk Search 12-16-2024 0 8	0	8
Splunk Regex never works when entered second folder HiSo I ran into a very odd and specific issue. I trx to regex-Filter a field, lets call it "parent". The field has th... by Cramery_ New Member in Splunk Search 12-16-2024 0 2	0	2
Alert on table with custom email subject field value I got an alert working "for each result" by using a query that creates the following table:errorType coun... by rmiller3 Engager in Splunk Search 12-16-2024 0 2	0	2
Data Model custom timerange check How to pass earliest and latest values to a data model search? Example if I select a time range picker of last 30 mi... by vn_g Path Finder in Splunk Search 12-16-2024 0 4	0	4
How to detect "now" and turn it into a real date? Dear expertsIn my dashboard I have a time picker providing the token t_time. My searchindex="abc" search_name="def" ... by Ste Path Finder in Splunk Search 12-16-2024 0 6	0	6
how to replace wc-l on a query from splunk I need to replace the command wc-l because I want to saw a dashboard of the total of messages on a source. by chrystianguille New Member in Splunk Search 12-13-2024 0 1	0	1
Identifying compliant logins - including last login time. Working on supplementing a search we are using to implement conditional access policies. The search identifies succes... by DLevine_ Explorer in Splunk Search 12-13-2024 0 5	0	5
RegEx I am trying to regex out eligible with the answer field true, when i do it in the regex builder this works eligible\\... by CPrimoR Observer in Splunk Search 12-13-2024 0 6	0	6
Chart over time by multiple fields Hi there! I want to create a scorecard by Manager and Region counting my Orders over Month. So the chart would look s... by YuliyaVassilyev Explorer in Splunk Search 12-13-2024 0 4	0	4
Proactively stream data to different index after CIM Mapping Hello guys.Hope someone can help us out.I am using the Enterprise and am trying to store the events after CIM mapping... by sshostak New Member in Splunk Search 12-13-2024 0 0	0	0
Can you create/modify a lookup file via REST API? Hi, Is it possible to create/modify a lookup file via Splunk's REST API? I don't see anything that addresses this fun... by a212830 Champion in Splunk Search 12-12-2024 3 40	3	40
TriggerTime eval with SolarWinds Index I am creating a dashboard with Splunk to monitor offline assets in my environment with SolarWinds. I have the add-on ... by daviswk Observer in Splunk Search 12-12-2024 0 3	0	3
Need some help with a JSON array Hi smart folks. I have the output of a REST API call as seen below. I need to split each of the records as delimited ... by ScottW Explorer in Splunk Search 12-12-2024 0 5	0	5
condition drilldown - with link target Hello,I want to make a drilldown with those services : and I have to apply a drilldow for (s3-bucket / vpc / ec2) I'v... by anissabnk Path Finder in Splunk Search 12-12-2024 0 6	0	6
Reverse time info in chart Dear expertsMy searchindex="abc" search_name="xyz" Umgebung="prod" earliest=-7d@d latest=@d zbpIdentifier IN (454-594... by Ste Path Finder in Splunk Search 12-11-2024 0 2	0	2
Custom TA - python script lookup issue Hi Dear Splunkers, I have been working on creating a Custom TA for counting unicode characters for non-eng dataset (l... by inventsekar SplunkTrust in Splunk Search 12-11-2024 0 9	0	9
How to filter comma separate keywords in splunk dashboard using text box? How to filter using text box with multiple keywords using comma separated.How to filter my table data.This is my que... by karthi2809 Builder in Splunk Search 12-11-2024 0 3	0	3
Difference between users Good day,I am trying to get a dashboard up and going to easily find the difference between two users groups. I get my... by JandrevdM Path Finder in Splunk Search 12-11-2024 0 2	0	2
How Can Splunk Help Me Interpret Data Trends Using Zip Codes More Effectively? I’ve been diving deeper into using Splunk for analyzing various types of data, and recently I’ve been exploring how l... by MargusVlastimi New Member in Splunk Search 12-11-2024 0 2	0	2