Splunk Search

Community Activity

Need to modify the search by eliminating append commands.is it possible? index IN (A,B) sourcetype IN (A,B) earliest=-12h latest=@m\| transaction UUID keepevicted=true\| eval ReportKey="Today"... by Veeru Path Finder in Splunk Search 01-17-2022 0 6	0	6
lookup CSV file and then search server disk performance Hi All,I have done a index search for disk data and then lookup to the CSV to check as per the Application which serv... by ravinayan_acc Loves-to-Learn Lots in Splunk Search 01-17-2022 0 1	0	1
fields are not extracted properly recently we onboarded these logs but most of the fields are not extracted though these values are mentioned with =. I... by srivenna Engager in Splunk Search 01-17-2022 0 5	0	5
manipulating different table rows Hi, I want to create the following excel table using splunk. The first 3 columns are based on the output of a query, ... by Ctpelster Engager in Splunk Search 01-17-2022 0 2	0	2
Exclude empty fields from search Dear Splunk Community,I'm trying to extract a list of changed fields, but they should only be listed if they have a v... by plcd63 Explorer in Splunk Search 01-17-2022 0 4	0	4
seperate fields of events by pipes HiI have events like this: 1900/10/26\|1900/10/25\|333\|CHECKOUT \|U \|2222\|000\|00 \|14\|111111 \|000000000 \|0000 \| \|12345678... by indeed_2000 Motivator in Splunk Search 01-17-2022 0 3	0	3
Usecase of integrating Splunk with ETL Hi what is the usecase of integrating Splunk with ETL tools? Send splunk data to ETL? Send ETL data to splunk? any id... by indeed_2000 Motivator in Splunk Search 01-17-2022 0 2	0	2
How to get count of repeated, unique and total values by group? HiI am working on query to retrieve count of repeated, unique and total visits by user through different channels. Th... by trinath465 Engager in Splunk Search 01-17-2022 0 2	0	2
Using results of join in eval if Hello, i have a question regarding the usage of the results of a join within an eval if. I have a couple of responses... by blablabla Path Finder in Splunk Search 01-17-2022 0 1	0	1
Search with _time Hello,I am monitoring a csv file using universal forwarder and the first column in the csv file is Last_Updated_Date.... by madhav_dholakia Contributor in Splunk Search 01-17-2022 1 7	1	7
csvfile search in values Hi,I have csv file containing emailID and domain and I would like to search the email exchanges between these two(em... by shrinivaskittur Explorer in Splunk Search 01-17-2022 0 10	0	10
Looking for regex help in parsing data from curl output I'm using curl in Spluk to download some data from an API and to build a lookup of the downloaded data. The data come... by bowesmana SplunkTrust in Splunk Search 01-16-2022 0 7	0	7
Blacklist line not blacklisting events Hi Everyone. I'm expanding my blacklist and i'm having issues with a seemingly simple blacklist line.Here is my curr... by icewolf69 Loves-to-Learn Everything in Splunk Search 01-16-2022 0 1	0	1
Removing field from _raw field generated by collect for summary index I am using a scheduled report to save data to a summary index with the following query:index=_internal \| stats count ... by klim Path Finder in Splunk Search 01-16-2022 0 1	0	1
How to develop Regex to find invalid pattern in a skill level expression string. Hi， Splunkers，I have some skill expression as below:Orange > 5 & apple < 0 & ( Peach = 0 \| Tomato >) & (Strawberry ... by wangkevin1029 Communicator in Splunk Search 01-16-2022 0 12	0	12
Error of Problem replicating config (bundle) to search peer ' 10.10.x.79:8089 ', Greetings!! I need help!!! am experiencing an error while am doing search, the error is:Search peer Splkidx04 has the... by pacifikn Communicator in Splunk Search 01-16-2022 0 3	0	3
multivalue fields Hi I'm trying to count the number of times of a specific values "not match" exist in a multi-value field, search for ... by poladbank New Member in Splunk Search 01-16-2022 0 2	0	2
How do I group 2 attributes for line graph Splunk I'm trying to do a line graph using this command:source="filename.csv" sourcetype="csv" \| stats sum(intake), values(g... by Rayzer Engager in Splunk Search 01-16-2022 0 3	0	3
Human or Google web requests We use Palo Alto, Barracuda, and McAfee WGs.All perform some form of Web Filtering / Blocking, which I'm now being as... by DaveBunn Path Finder in Splunk Search 01-15-2022 0 0	0	0
Look up value from one log line in another log line I have a log line for when the ip is added to the blacklist and another log line with ips that were removed from the ... by carinahOliveira Explorer in Splunk Search 01-15-2022 0 1	0	1
Excluding internal to addresses from the from field using regex I am trying to create a dash which uses tokens for different clients capturing any attachments sent externally. I h... by emcglade Engager in Splunk Search 01-15-2022 0 1	0	1
Create dashboard for hosts that have no results from a specific sourcetype Hey guys I'm trying to create a dashboard that shows any host with a group of specified hosts that are not returning ... by croseberry Engager in Splunk Search 01-14-2022 0 1	0	1
Measure time between two log events Hi,I have an SBC (Session Board Controller) which is doing LDAP search and write the syslog of that. I'm trying to ge... by Petri-X Explorer in Splunk Search 01-14-2022 0 4	0	4
Find Any windows login from a source IP other than the known one Hi , I have a list of allowed IP addresses and want to use splunk to find any windows login from a source Ip other th... by websplunk01 Engager in Splunk Search 01-14-2022 0 3	0	3
split string with square brackets into individual fields Hello,I'm new to Splunk and I'm looking for some advice.My search, e.g. <mysearch> \| table attributes returns a val... by plcd63 Explorer in Splunk Search 01-14-2022 0 5	0	5