Splunk Search

Community Activity

If a field contains in an eval statement My data is like this illustration purposes only:LocalIp aip10.10.10.1192.168.1.110.10.10.2172.58.100.4110.10.12.38.8.... by jenkinsta Path Finder in Splunk Search 01-18-2022 0 4	0	4
How to setup DOD CAC Login for Splunk Web I have been asked to ensure that the DOD CAC can be used to log into the Splunk Search Heads. Does anyone know how to... by scc00 Contributor in Splunk Search 01-18-2022 0 5	0	5
Events from windows and linux without domain name Hello, I would like change bare host name to host name with a domain name. According to all articles I have changed t... by Wojt3k Engager in Splunk Search 01-18-2022 0 0	0	0
Combining 3 data sources with rolling ID Hi,various tables from a database are read by Splunk. I need to combine fields from all 3 datasources. The ID-fields ... by ManfredGrill Explorer in Splunk Search 01-18-2022 0 2	0	2
Warn and Error messages below search bar While most Warn and Errors show up on the Job dropdown (1) some are also displayed in an area right below the search ... by nunoaragao Path Finder in Splunk Search 01-18-2022 0 0	0	0
Top 10 of a top 10 Hello there,I want to make a top 10 of applications based on top 10 of categories.Here is an example:CategoryNb of al... by BigShak Explorer in Splunk Search 01-18-2022 0 4	0	4
timechart command with subsearch yields no results after update to 8.2.4 Hi all, I have been using a subsearch in a timechart command to dynamically select the correct span. The query looks ... by just_me New Member in Splunk Search 01-18-2022 0 0	0	0
Splunk Query If i have n numbers of router in my index and i want to know the current status of router if its connected or failed... by i_am_manish New Member in Splunk Search 01-18-2022 0 2	0	2
How to find who deleted the file from a folder? Hello,Can someone please help me with a query to find who deleted the files of users (user=x, y, z) from a folder. in... by innoce Path Finder in Splunk Search 01-18-2022 0 1	0	1
How to add field from different event for data model purpose Is there a way to add a field to an event from a different event assuming they have a common key using a simple searc... by armahalma New Member in Splunk Search 01-17-2022 0 3	0	3
SSO login banner when using a CAC I've been able to configure SSO for CAC via Apache proxy and everything works fine. I'm trying to figure out how to d... by bwgates Explorer in Splunk Search 01-17-2022 0 3	0	3
Can search time limit be applied by index? Can a search time limit be applied differently by index rather than by role? Currently, we have a search roll limit o... by timgren Path Finder in Splunk Search 01-17-2022 0 1	0	1
Need to modify the search by eliminating append commands.is it possible? index IN (A,B) sourcetype IN (A,B) earliest=-12h latest=@m\| transaction UUID keepevicted=true\| eval ReportKey="Today"... by Veeru Path Finder in Splunk Search 01-17-2022 0 6	0	6
lookup CSV file and then search server disk performance Hi All,I have done a index search for disk data and then lookup to the CSV to check as per the Application which serv... by ravinayan_acc Loves-to-Learn Lots in Splunk Search 01-17-2022 0 1	0	1
fields are not extracted properly recently we onboarded these logs but most of the fields are not extracted though these values are mentioned with =. I... by srivenna Engager in Splunk Search 01-17-2022 0 5	0	5
manipulating different table rows Hi, I want to create the following excel table using splunk. The first 3 columns are based on the output of a query, ... by Ctpelster Engager in Splunk Search 01-17-2022 0 2	0	2
Exclude empty fields from search Dear Splunk Community,I'm trying to extract a list of changed fields, but they should only be listed if they have a v... by plcd63 Explorer in Splunk Search 01-17-2022 0 4	0	4
seperate fields of events by pipes HiI have events like this: 1900/10/26\|1900/10/25\|333\|CHECKOUT \|U \|2222\|000\|00 \|14\|111111 \|000000000 \|0000 \| \|12345678... by indeed_2000 Motivator in Splunk Search 01-17-2022 0 3	0	3
Usecase of integrating Splunk with ETL Hi what is the usecase of integrating Splunk with ETL tools? Send splunk data to ETL? Send ETL data to splunk? any id... by indeed_2000 Motivator in Splunk Search 01-17-2022 0 2	0	2
How to get count of repeated, unique and total values by group? HiI am working on query to retrieve count of repeated, unique and total visits by user through different channels. Th... by trinath465 Engager in Splunk Search 01-17-2022 0 2	0	2
Using results of join in eval if Hello, i have a question regarding the usage of the results of a join within an eval if. I have a couple of responses... by blablabla Path Finder in Splunk Search 01-17-2022 0 1	0	1
Search with _time Hello,I am monitoring a csv file using universal forwarder and the first column in the csv file is Last_Updated_Date.... by madhav_dholakia Contributor in Splunk Search 01-17-2022 1 7	1	7
csvfile search in values Hi,I have csv file containing emailID and domain and I would like to search the email exchanges between these two(em... by shrinivaskittur Explorer in Splunk Search 01-17-2022 0 10	0	10
Looking for regex help in parsing data from curl output I'm using curl in Spluk to download some data from an API and to build a lookup of the downloaded data. The data come... by bowesmana SplunkTrust in Splunk Search 01-16-2022 0 7	0	7
Blacklist line not blacklisting events Hi Everyone. I'm expanding my blacklist and i'm having issues with a seemingly simple blacklist line.Here is my curr... by icewolf69 Loves-to-Learn Everything in Splunk Search 01-16-2022 0 1	0	1