Splunk Search

Community Activity

Searching a 2nd index with a field extraction using rex I have a index=weblogs where I filter results and then REX extract an IP address to a new field called RemoteIP.I wan... by dhabbal Explorer in Splunk Search 01-08-2022 0 4	0	4
Using "earliest" and other time modifiers in ad hoc queries Is it possible to put time modifiers like "earliest" into a search and essentially disregard the time range drop-down... by mv10 Path Finder in Splunk Search 01-07-2022 0 3	0	3
Using stats command to return 0 value Hi There:I'm trying to return the list of access_users with 0 web hits from the web_hits table. How can i adjust this... by mdeterville Path Finder in Splunk Search 01-07-2022 0 2	0	2
Old data cannot load Splunk can not load old data only load current data. Though it shows event count. Before that I have moved some splun... by Eshmin Observer in Splunk Search 01-07-2022 0 6	0	6
Column Chart - unstack and stack in one chart. Show a column value as tooltip I have two questions.1.Is it possible to Stack and unstack in a single column chart?in the below chart the line on to... by rajg369 Explorer in Splunk Search 01-07-2022 0 6	0	6
How to combine multiple values to single row I want to divide different multi-values based on IP.Current results:IPdateeventrisk1.1.1.12022-01-012022-01-02apache ... by staymini Explorer in Splunk Search 01-07-2022 1 4	1	4
How to display two lines in a linechart based on one value? Dear Splunk Community,Every 5 minutes the following event is generated :2022-01-05 21:20:33 : RunningOR2022-01-05 20:... by Bleepie Communicator in Splunk Search 01-07-2022 0 3	0	3
Unable to extract from the field Hello all, I am trying to extract an field from the below event and using the below add extraction, however this extr... by srinivas_gowda Path Finder in Splunk Search 01-07-2022 0 2	0	2
Splunk regex ignore fields before match I need to extract the contents of the message field into a json log, but the first strings must be ignored until 'std... by leandromatperei Path Finder in Splunk Search 01-07-2022 0 4	0	4
Remove Alike Values in a Field Hello Splunk Answers, How can I remove this duplicate line? See sample below:From: row1 row2 row31.1.1.1 X... by whitefang1726 Path Finder in Splunk Search 01-06-2022 0 6	0	6
How to Search for the Rows If at Least One Row in the Whole source Meets a Criteria I want to search like:index=whatever "term_1" AND (at least one event in the source of the found record contains term... by hpaknia Explorer in Splunk Search 01-06-2022 1 4	1	4
Exclude IP address returned from subsearch in main search Hello,I've got a search query where I'm looking for unexpected ssh connections to my instances, but I've got one serv... by apeadape Explorer in Splunk Search 01-06-2022 0 1	0	1
Break up search over large timeframe into searches of smaller timeframes TLDR: I'm trying to automate the large 25 day search to break up into 25 separate one day searches.I'm updating a loo... by cyberdiver Explorer in Splunk Search 01-06-2022 0 6	0	6
Log4J Search slows down after a few minutes (Large Query) Log4J Query: index=* \| regex _raw="(\$\|%24)(\{\|%7B)([^jJ][jJ])([^nN][nN])([^dD][dD])([^iI][iI])(:\|%3A\|\$\|%24\|}\|%7... by cyberdiver Explorer in Splunk Search 01-06-2022 0 4	0	4
Creating a new field from another field Hi, Wondering if anyone can help. I am trying to create a new field called FS_Owner_Mail using \|eval from both the ma... by emcglade Engager in Splunk Search 01-06-2022 0 4	0	4
Choose one result in Splunk table Query Hello All, 1) I would like to add radio button / any way to select - one of the results of my below REST query search... by PraveenaR Explorer in Splunk Search 01-05-2022 0 1	0	1
Search based on two different dropdowns I have two dropdowns. I only want to run a single dropdown everytime for a search.Closed Dropdown has token value as... by martin61 Engager in Splunk Search 01-05-2022 0 1	0	1
.. .. by amys Engager in Splunk Search 01-05-2022 0 0	0	0
Find Ids of a table not in other search table I have 2 type of search messages -Problem #1Problem #5and other one goes like this -Solved problem_id successful: 1So... by mangaldev Engager in Splunk Search 01-05-2022 0 1	0	1
Daily and weekly discrete count in the same query? I've got some queries I need to do periodically that use the exact same base search, one with teh weekly uniques and ... by dantose Explorer in Splunk Search 01-05-2022 0 3	0	3
java curl splunk search produces error in SearchParser - missing a search command In Java, I am trying to call a curl command that has a Splunk search to get contents of a lookup file.I've used https... by diptij Path Finder in Splunk Search 01-05-2022 0 2	0	2
How: transform csv field value, split, join and create dynamic field value pair I use a lookup to define alert/SLO specifications. I use the lookups as input filters to my alert searches where I ca... by cmckenna Explorer in Splunk Search 01-05-2022 1 5	1	5
extract pattern like splunk pattern Hi, How can I extract pattern of raw data like pattern tab in splunk search? Thanks by indeed_2000 Motivator in Splunk Search 01-05-2022 0 6	0	6
How to write field name in its value Hi,How can I write the name of a field in the value like I have :test_1test_2test_3warnerrorcritical I want :testtest... by mah Builder in Splunk Search 01-05-2022 0 1	0	1
How to reorganize a table Hello,I have a table like that :customerprod_1prod_2prod_3customer_1 green customer_2red orange and I would like to c... by mah Builder in Splunk Search 01-05-2022 0 2	0	2