Splunk Search

Community Activity

	How to search for DR string ../../../../ ?? Hi everyone,I just wanted to do a quick search in URLs requested in Splunk but cannot get the directory traversal str... by ShinR Explorer in Splunk Search 12-16-2021 0 8	0	8
	Help with regex Hello everyone,I need help with regexI have searchindex=*\| regex Commandline="my_regular_expression"How can I add one... by bosseres Contributor in Splunk Search 12-16-2021 0 6	0	6
	Display values of all fields in a row if one field value is greater than 100 Hi All,I am displaying the names based on dates and used where condition to display only values that are greater than... by karthikganduri Engager in Splunk Search 12-16-2021 0 3	0	3
	Splunk cannot read .log file I have health check file with extension .log. When I uploaded it to Splunk, it came out like this.The real file is li... by Azwaliyana Path Finder in Splunk Search 12-16-2021 0 1	0	1
	Center _time on a column chart Hello,I would like to center the dates of my timechart (column) : I'm using the timechart command in order to get ... by incognito Explorer in Splunk Search 12-16-2021 0 1	0	1
	Help explain Log4Shell baseline query Hello all. I was reading over the article at https://www.splunk.com/en_us/blog/security/log4shell-detecting-log4j-vul... by wlcv Observer in Splunk Search 12-15-2021 0 0	0	0
	A question about using the "collect" command. index="my_index"\|eval check=if(html_code==200,"error","OK")\|stats count values(clientip) as src_ip by ip , check\|tabl... by noott211 Path Finder in Splunk Search 12-15-2021 0 3	0	3
	Unable to hide y-axis in outlier graph (Splunk_ML_Toolkit.OutliersViz) I'm try to disable the y-axis using similar option in line chart graph but using outlier graph it cant not hide the y... by amiruliman145 New Member in Splunk Search 12-15-2021 0 0	0	0
	Merge Splunk dbxquery with search I am trying to merge Splunk search query with a database query result set. Basically I have a Splunk dbxquery 1 which... by kubeshabby New Member in Splunk Search 12-15-2021 0 0	0	0
	want to extract field values from log and perform stats on it. Hi,Below is my Log:"{"log":"{'URI': '/api//*/search?', 'METHOD': 'POST', 'FINISH_TIME': '2021-Dec-15 12:15:04 CST... by nhatode Engager in Splunk Search 12-15-2021 0 2	0	2
	how to change table field value if it's equal to previous record field. I have Splunk table output as below.for every different id 1st occurrence, I want to keep id value here, but for all ... by wangkevin1029 Communicator in Splunk Search 12-15-2021 0 6	0	6
	get bottom 3 duration within each group I have duration for multiple websites.How can I get 3 least duration for each websites. So here is exampleDuration_in... by arusoft Communicator in Splunk Search 12-15-2021 0 14	0	14
	How to add a calculated column to a chart Hello, I have the following query.<base query> \| rex field=msg "HTTP/1.1\\\" (?<http_status>\d{3})" \| where http_sta... by cheecheng Engager in Splunk Search 12-15-2021 0 4	0	4
	Field Extraction with Inconsistence Data Structure Hello,I have some issues with Field Extraction, since there are some inconsistences in the structure of its field val... by SplunkDash Motivator in Splunk Search 12-15-2021 0 14	0	14
	Search process did not exit cleanly, exit_code=255, description="exited with code 255". Please look in search.log Hi,I am getting the following error on my search head whenever i run query in a newly created app.Search results migh... by Ashwini008 Builder in Splunk Search 12-15-2021 0 1	0	1
	Passing values from subsearch to Parent Search I am stuck with a query where I am trying to pass the field value from sub search to parent search:Query: index=f5 s... by ashvinpandey Contributor in Splunk Search 12-15-2021 0 3	0	3
	splunk search query if i have employees list .for each employee there are two status logged in and logged out, i need to find out the eac... by kajalchopade071 Path Finder in Splunk Search 12-15-2021 0 1	0	1
	splunk search query suppose if i have user1,user2,user3 i need to find out last log message of each user h by kajalchopade071 Path Finder in Splunk Search 12-15-2021 0 2	0	2
	I want to extract the same result from stats. I want to see the result values of Src_ip and dst_ip are the same and "ok" and the number of these result values. Wha... by noott211 Path Finder in Splunk Search 12-15-2021 0 1	0	1
	Split a MV field into different, multiple fields Hi,I have a very specific problem. I have a field with following values at different timestamps. Example:1,3,2002,3,4... by mato666666 Explorer in Splunk Search 12-15-2021 0 5	0	5
	Using where to compare for one value in a multivalue field Is it valid to use a where clause to compare a string value to a multivalue field in order to know if that value is o... by lmonahan Path Finder in Splunk Search 12-14-2021 0 1	0	1
	parsing a JSON list Hi, I have a field called "catgories" whose value is in the format of a JSON array. The array is a list of one or mor... by rberman Path Finder in Splunk Search 12-14-2021 0 4	0	4
	Best way to find destination IPs that become source IPs? Hi, I'm attempting to build a query to find destination IP addresses that became source IPs for traffic in a 5min win... by jbreeves New Member in Splunk Search 12-14-2021 0 3	0	3
	Splunk query on lookups Hi Actually i made lookup with the list of ip address in .csv file. I want to write a query if there is traffic from... by umeshcreddy Engager in Splunk Search 12-14-2021 0 1	0	1
	Splunk search to find out CVE-2021-44228(Apache Log4j Remote Code Execution） Hi Team I am trying to find out recent CVE-2021-44228( log4j)I tried " index=aws log4j", nut not sure how to find o... by jaibalaraman Path Finder in Splunk Search 12-14-2021 0 5	0	5