Splunk Search

Community Activity

Failed Login Query Hello,I am trying to write a query that will display failed logins (Account_Name, Host, Count).First Queryindex=winev... by Mmilaham Loves-to-Learn in Splunk Search 12-17-2021 0 3	0	3
Scatter plot with text values and colour I'm trying to plot the following as a scatter chart:The y-axis should be the namespace. Namespace is a small set of s... by alex_collins_in New Member in Splunk Search 12-17-2021 0 1	0	1
Sum column a x times with different columns in a single query e.ghow to get sum of below in single querysum(val_2) by applicationsum(val_2) by val_1Query Result(single query)colum... by rajg369 Explorer in Splunk Search 12-17-2021 0 3	0	3
using 2 stats queries in one result I have tried multiple ways to do this including join, append but in each case all I get is one column result being di... by jdepp Path Finder in Splunk Search 12-17-2021 2 6	2	6
How to calculate time for a given day of week? How to perform calculations on a given day of week? Specifically, I want to compare a given time value, say given_da... by yuanliu SplunkTrust in Splunk Search 12-17-2021 0 5	0	5
Are there inherited properties/restrictions when using collect to copy from one index to another? We were presented with a situation where non-admin users needed access to Splunk license data from the _internal inde... by fatsug Builder in Splunk Search 12-17-2021 0 2	0	2
How to forward data in multisite cluster Hello splunkers,i need to understand the best way to forward my data in multisite indexer cluster for Disaster Recove... by marco1987 Explorer in Splunk Search 12-17-2021 0 2	0	2
DBxquery help HI All,I have a DB querry, need a help in date filter. \| dbxquery connection="ITDW" shortnames=true query="SELECT G... by jerinvarghese Communicator in Splunk Search 12-17-2021 0 0	0	0
how to define a generic sourcetype regex for service status Hi, I have a script which can pull the service status for each of the service,I have defined it to be a common source... by ashraf_sj Explorer in Splunk Search 12-17-2021 0 2	0	2
Regex extract all matched field values per event Hi Splunk Community,I have run into an interesting scenario where I need to write a field extraction that will parse ... by d_T New Member in Splunk Search 12-17-2021 0 1	0	1
Create a search who return status ok, or 200 Hello,I'm working in Splunk enterprise with the search queries.I use a Website monitoring app for my website.I run a ... by Redjon_27 New Member in Splunk Search 12-17-2021 0 1	0	1
search results expiring Hi at all,I noted a strange thing:in a splunk 8.2.2 with ES 6.6.2, the customer scheduled some daily reports with a t... by gcusello SplunkTrust in Splunk Search 12-17-2021 0 0	0	0
Calculate time difference between two events Hi All, I am using the below search to calculate time difference between two events ie., 6006 and 60056006 is event s... by priya1926 Path Finder in Splunk Search 12-16-2021 0 2	0	2
How to display the latest event as a result? Search query :1 index="main" earliest=06/01/2019:00:00:00 latest=now \| stats first(status) by src destination port ... by kartm2020 Communicator in Splunk Search 12-16-2021 0 21	0	21
How to get the forwarder IP address reproting to splunk Hello, Can i please know how to get the all forwarders IP addresses that a reporting to splunk without use of intern... by kteng2024 Path Finder in Splunk Search 12-16-2021 0 7	0	7
How to project alphanumeric values on y axis in timechart? I have a requirement for having start and stop times with there status be projected over time as a line graph.I have ... by samindam Observer in Splunk Search 12-16-2021 0 1	0	1
Create a request with 2 reseach Hello,Is it possible to create a request in which we ask to give the top requested URL for each IP. Something like :i... by HouriaHal New Member in Splunk Search 12-16-2021 0 1	0	1
When comparing to 2 lookup files, is there way to remove records/rows when there's a match? We have 2 inputlookup files, 1 with All-users and another with Disabled-users. Is there a way to remove the records... by marceloalejandr Path Finder in Splunk Search 12-16-2021 0 3	0	3
rex field extraction need to extract only the number.. ie., 23DiskDrive: \\.\PHYSICALDRIVE23 by priya1926 Path Finder in Splunk Search 12-16-2021 0 2	0	2
How to search for DR string ../../../../ ?? Hi everyone,I just wanted to do a quick search in URLs requested in Splunk but cannot get the directory traversal str... by ShinR Explorer in Splunk Search 12-16-2021 0 8	0	8
Help with regex Hello everyone,I need help with regexI have searchindex=*\| regex Commandline="my_regular_expression"How can I add one... by bosseres Contributor in Splunk Search 12-16-2021 0 6	0	6
Display values of all fields in a row if one field value is greater than 100 Hi All,I am displaying the names based on dates and used where condition to display only values that are greater than... by karthikganduri Engager in Splunk Search 12-16-2021 0 3	0	3
Splunk cannot read .log file I have health check file with extension .log. When I uploaded it to Splunk, it came out like this.The real file is li... by Azwaliyana Path Finder in Splunk Search 12-16-2021 0 1	0	1
Center _time on a column chart Hello,I would like to center the dates of my timechart (column) : I'm using the timechart command in order to get ... by incognito Explorer in Splunk Search 12-16-2021 0 1	0	1
Help explain Log4Shell baseline query Hello all. I was reading over the article at https://www.splunk.com/en_us/blog/security/log4shell-detecting-log4j-vul... by wlcv Observer in Splunk Search 12-15-2021 0 0	0	0