Splunk Search

Community Activity

	Calculate time difference between two events Hi All, I am using the below search to calculate time difference between two events ie., 6006 and 60056006 is event s... by priya1926 Path Finder in Splunk Search 12-16-2021 0 2	0	2
	How to display the latest event as a result? Search query :1 index="main" earliest=06/01/2019:00:00:00 latest=now \| stats first(status) by src destination port ... by kartm2020 Communicator in Splunk Search 12-16-2021 0 21	0	21
	How to get the forwarder IP address reproting to splunk Hello, Can i please know how to get the all forwarders IP addresses that a reporting to splunk without use of intern... by kteng2024 Path Finder in Splunk Search 12-16-2021 0 7	0	7
	How to project alphanumeric values on y axis in timechart? I have a requirement for having start and stop times with there status be projected over time as a line graph.I have ... by samindam Observer in Splunk Search 12-16-2021 0 1	0	1
	Create a request with 2 reseach Hello,Is it possible to create a request in which we ask to give the top requested URL for each IP. Something like :i... by HouriaHal New Member in Splunk Search 12-16-2021 0 1	0	1
	When comparing to 2 lookup files, is there way to remove records/rows when there's a match? We have 2 inputlookup files, 1 with All-users and another with Disabled-users. Is there a way to remove the records... by marceloalejandr Path Finder in Splunk Search 12-16-2021 0 3	0	3
	rex field extraction need to extract only the number.. ie., 23DiskDrive: \\.\PHYSICALDRIVE23 by priya1926 Path Finder in Splunk Search 12-16-2021 0 2	0	2
	How to search for DR string ../../../../ ?? Hi everyone,I just wanted to do a quick search in URLs requested in Splunk but cannot get the directory traversal str... by ShinR Explorer in Splunk Search 12-16-2021 0 8	0	8
	Help with regex Hello everyone,I need help with regexI have searchindex=*\| regex Commandline="my_regular_expression"How can I add one... by bosseres Contributor in Splunk Search 12-16-2021 0 6	0	6
	Display values of all fields in a row if one field value is greater than 100 Hi All,I am displaying the names based on dates and used where condition to display only values that are greater than... by karthikganduri Engager in Splunk Search 12-16-2021 0 3	0	3
	Splunk cannot read .log file I have health check file with extension .log. When I uploaded it to Splunk, it came out like this.The real file is li... by Azwaliyana Path Finder in Splunk Search 12-16-2021 0 1	0	1
	Center _time on a column chart Hello,I would like to center the dates of my timechart (column) : I'm using the timechart command in order to get ... by incognito Explorer in Splunk Search 12-16-2021 0 1	0	1
	Help explain Log4Shell baseline query Hello all. I was reading over the article at https://www.splunk.com/en_us/blog/security/log4shell-detecting-log4j-vul... by wlcv Observer in Splunk Search 12-15-2021 0 0	0	0
	A question about using the "collect" command. index="my_index"\|eval check=if(html_code==200,"error","OK")\|stats count values(clientip) as src_ip by ip , check\|tabl... by noott211 Path Finder in Splunk Search 12-15-2021 0 3	0	3
	Unable to hide y-axis in outlier graph (Splunk_ML_Toolkit.OutliersViz) I'm try to disable the y-axis using similar option in line chart graph but using outlier graph it cant not hide the y... by amiruliman145 New Member in Splunk Search 12-15-2021 0 0	0	0
	Merge Splunk dbxquery with search I am trying to merge Splunk search query with a database query result set. Basically I have a Splunk dbxquery 1 which... by kubeshabby New Member in Splunk Search 12-15-2021 0 0	0	0
	want to extract field values from log and perform stats on it. Hi,Below is my Log:"{"log":"{'URI': '/api//*/search?', 'METHOD': 'POST', 'FINISH_TIME': '2021-Dec-15 12:15:04 CST... by nhatode Engager in Splunk Search 12-15-2021 0 2	0	2
	how to change table field value if it's equal to previous record field. I have Splunk table output as below.for every different id 1st occurrence, I want to keep id value here, but for all ... by wangkevin1029 Communicator in Splunk Search 12-15-2021 0 6	0	6
	get bottom 3 duration within each group I have duration for multiple websites.How can I get 3 least duration for each websites. So here is exampleDuration_in... by arusoft Communicator in Splunk Search 12-15-2021 0 14	0	14
	How to add a calculated column to a chart Hello, I have the following query.<base query> \| rex field=msg "HTTP/1.1\\\" (?<http_status>\d{3})" \| where http_sta... by cheecheng Engager in Splunk Search 12-15-2021 0 4	0	4
	Field Extraction with Inconsistence Data Structure Hello,I have some issues with Field Extraction, since there are some inconsistences in the structure of its field val... by SplunkDash Motivator in Splunk Search 12-15-2021 0 14	0	14
	Search process did not exit cleanly, exit_code=255, description="exited with code 255". Please look in search.log Hi,I am getting the following error on my search head whenever i run query in a newly created app.Search results migh... by Ashwini008 Builder in Splunk Search 12-15-2021 0 1	0	1
	Passing values from subsearch to Parent Search I am stuck with a query where I am trying to pass the field value from sub search to parent search:Query: index=f5 s... by ashvinpandey Contributor in Splunk Search 12-15-2021 0 3	0	3
	splunk search query if i have employees list .for each employee there are two status logged in and logged out, i need to find out the eac... by kajalchopade071 Path Finder in Splunk Search 12-15-2021 0 1	0	1
	splunk search query suppose if i have user1,user2,user3 i need to find out last log message of each user h by kajalchopade071 Path Finder in Splunk Search 12-15-2021 0 2	0	2