Splunk Search

Community Activity

Use variable as complete search string I am trying to create a dashboard. It has two input text fields.I want to run a search query based on these two input... by ameyad Engager in Splunk Search 11-18-2024 1 1	1	1
show value in statistics where it doesnt exist in the logs hello Splunkersi have a requirement where i need to show values in statistics even if it doesn't exist, for example h... by msalghamdi Path Finder in Splunk Search 11-18-2024 0 3	0	3
Salesforce in SPLUNK I am confused on why I only get _ID's from my Salesforce ingest, for example, I am not getting Username, Profile Name... by linaaabad Observer in Splunk Search 11-18-2024 0 2	0	2
if _raw contains X rex this elseif _raw contains y rex this else rex this like in the subject, i am looking at events with different fields and delimetersi want to say if the event contains t... by darkins Engager in Splunk Search 11-15-2024 0 8	0	8
Unable to use conditions against datamodel Not sure what I am doing wrong. I have a datamodel with a dataset that I can pivot on a field when using the datamod... by smahoney Path Finder in Splunk Search 11-15-2024 0 2	0	2
Event time is not showing correctly on Dashboard table Hello everyone,I'm having an issue that I'm trying to understand and fix. I have a Dashboard table that displays the... by mninansplunk Path Finder in Splunk Search 11-15-2024 0 3	0	3
how to search for user id's and any information that splunk has we have a user ID that we are looking to find out what splunk has collected. what is the serach that i use? by mg99 New Member in Splunk Search 11-15-2024 0 1	0	1
Filter data from json file Team,I am bit new to Splunk, need help to pull ERR message from below sample raw data. {"hosting_environment": "nonp"... by drogo Explorer in Splunk Search 11-14-2024 0 3	0	3
Timechart and Timewrap I am on Splunk 8.2.12.I am trying to get a distinct count of incidents that have happened in each month, year to date... by scottmkirkland Explorer in Splunk Search 11-14-2024 0 3	0	3
Load Balancer My team has created production environment with 6 syslog servers (2 in each of 3 multi site cluster). My question is ... by splunklearner Communicator in Splunk Search 11-14-2024 0 3	0	3
Join two splunk searches in the outer query i am trying to pull the ORDERS which is Not available .I need to match the ORDERS which is Not a... by Athira Loves-to-Learn Everything in Splunk Search 11-14-2024 0 5	0	5
Stats command with latest values listing Hi Team, I have a splunk query that am testing for Service Now data extract. index=snow "INC783" \| search dv_state="I... by jerinvarghese Communicator in Splunk Search 11-14-2024 0 1	0	1
Adding zoom in option to timeline chart Hello All, I'm having a timeline chart, I would like to add zoom in to this chart when we drang and select some lin... by smanojkumar Contributor in Splunk Search 11-14-2024 0 4	0	4
whats wrong with this query?? Hello Everyone,I have below splunk query which will display the output as below (index= index_1 OR index= index_2) (k... by super_edition Path Finder in Splunk Search 11-14-2024 0 11	0	11
I want to create a subsearch that will abbreviate all but the first 30 characters of the result. index=replicate category=* action=* Message=* [search index=replicate \| eval Msg=substr(Message,1,30)] \| stats c... by NanSplk01 Communicator in Splunk Search 11-14-2024 0 2	0	2
Looking to improve a query with a lookup file I have a lookup file that contains a column for hostname, ip address and location. I need a query that will check th... by bond77s Explorer in Splunk Search 11-14-2024 0 3	0	3
Need help with the correct regex Hello, I'm trying to extract fields from an event, but am not up to par on my regex, and I can't seem to get this to ... by mninansplunk Path Finder in Splunk Search 11-13-2024 0 2	0	2
Possible to output a literal string with backslashes from a lookup without escaping? I am attempting to use a lookup to feed some UNC file paths into a dashboard search, but I am getting tripped by all ... by DaClyde Contributor in Splunk Search 11-13-2024 0 3	0	3
How to tie in 2 different event sources to display a field value from one source based on a value from the other source. Hello,Sorry, still trying to get the hang of Search queries. I am tasked with creating a table that displays a serv... by mninansplunk Path Finder in Splunk Search 11-13-2024 0 4	0	4
Dowloading results of table to .csv file Hello Splunkers, I'm getting proper results without any selction in input dropdown, I can able to download the re... by smanojkumar Contributor in Splunk Search 11-13-2024 0 1	0	1
Java Logger and Splunk Class HttpEventCollectorLoggingHandler not working, forwarding to HEC + Splunk I reduced content of my documentation of problem (Code and Trace), due to request from Splunk, I'm trying to log to... by steveIMS Engager in Splunk Search 11-13-2024 0 1	0	1
Join two logs in Splunk hi ,I wanted to search and save result as table from two log statements. one log statement using regex to extract "OR... by Athira Loves-to-Learn Everything in Splunk Search 11-13-2024 0 10	0	10
create alert for specific accound and monitor logs gap I want to monitor AWS logs sources with various account when ever logs stopped coming for particular sourcetype i nee... by Splunk_rocks Path Finder in Splunk Search 11-13-2024 0 1	0	1
how to retrieve the results in splunk from API 2024-11-12 12:12:28.000,REQUEST="{"body":"<n1:Request xmlns:ESILib=\"http:/abcs/v1\" xmlns:xsi=\"http://www.w3.org/20... by splunk6 Path Finder in Splunk Search 11-12-2024 0 11	0	11
Field extraction json format Please help me to get these logs in a way that it provides all the fields please...Nov 9 17:34:28 128.160.82.28 [loca... by splunklearner Communicator in Splunk Search 11-12-2024 0 10	0	10