Splunk Search

Community Activity

need to update values of a lookup search by count Splunk Queryindex="abc" source=def[\| inputlookup ABC.csv \| table text_strings count \| rename text_strings as search]P... by pkharbanda1021 Engager in Splunk Search 12-07-2021 0 16	0	16
How to add a new column in table results Hi,I am providing sample data below:[2021-12-07 03:50:14,666] {<!-- -->{taskinstance.py:1532}} INFO - Marking task as FAILED.... by kapoorsumit2020 Loves-to-Learn Everything in Splunk Search 12-07-2021 0 2	0	2
Matching field values to text I have a base search:index=oswin EventCode=19 SourceName="Microsoft-Windows-WindowsUpdateClient" earliest=-10d Comput... by dsb6 Loves-to-Learn Lots in Splunk Search 12-07-2021 0 6	0	6
does OCI loggin addon work? Hi everyone, Recently, I have tried to install the OCI addon in a test enviroment but it does not work. According to ... by saraque Observer in Splunk Search 12-07-2021 0 0	0	0
Filtering substring content I have a search which looks at rare events in Windows Event Logs and provides output shown below.source="winevtlog:se... by RedHonda03 Explorer in Splunk Search 12-07-2021 0 1	0	1
how to display stats results by values(field) I am using the following query and trying to display the results using stats but count by field valuessearch query \| ... by pkharbanda1021 Engager in Splunk Search 12-07-2021 0 7	0	7
inner join i have a query likeindex = xyz\| eval assignment= upper(assignment)\| eval SO = upper(SO)\| eval Ser = upper(Ser)\| join ... by lostcauz3 Path Finder in Splunk Search 12-07-2021 0 7	0	7
RFE: Do not strip out formatting when using the Expand your search feature When using the Expand your search feature, the Expanded Search String output is stripped of any custom formatting, pa... by SCMsplConfig Engager in Splunk Search 12-07-2021 1 2	1	2
using regex for field extraction I am trying to extract the action=* from this field, in this event its add. I've trying extracting through how you wo... by dylanhess Engager in Splunk Search 12-07-2021 0 2	0	2
Extract browser type and device from User agent Hi, I've been reading number of posts about how to extract the OS and browser details but I don't think there is a be... by shashank_24 Path Finder in Splunk Search 12-07-2021 0 5	0	5
chart visualization HelloI have a table with user gcid and user score and i want to show it as a bar chart so the Xis will be the gcid nu... by sarit_s Communicator in Splunk Search 12-07-2021 0 2	0	2
Timechart , how to display value of the field using tmechart command , I want to display values of 7 filds.. i don't want to use avg, sum functions.. just i want t... by jshanaiah Explorer in Splunk Search 12-07-2021 0 3	0	3
I am using geostats, I want to show multiple fields in the tooltip. Please help. My current querysource="VLS_OUTSTANDING_GEO.csv" host="dev-bnk-loaniq-" sourcetype="csv" \| geostats latfield=AREA_LAT... by cadrija Path Finder in Splunk Search 12-07-2021 0 0	0	0
Help with Stats / Tstats and exclude devices based on OS version Hello All, We currently use the following search to list all the Windows hosts in our environment. \| tstats dc(hos... by neerajs_81 Builder in Splunk Search 12-07-2021 0 4	0	4
time range in searches Hi,I am using earliest and latest in sub search to get last 24 hrs data and compare it with last 7 days data to know ... by meera New Member in Splunk Search 12-06-2021 0 1	0	1
splunk agent java HiHope you are well,I want to use splunk-agent-java and read description of this pagehttps://github.com/splunk/splunk... by indeed_2000 Motivator in Splunk Search 12-06-2021 0 0	0	0
Convert timestamp in event to specific timezone Hey Splunk Gurus-I'm attempting to calculate the duration between when an event was first identified (which is an ent... by leftrightleft Explorer in Splunk Search 12-06-2021 0 5	0	5
Metricator what is the different between these apps?https://splunkbase.splunk.com/apps/#/search/nmon/product/all1- ITSI module f... by indeed_2000 Motivator in Splunk Search 12-06-2021 0 1	0	1
Issues with Field Extraction from SPLUNK UI- Warning message and Fields are not showing up in search/queries Hello,I am getting following warring message when I was trying to extract fields from SPLUNK UI (web Console). I coul... by SplunkDash Motivator in Splunk Search 12-06-2021 0 0	0	0
How can I group multiple values from repeated fields in the same log? Hi all,I would like to know if there is a way to group multiple values from repeated fields that are coming in the sa... by grevortex Engager in Splunk Search 12-06-2021 0 2	0	2
Failed to get list of scheduled times for saved search I'm trying to backfill my summary index with 2 months worth of data with a report that gives results from the last mi... by MidnightRun Explorer in Splunk Search 12-06-2021 0 3	0	3
Splunk map command with Network Toolkit TA We have a requirement to setup ping and nslookup for hosts in different network zones and index the data into Splunk.... by manojsecsme Explorer in Splunk Search 12-06-2021 0 0	0	0
The options on the dashboard filter dropdown is showing extra options, that are not coming in the actual search query. The query is giving desired result of 3 hostindex=* \| table host \| stats count by hostFirst few seconds it is showing... by cadrija Path Finder in Splunk Search 12-06-2021 0 8	0	8
Is there any way to show the column in different color for bar graph, where count is more than certain level. I need to show a bar graph having error login count from different IPs over time.User wants me to show the columns i... by cadrija Path Finder in Splunk Search 12-06-2021 0 2	0	2
Need help on Rex filter Hi All,Need help in getting the right rex filter for the below _raw data. 2021-12-04T01:29:48.015524+00:00 USHCO-EXXO... by jerinvarghese Communicator in Splunk Search 12-06-2021 0 1	0	1