Splunk Search

Community Activity

	Failed to get list of scheduled times for saved search I'm trying to backfill my summary index with 2 months worth of data with a report that gives results from the last mi... by MidnightRun Explorer in Splunk Search 12-06-2021 0 3	0	3
	Splunk map command with Network Toolkit TA We have a requirement to setup ping and nslookup for hosts in different network zones and index the data into Splunk.... by manojsecsme Explorer in Splunk Search 12-06-2021 0 0	0	0
	The options on the dashboard filter dropdown is showing extra options, that are not coming in the actual search query. The query is giving desired result of 3 hostindex=* \| table host \| stats count by hostFirst few seconds it is showing... by cadrija Path Finder in Splunk Search 12-06-2021 0 8	0	8
	Is there any way to show the column in different color for bar graph, where count is more than certain level. I need to show a bar graph having error login count from different IPs over time.User wants me to show the columns i... by cadrija Path Finder in Splunk Search 12-06-2021 0 2	0	2
	Need help on Rex filter Hi All,Need help in getting the right rex filter for the below _raw data. 2021-12-04T01:29:48.015524+00:00 USHCO-EXXO... by jerinvarghese Communicator in Splunk Search 12-06-2021 0 1	0	1
	find 5 "Errors" peak points by server HiI need to find 5 "Errors" peak points by server and sort by date here is my spl:index="myindex" err* \| rex field=s... by indeed_2000 Motivator in Splunk Search 12-06-2021 0 29	0	29
	Display of a result according to the previous state of this same result Hello community,I apologize in advance, my English being bad, Google Translate is my friend.My business is starting u... by Rajaion Path Finder in Splunk Search 12-06-2021 0 6	0	6
	How to remove double quotes from an event field Please find the sample event field comment comment="This is sample data "to remove the double quote value" how to r... by deev Observer in Splunk Search 12-05-2021 0 3	0	3
	Multiple File Indicator Hello Splunk Community, I have created a query to calculate the business date of the file which arrived to be loaded ... by zoebanning Path Finder in Splunk Search 12-05-2021 0 2	0	2
	schedule report failed HiI have schedule report that run daily, but often failed!number of events about 80,000,000job inspection log attach ... by indeed_2000 Motivator in Splunk Search 12-04-2021 0 0	0	0
	Subsearch doesn't return anything I'm trying to write a search that will return a table where all average values of the field price grouped by Ids are ... by MidnightRun Explorer in Splunk Search 12-04-2021 0 7	0	7
	Comparing individual values with the past average I have a search query that looks like this: index="myindex" sourcetype="mysource" earliest=@d latest=now \| append [... by MidnightRun Explorer in Splunk Search 12-04-2021 0 1	0	1
	REX parenthesis and end of line Hi! Been struggling a lot with a pretty simple problem but my SPLUNK REX skills are insufficient for the task. I want... by martinhelgegren Explorer in Splunk Search 12-04-2021 0 8	0	8
	Pass the result of one query to another I have the first queryFirst Query : search criteria \| rex field=_raw ".* IPAddress=(?<IPAddress>.+?) " \| table IP... by anjihari Observer in Splunk Search 12-03-2021 0 1	0	1
	Query to show inbound and outboud network traffic Hello everyone,I am trying to create queries to show the max and average values of inbound and outbound network traff... by israbenbr Explorer in Splunk Search 12-03-2021 0 1	0	1
	Reduce the EVAL command SPL could someone who is SPL expert help me reduce this: \|eval dest=replace(dest, "dstdomain\|src\|any-of\|dst\|# ", ""), de... by youngsuh Contributor in Splunk Search 12-03-2021 0 3	0	3
	Group log entries by a start line and end line containing a certain string I have somewhat of an unwieldy log file I'm trying to wrangle. Each log entry is contained between two lines like so:... by mikefisher New Member in Splunk Search 12-03-2021 0 1	0	1
	Joining 2 sourcetypes by property value Hey all,I have 2 source types with the following propertiessource_1idvaluesource_2namedescriptionSo my events might l... by chrisdev Explorer in Splunk Search 12-03-2021 0 2	0	2
	Inline/Uses Transform Field Extraction Hello,How would I implement inline or Uses Transform Field extraction (please see screenshot below) for following eve... by SplunkDash Motivator in Splunk Search 12-03-2021 0 7	0	7
	I defined a field extraction, but why is the field not getting listed under interesting fields on the search results page? Hi, I am facing issues with the use of extracted fields. I intend to create a timechart with the extracted values. I... by SplunkNoviceUse Explorer in Splunk Search 12-03-2021 0 5	0	5
	How can I pair search results from two different queries where only time is different? I have a query where I get "STARTED" and "FINISHED" status events for the same methods.e.g.index IN (private public) ... by plajcsi Engager in Splunk Search 12-03-2021 0 2	0	2
	Syslog search I'm new to splunk, how can I import syslog from my local computer to splunk? - when i search it says it can be done v... by pofudukhamsi Loves-to-Learn in Splunk Search 12-03-2021 0 1	0	1
	How to join two sources with common one common field ? I have sourcetype A that has info about service_accounts such as name, AU, email , full_name, manager_name.But some o... by zacksoft_wf Contributor in Splunk Search 12-03-2021 0 22	0	22
	Can I change the line colors in a timechart by setting color codes? Basically the chart is showing blue & green lines, but user needs more distinguishing color. Like Red & Blue. by cadrija Path Finder in Splunk Search 12-03-2021 0 2	0	2
	How to use inputlookup to search for matches in a .csv file Hello, I have a need to run a search for MAC OUI matches against a .csv file containing 1000+ MAC OUIs? Can anyone pr... by Splunkster21 New Member in Splunk Search 12-03-2021 0 2	0	2