Splunk Search

Community Activity

lookup usage in query Hi,I have a requirement like we have a csv file which has the values of functionid and functiondesc, this file was ad... by sahana Engager in Splunk Search 11-30-2021 0 3	0	3
How to get the status wise data Hi,I wrote below query which gives me data per service per min...index=**** \| bucket _time span=1m \| convert ctime(_t... by SG Path Finder in Splunk Search 11-30-2021 0 7	0	7
Extracting a value from log message Hi,I have a requirement like i need to extract a some card value which was present inside the message body of the log... by sahana Engager in Splunk Search 11-29-2021 0 1	0	1
Simply query, failes with field specificity I have what should be a simple problem, but I don't have an answer without burning some brain cellsSimple query examp... by tlmayes Contributor in Splunk Search 11-29-2021 0 2	0	2
Monitor CPU Usage, RAM Usage, Hard Disk Utilization, Load Average, Largest Files and LAN Card Traffic Hi, I'm running Splunk Enterprise v7.0.1 (Indexer) on a separate Linux server with Splunk Forwarders on two more Linu... by hishamjan Explorer in Splunk Search 11-29-2021 0 12	0	12
Compare field with column of lookup table Hi all, I have this need, compare a field with a series of error codes. I would not like to write in the search, any ... by giorgioanastasi Explorer in Splunk Search 11-29-2021 0 4	0	4
Why am I unable to filter COMMAND twice? Hello all,I am trying to setup a search that logs ufw commands, while ignoring any ufw status commands. I have tried ... by jackjack Path Finder in Splunk Search 11-29-2021 0 4	0	4
Get New event and it's count I want to simply get new exceptions that occur within last 30 minutes which did not happened anytime last week on the... by patelbhavin2426 Observer in Splunk Search 11-29-2021 0 1	0	1
Need Help with lookup using variable Hi,I have index data as below and i have kvstores per each account which has additional info. Example Scenario (accou... by _- Observer in Splunk Search 11-29-2021 0 1	0	1
Splunk Regex help Hi, I have the search returning the event Nov 10 23:45:3 8888888 Tra[9100]: { EventName: "Error Occurred", BatchId: 0... by viksvig Loves-to-Learn Lots in Splunk Search 11-29-2021 0 8	0	8
Can streamstats reset_before (or reset_after) be used with a by clause? Hi, I have a search similar to this one: index=* login user=* (result="Success" OR result="Failed") \| reverse \| str... by krdo Communicator in Splunk Search 11-29-2021 1 9	1	9
How do i create a 3-event transaction, starting with event A, ending with event A, but always has event B inbetween? I have 2 types of events that come in the following, random, format:AAAAAAABAAAAAABAAAAAAAAABAABAAAB's never repeat,... by djklitz Engager in Splunk Search 11-29-2021 0 15	0	15
search for a string containing any substring that is typed in the text input Hi all,I have a text input for a table header. My requirement is , by default the table should show all the values an... by anooshac Communicator in Splunk Search 11-29-2021 0 2	0	2
Timechart based on max count of 3 fields I was given a base search to manipulate and create Timechart accordingly.base search\| eval file_line = file.":".line\|... by erica Explorer in Splunk Search 11-29-2021 0 2	0	2
Tracking failed logins followed by successful logins using the transaction command Hello,I am trying to track failed logons followed by a successful one using the transaction command and the following... by My Engager in Splunk Search 11-29-2021 0 2	0	2
Search types and bloom filters Hi there,I'm sitting here trying to make sense of the different search types in Splunk (i.e. Dense, Sparse, Super-spa... by yoyosipe New Member in Splunk Search 11-29-2021 0 0	0	0
Need help in extraction Hello team, I am facing an issue while trying to extract the below events. Please help in this. Event:150022 High 20... by srinivas_gowda Path Finder in Splunk Search 11-29-2021 0 3	0	3
Combinding two searches into one Hello all,I do appreciate this question has been asked several times, but I am struggling to understand how to link s... by amagson Loves-to-Learn in Splunk Search 11-28-2021 0 4	0	4
Join two data sets to report their event times want to report a pattern for each day and grab event times from different logs for that pattern , tried something lik... by sashpdhar Explorer in Splunk Search 11-28-2021 0 4	0	4
Search for a specific pattern and report earliest and latest occurence of that each day Team -looking for ideas how to achieve the below scenarioQuery 1 - get list of unique patterns for each dayQuery 2 - ... by sashpdhar Explorer in Splunk Search 11-28-2021 0 6	0	6
How to show markers on a map? I have many different machines that move around the country (USA), each with its own GPS lat and long coordinates. I'... by monacledpotato Explorer in Splunk Search 11-28-2021 0 8	0	8
Add value from sub search into the result set of the main search I've a sub search on an SMTP log to get all TO and FROM values together with the status. Unfortunately TO and FROM ar... by Joerg Explorer in Splunk Search 11-28-2021 0 5	0	5
Query Rex Hello Am a newbie and am looking to extract data from a sample set that looks like this (its ingested in JSON):{<!-- --> le... by StepneyGeezer Explorer in Splunk Search 11-28-2021 0 4	0	4
R Language support? Hi There, For engineers who are familiar with R programming language, is there add-ons for R Language support? e.g. ... by melonman Motivator in Splunk Search 11-27-2021 0 8	0	8
regex help hello my friends. how using regex can delete everything in bold {"test": " {<!-- --> \n \"data\": \"check\",\n \"git_branc... by gitingua Communicator in Splunk Search 11-27-2021 0 2	0	2