Splunk Search

Community Activity

ldapsearch not returning true/false for attr Enabled For some reason the "Enabled" field is not return "true or false" when running ldapsearch from Splunk. All the other... by marceloalejandr Path Finder in Splunk Search 11-10-2021 0 1	0	1
How do I get SmartStore to fill its cache again? We have Splunk 8.0.3 deployed to a private AWS cloud.We use AWS i3.8xlarge instance types for our indexers, recently ... by esalesap Path Finder in Splunk Search 11-10-2021 0 1	0	1
Search ui options - export/download I have a user that has asked how to get access/permissions to the "export" button while doing a search in Splunk. It... by andrewenstad Engager in Splunk Search 11-10-2021 0 1	0	1
Find Events in one index based on a result set I want to find items in one index based on results from another index's search. I have the following but only get a h... by SMM10 Explorer in Splunk Search 11-10-2021 0 3	0	3
Field Extraction This has been asked a million times. I've been digging through the various postings but haven't figured out what I'm ... by jeck11 Path Finder in Splunk Search 11-10-2021 0 8	0	8
Subsearch not returning any results Hello Splunksters,I'm new to Splunk and am constructing my first subsearch. I've read the documentation on subsearch... by gillockb Explorer in Splunk Search 11-10-2021 0 4	0	4
If statements inside search I am currently using an Input token called OS.I have three values for the token: MAC Windows Linux.In my... by Vip_Mark Explorer in Splunk Search 11-10-2021 0 1	0	1
regex to fetch values within delimiters Hi team, Please help with the regex to fetch the values from below payload - serverName, HostNumber. "{\n \"process... by rkishoreqa Communicator in Splunk Search 11-10-2021 0 1	0	1
Summary Indexing Hi GuysWanted to know if anyone knows if you can populate a summary index from a data model. the summary index query ... by zubairaizatron Explorer in Splunk Search 11-10-2021 0 2	0	2
help to legend field name after using a lookup correspondance hiI use a lookup in order to do a correspondance between the field web_error_code which is my sourcetype and which is... by jip31 Motivator in Splunk Search 11-10-2021 0 2	0	2
export field extraction to resue I have extracted two fields in my non prod splunk account. I want to use the same for the prod splunk account as well... by rohanmiskin Explorer in Splunk Search 11-10-2021 0 2	0	2
multiple sources Hi,I just started working with Splunk and would ask for some help.I have 3 sources, A, B and C.Source A contains fiel... by Wilfred Engager in Splunk Search 11-10-2021 0 2	0	2
Remove all events of a client based on one or more values of field Hi thereIm trying to filter my search results based on numerical top values of a field.For example. I have 5k events ... by rel82wi Engager in Splunk Search 11-10-2021 0 4	0	4
Exclude path from URL in Search Results HiI want to exclude the path from search results, i.e.:www.testsite.comwww.testsite.com/path1www.testsite.com/path2ww... by spfingst87 Loves-to-Learn in Splunk Search 11-10-2021 0 4	0	4
How to extract the substring from a string I want to extract the substring: "xenmobile" from string: "update task to xenmobile-2021-11-08-19-created completed!... by febbi Explorer in Splunk Search 11-10-2021 0 2	0	2
Use Lookup Table To Identify Hosts That Have/Have Not Logged So I'm trying to do something that may or may not be possible. I want to first create a lookup table that maps IP a... by typicallywrecke Engager in Splunk Search 11-10-2021 0 4	0	4
Compare 2 fields from different Index I am trying to look for accounts which are not active anywhere in network.(index=network user=*) OR (index=okta SamAc... by rnikam1412 Loves-to-Learn Everything in Splunk Search 11-09-2021 0 2	0	2
Extract fields from a list How to extract values from below log file using rex?Log:{Attribute(name=xyz, values={'1'}), Attribute(name=attempts, ... by shashank111v Explorer in Splunk Search 11-09-2021 0 3	0	3
Getting a list of unique IDs from a large data set efficiently We have a relatively small set of devices that emit daily in the vicinity of a million events each. Each device has ... by pm771 Communicator in Splunk Search 11-09-2021 0 6	0	6
For loop within Lookup Table Hello! I have a lookup table that looks like the following: hosttimestamphost110:33host24:24 What I would like to do ... by dlawler1 New Member in Splunk Search 11-09-2021 0 4	0	4
How to filter the lookup output with the Where clause Does the Lookup cmd allow for Where clause to filter the output of Lookup? Or do I need to have an extra sub search w... by kalibaba2021 Path Finder in Splunk Search 11-09-2021 0 2	0	2
find time gaps Hi i have log like this, need to find where unusuall time gap between "Packet Processed" and "Send Packet" that exist... by indeed_2000 Motivator in Splunk Search 11-09-2021 0 4	0	4
Why cant i supply a field as value for mvfilter? I'm trying to exclude a value from a multivalue list, but it only works when I input the string as a value, not as a ... by christoffertoft Communicator in Splunk Search 11-09-2021 0 7	0	7
[search] Total Login Failures along with Failures per user Hi All,Can someone help to build a search to check for Total_login_Failures > 10 (per 24H) OR Number of Failures pe... by neerajs_81 Builder in Splunk Search 11-09-2021 0 4	0	4
Long running searches On all SearchHead cluster members with ver 8.0.2, every day we are observing that CPU utilization grows. After rough... by sylim_splunk Splunk Employee in Splunk Search 11-09-2021 1 2	1	2