Splunk Search

Community Activity

Search ui options - export/download I have a user that has asked how to get access/permissions to the "export" button while doing a search in Splunk. It... by andrewenstad Engager in Splunk Search 11-10-2021 0 1	0	1
Find Events in one index based on a result set I want to find items in one index based on results from another index's search. I have the following but only get a h... by SMM10 Explorer in Splunk Search 11-10-2021 0 3	0	3
Field Extraction This has been asked a million times. I've been digging through the various postings but haven't figured out what I'm ... by jeck11 Path Finder in Splunk Search 11-10-2021 0 8	0	8
Subsearch not returning any results Hello Splunksters,I'm new to Splunk and am constructing my first subsearch. I've read the documentation on subsearch... by gillockb Explorer in Splunk Search 11-10-2021 0 4	0	4
If statements inside search I am currently using an Input token called OS.I have three values for the token: MAC Windows Linux.In my... by Vip_Mark Explorer in Splunk Search 11-10-2021 0 1	0	1
regex to fetch values within delimiters Hi team, Please help with the regex to fetch the values from below payload - serverName, HostNumber. "{\n \"process... by rkishoreqa Communicator in Splunk Search 11-10-2021 0 1	0	1
Summary Indexing Hi GuysWanted to know if anyone knows if you can populate a summary index from a data model. the summary index query ... by zubairaizatron Explorer in Splunk Search 11-10-2021 0 2	0	2
help to legend field name after using a lookup correspondance hiI use a lookup in order to do a correspondance between the field web_error_code which is my sourcetype and which is... by jip31 Motivator in Splunk Search 11-10-2021 0 2	0	2
export field extraction to resue I have extracted two fields in my non prod splunk account. I want to use the same for the prod splunk account as well... by rohanmiskin Explorer in Splunk Search 11-10-2021 0 2	0	2
multiple sources Hi,I just started working with Splunk and would ask for some help.I have 3 sources, A, B and C.Source A contains fiel... by Wilfred Engager in Splunk Search 11-10-2021 0 2	0	2
Remove all events of a client based on one or more values of field Hi thereIm trying to filter my search results based on numerical top values of a field.For example. I have 5k events ... by rel82wi Engager in Splunk Search 11-10-2021 0 4	0	4
Exclude path from URL in Search Results HiI want to exclude the path from search results, i.e.:www.testsite.comwww.testsite.com/path1www.testsite.com/path2ww... by spfingst87 Loves-to-Learn in Splunk Search 11-10-2021 0 4	0	4
How to extract the substring from a string I want to extract the substring: "xenmobile" from string: "update task to xenmobile-2021-11-08-19-created completed!... by febbi Explorer in Splunk Search 11-10-2021 0 2	0	2
Use Lookup Table To Identify Hosts That Have/Have Not Logged So I'm trying to do something that may or may not be possible. I want to first create a lookup table that maps IP a... by typicallywrecke Engager in Splunk Search 11-10-2021 0 4	0	4
Compare 2 fields from different Index I am trying to look for accounts which are not active anywhere in network.(index=network user=*) OR (index=okta SamAc... by rnikam1412 Loves-to-Learn Everything in Splunk Search 11-09-2021 0 2	0	2
Extract fields from a list How to extract values from below log file using rex?Log:{Attribute(name=xyz, values={'1'}), Attribute(name=attempts, ... by shashank111v Explorer in Splunk Search 11-09-2021 0 3	0	3
Getting a list of unique IDs from a large data set efficiently We have a relatively small set of devices that emit daily in the vicinity of a million events each. Each device has ... by pm771 Communicator in Splunk Search 11-09-2021 0 6	0	6
For loop within Lookup Table Hello! I have a lookup table that looks like the following: hosttimestamphost110:33host24:24 What I would like to do ... by dlawler1 New Member in Splunk Search 11-09-2021 0 4	0	4
How to filter the lookup output with the Where clause Does the Lookup cmd allow for Where clause to filter the output of Lookup? Or do I need to have an extra sub search w... by kalibaba2021 Path Finder in Splunk Search 11-09-2021 0 2	0	2
find time gaps Hi i have log like this, need to find where unusuall time gap between "Packet Processed" and "Send Packet" that exist... by indeed_2000 Motivator in Splunk Search 11-09-2021 0 4	0	4
Why cant i supply a field as value for mvfilter? I'm trying to exclude a value from a multivalue list, but it only works when I input the string as a value, not as a ... by christoffertoft Communicator in Splunk Search 11-09-2021 0 7	0	7
[search] Total Login Failures along with Failures per user Hi All,Can someone help to build a search to check for Total_login_Failures > 10 (per 24H) OR Number of Failures pe... by neerajs_81 Builder in Splunk Search 11-09-2021 0 4	0	4
Long running searches On all SearchHead cluster members with ver 8.0.2, every day we are observing that CPU utilization grows. After rough... by sylim_splunk Splunk Employee in Splunk Search 11-09-2021 1 2	1	2
Transforming Commands I'm having issue with a search of mine. I've been trying to organize the matrix so that it will be ready for my pivot... by jbuddy24 Explorer in Splunk Search 11-08-2021 0 1	0	1
Is there a way to monitor servers through Splunk? Hey everyone, I just had a small search, is there any way to monitor servers using Splunk and get data on their avai... by rahul1502133 Explorer in Splunk Search 11-08-2021 0 8	0	8