Splunk Search

Community Activity

find time gaps Hi i have log like this, need to find where unusuall time gap between "Packet Processed" and "Send Packet" that exist... by indeed_2000 Motivator in Splunk Search 11-09-2021 0 4	0	4
Why cant i supply a field as value for mvfilter? I'm trying to exclude a value from a multivalue list, but it only works when I input the string as a value, not as a ... by christoffertoft Communicator in Splunk Search 11-09-2021 0 7	0	7
[search] Total Login Failures along with Failures per user Hi All,Can someone help to build a search to check for Total_login_Failures > 10 (per 24H) OR Number of Failures pe... by neerajs_81 Builder in Splunk Search 11-09-2021 0 4	0	4
Long running searches On all SearchHead cluster members with ver 8.0.2, every day we are observing that CPU utilization grows. After rough... by sylim_splunk Splunk Employee in Splunk Search 11-09-2021 1 2	1	2
Transforming Commands I'm having issue with a search of mine. I've been trying to organize the matrix so that it will be ready for my pivot... by jbuddy24 Explorer in Splunk Search 11-08-2021 0 1	0	1
Is there a way to monitor servers through Splunk? Hey everyone, I just had a small search, is there any way to monitor servers using Splunk and get data on their avai... by rahul1502133 Explorer in Splunk Search 11-08-2021 0 8	0	8
help on base search event limit hiI use a basic base search like this <search id="test"> <query>index=toto sourcetype=tutu \| fields sam web_hits</qu... by jip31 Motivator in Splunk Search 11-08-2021 0 11	0	11
How to get the latest date from a lookup Hello All, Anyone know how I can get the latest date from a lookup file? I am using the script below:\| inputlookup a... by Mary666 Communicator in Splunk Search 11-08-2021 0 2	0	2
how to format the output of a splunk query ? Hi, I have a splunk query which results the two outputs (using table) such as "JOB_NAME" and "JOB_ID". For example... by rajs115 Path Finder in Splunk Search 11-08-2021 0 10	0	10
How to remove a specific part of a string My event returns the following:1@test.com/test/2_0" xmlns:d4p1="http://www.w3.org/1999/xlink"> <eb:Description xml:la... by siouxsiesioux Engager in Splunk Search 11-08-2021 0 2	0	2
REST command is not including all columns from CSV Hello Splunk Community I have managed to use REST to add some columns from my CSV files. However, not all the columns... by Mary666 Communicator in Splunk Search 11-08-2021 0 1	0	1
Adding a field for the amount of minutes the failure rate is above a certain threshold Hi, I have the bellow search which works out the successes, failures, success_rate, failure_rate and total however I ... by joe06031990 Communicator in Splunk Search 11-08-2021 0 0	0	0
Joining 2 Multivalue fields to generate new field value combinations I'm working with some json data that contains 1 field with a list of keys and 1 field with a list of values. These p... by ltrand Contributor in Splunk Search 11-08-2021 0 4	0	4
Find values contained on another filed not exact match Hello All, This may seem easy, but its been quite tedious. How can I create one field that has common values from two... by Mary666 Communicator in Splunk Search 11-08-2021 0 4	0	4
Adding a field for the amount of minutes the failure rate is above a certain threshold Hi, I have the bellow search which works out the successes, failures, success_rate, failure_rate and total however I ... by joe06031990 Communicator in Splunk Search 11-08-2021 0 0	0	0
How to set color to result if output is less than equal to current date I wan to set color for output of column if it's date matches current or two days before current date. by himanshuqb Loves-to-Learn in Splunk Search 11-08-2021 0 5	0	5
multiple case statement not working Im working with JSON data and the structure is as per the below data: { [-] application: { [+] } compl... by samneo Path Finder in Splunk Search 11-08-2021 0 3	0	3
Why chart dc(ids) over _time by events is not working after updating plugins such as "/app/3117" and "/app/3137"?? Actually I created several dashboards in splunk using chart command to look at aggregation w.r.t multiple fields and ... by sunilkumar_v New Member in Splunk Search 11-08-2021 0 0	0	0
Searching for active, inactive users. Hey.Im trying to create a search that lists users that have for example more than 90 days between the last 2 logons.I... by michaelnorup Communicator in Splunk Search 11-08-2021 0 14	0	14
Index Earliest and Latest events Hi, I currently have this search that gets the earliest and latest timestamp of index. But since I am running this se... by mrccasi Explorer in Splunk Search 11-08-2021 0 2	0	2
Compare items in lookup tables against auth logs Hi all! Pretty new to splunk so just seeing if this is even possible.I have 2 lookups I have created, one that is use... by th3_ugm4n New Member in Splunk Search 11-08-2021 0 1	0	1
how to combine two searches into one chart using checkbox input value i have initial query with one index name(index1) which show F10N F10W F11 etc values in one chart but for F6 value c... by florapann Engager in Splunk Search 11-08-2021 0 3	0	3
How to return which input values did not return results in a splunk query I have a list of identifers I need to query splunk for results for, and then display the identifiers that Splunk didn... by onelasttime Engager in Splunk Search 11-07-2021 0 2	0	2
How to simply filter out text String from search results that has line breaks/return in it on SPLUNK Enterprise? I'm really annoyed, I am using SPLUNK Enterprise and I'm literally tryin to parse out some JSON (basically a String)... by anonymous_hippo Explorer in Splunk Search 11-07-2021 0 3	0	3
[Filter: smut] anonymous_hippo's post body matched "damn", board "splunk-search". [Filter: smut] anonymous_hippo's post body matched "damn", board "splunk-search". Post Subject: How to simply filte... by anonymous_hippo Explorer in Splunk Search 11-07-2021 0 0	0	0