Splunk Search

Community Activity

	How to get count of unique values by group? Hi I am working on query to retrieve count of unique host IPs by user and country. The country has to be grouped int... by indusbull Explorer in Splunk Search 10-23-2021 0 6	0	6
	use map with city name HiI have field that call city name is it possible without latitude or longitude, use map to show data on map just wit... by indeed_2000 Motivator in Splunk Search 10-23-2021 0 1	0	1
	how find continuously occured events HiHow can I find continuously occured events?e.g1- I have field that call "response time" if some times show "respons... by indeed_2000 Motivator in Splunk Search 10-23-2021 0 5	0	5
	How to pass aggregate function from drop down to time series chart Hi, I'm trying to pass the aggregate function from the dropdown menu in the Splunk dashboard to the time-series chart... by kirrusk Communicator in Splunk Search 10-23-2021 0 1	0	1
	diff between numbers Hineed to compare total numbers if they are different show table that present them23:57:05.253 app module: PACK: Tota... by indeed_2000 Motivator in Splunk Search 10-23-2021 0 1	0	1
	Dedup on data model aftet tstats shows the older event, not the newest I have a tstats query that pulls its data from an accelerated data model. I need to grab only the most up to date hos... by thisissplunk Builder in Splunk Search 10-23-2021 0 3	0	3
	Why do my post-process timecharts display bad results HiI need to use a post process search for displaying a timechartHere is my id configuration <search id="test"> ... by jip31 Motivator in Splunk Search 10-22-2021 0 11	0	11
	Best Way To Storing Predicted Values I want to use predicted values in my search and apply them to a time chart. What would be the best way to store these... by aohls Contributor in Splunk Search 10-22-2021 0 0	0	0
	find value of fields after performing a regex to split a existing field delimited by a pipe i have a field value with the followingnumbers = 1 \| 2 \| 3 \| 4 \| 5 \| 6 \| 7 \| 8 \| 9 \| 10 \| 11 \|12i would like to do a ... by thaghost99 Path Finder in Splunk Search 10-22-2021 0 6	0	6
	How to join search and use join ? First EventINFO \| 2021-10-18 05:17 AM \| BUSINESS RULE \| Payload for ID#: 40658606156551247672591634534230307 with sta... by hrishi_deshpand Explorer in Splunk Search 10-22-2021 0 3	0	3
	Find change in installed antivirus software version Starting our journey into Splunk and need some help.I am trying to send and alert when a new version of antivirus is ... by ASierra Explorer in Splunk Search 10-22-2021 0 1	0	1
	Display all the results of two searches. Hi Experts,I am running two searches by combining them with appendcols.But the final result is the common fields of b... by email2vamsi Explorer in Splunk Search 10-22-2021 0 14	0	14
	Forcing Results Into a Pie Chart and Calculating Percentages In a Table - From the Same Query I have a video player that logs the following: Video Starts - When a user clicks play and the first frame of the vid... by fncds3 Explorer in Splunk Search 10-22-2021 0 13	0	13
	Slow search when using field "host" Hi everyone,I have strange Splunk behavior regarding one of the indexes but first a little bit of background:Environm... by dalbreht Observer in Splunk Search 10-22-2021 0 5	0	5
	Aggregate only some results I'll probably find my solution finally but if someone has something at hand, I'd be grateful for sharing I have some... by PickleRick SplunkTrust in Splunk Search 10-22-2021 0 2	0	2
	help on base search helloI try to use a base search between two single panelthe first single panel is on the last 24 h and the second pan... by jip31 Motivator in Splunk Search 10-22-2021 0 5	0	5
	How to get subsearch to return a result which is NOT EQUAL to the returned value? Hi there, currently I am comparing data from two data sources and have achieved some great comparisons in which my su... by alexandermunce Communicator in Splunk Search 10-22-2021 0 8	0	8
	Extract Log Data Hi Team,I am pulling hair to figure out a query to extract data into a table with following information. stopping sys... by GRC Path Finder in Splunk Search 10-22-2021 0 6	0	6
	Search query for showing Connection attempts per user to same Destination Hello All,I have a query that searches the Windows Security Logs and shows results in the following format using a st... by neerajs_81 Builder in Splunk Search 10-22-2021 0 1	0	1
	XML field Extraction Hi all, I have a xml file as below.<?xml version="1.0" encoding="UTF-8"?><suite name="abc" timestamp="20.08.2021 15:4... by anooshac Communicator in Splunk Search 10-21-2021 0 0	0	0
	Monitoring sources - better way? Hello thereI'm trying to prepare a dashboard that will query indexes for latest events during a given period (let's s... by PickleRick SplunkTrust in Splunk Search 10-21-2021 0 4	0	4
	Best way to create a new column/s for data matrix ( #subsearch #appendcols ) Hi All,I'm trying to get data tied together into one matrix from Jira (API fed) that utilizes two source types (shown... by jbuddy24 Explorer in Splunk Search 10-21-2021 0 8	0	8
	Search for sudo (linux_secure does not exist?) Hi all,I am trying to setup some sort of dashboard to view a list of sudo commands by server. I started with the IT E... by jackjack Path Finder in Splunk Search 10-21-2021 0 8	0	8
	How to display limited results from a field I have a field named failcode with numerous fail code names structured like this:datefailcodecount2021-10-01g-ab12320... by MikeB Path Finder in Splunk Search 10-21-2021 0 7	0	7
	XML Conditional suffix prefix I have an input text and input dropdown that both need to allow blank value. They cannot be null since the token mus... by weidertc Contributor in Splunk Search 10-21-2021 0 2	0	2