Splunk Search

Community Activity

	Slow search when using field "host" Hi everyone,I have strange Splunk behavior regarding one of the indexes but first a little bit of background:Environm... by dalbreht Observer in Splunk Search 10-22-2021 0 5	0	5
	Aggregate only some results I'll probably find my solution finally but if someone has something at hand, I'd be grateful for sharing I have some... by PickleRick SplunkTrust in Splunk Search 10-22-2021 0 2	0	2
	help on base search helloI try to use a base search between two single panelthe first single panel is on the last 24 h and the second pan... by jip31 Motivator in Splunk Search 10-22-2021 0 5	0	5
	How to get subsearch to return a result which is NOT EQUAL to the returned value? Hi there, currently I am comparing data from two data sources and have achieved some great comparisons in which my su... by alexandermunce Communicator in Splunk Search 10-22-2021 0 8	0	8
	Extract Log Data Hi Team,I am pulling hair to figure out a query to extract data into a table with following information. stopping sys... by GRC Path Finder in Splunk Search 10-22-2021 0 6	0	6
	Search query for showing Connection attempts per user to same Destination Hello All,I have a query that searches the Windows Security Logs and shows results in the following format using a st... by neerajs_81 Builder in Splunk Search 10-22-2021 0 1	0	1
	XML field Extraction Hi all, I have a xml file as below.<?xml version="1.0" encoding="UTF-8"?><suite name="abc" timestamp="20.08.2021 15:4... by anooshac Communicator in Splunk Search 10-21-2021 0 0	0	0
	Monitoring sources - better way? Hello thereI'm trying to prepare a dashboard that will query indexes for latest events during a given period (let's s... by PickleRick SplunkTrust in Splunk Search 10-21-2021 0 4	0	4
	Best way to create a new column/s for data matrix ( #subsearch #appendcols ) Hi All,I'm trying to get data tied together into one matrix from Jira (API fed) that utilizes two source types (shown... by jbuddy24 Explorer in Splunk Search 10-21-2021 0 8	0	8
	Search for sudo (linux_secure does not exist?) Hi all,I am trying to setup some sort of dashboard to view a list of sudo commands by server. I started with the IT E... by jackjack Path Finder in Splunk Search 10-21-2021 0 8	0	8
	How to display limited results from a field I have a field named failcode with numerous fail code names structured like this:datefailcodecount2021-10-01g-ab12320... by MikeB Path Finder in Splunk Search 10-21-2021 0 7	0	7
	XML Conditional suffix prefix I have an input text and input dropdown that both need to allow blank value. They cannot be null since the token mus... by weidertc Contributor in Splunk Search 10-21-2021 0 2	0	2
	Surrounding Search terms with quotes Hi all, new user here. I was getting started on the tutorial and using the start searching page that came up after ad... by sleepingKoala Engager in Splunk Search 10-21-2021 0 3	0	3
	Additional search based off original search I have a search similar to the following (Index=myindex) or (index=otherindex)\| eval user=coalesce(accountname, id)\| ... by willadams Contributor in Splunk Search 10-21-2021 0 1	0	1
	Calculate max Transaction per second per day I am trying to figure out how to calculate the highest number of transaction per second for a given day. I would lik... by tmurray3 Path Finder in Splunk Search 10-21-2021 0 4	0	4
	lookup not working. Help pls Now working lookup On a local server on my computer, I got the result But when I did exactly the same actions on the ... by gitingua Communicator in Splunk Search 10-21-2021 0 2	0	2
	How to create panel that display it's heading from time peaker I want to display the heading of my panel which include time from time peaker field by reedamjain123 New Member in Splunk Search 10-21-2021 0 1	0	1
	show zero in count for stats command i want to show the count from host as zero if the process is not found however not able to find 0 count the host disa... by venky1544 Builder in Splunk Search 10-21-2021 0 1	0	1
	Creating a token in first search and passing it on to append search Hello,i am trying to create a dependency map without the external creation of tokens that are being fed to the append... by Software-Simian Path Finder in Splunk Search 10-21-2021 0 2	0	2
	how to take only monday data for a month Hi,My requirement is to take each week monday data alone for a month in trending chart .This need to be showed for st... by dtccsundar Path Finder in Splunk Search 10-21-2021 0 8	0	8
	Display multiple events by dates in table format Hi,Our systems have multiple order records as XML transactions and each order can have multiple events on different d... by ezpc98 New Member in Splunk Search 10-21-2021 0 1	0	1
	How to change table cell background color depends on search result to color top 3 value of each column Hello, I would like to change table cell background color of top 3 value of each column's search result .For example... by kuma New Member in Splunk Search 10-21-2021 0 1	0	1
	How to group events based on certain value? I want to group certain values within a certain time frame, lets say 10 minutes, the values are just fail or success,... by ecanmaster Explorer in Splunk Search 10-21-2021 0 16	0	16
	Filtering out NULL values after stats not working I am trying to filter out null values from the result of stats. Query looks like below. index=someindex* some ((s... by tumapath New Member in Splunk Search 10-20-2021 0 1	0	1
	Write a request Need help writing a requestfile1.csv usernamesrc_ipJohn192.168.16.35Smith172.167.3.43Aram132.56.23.3 file2.csvIP addr... by gitingua Communicator in Splunk Search 10-20-2021 0 3	0	3