Splunk Search

Community Activity

	Does the lookup command have a limit I am currently using a lookup to find matching IDs in my data. The lookup table is like 400k rows and if I use inputl... by klim Path Finder in Splunk Search 10-18-2021 0 3	0	3
	Extract Error Message String I am trying to extract the messages of a commonly used error log: Creating review recommendations service case activi... by mkulicke Explorer in Splunk Search 10-18-2021 0 2	0	2
	Help with regex needed Hello,I am trying to extract the system IDs from single event into the multiple events, I mean that each SID is in a ... by damucka Builder in Splunk Search 10-18-2021 0 3	0	3
	Analysing combinations Hi, I'd really appreciate some advice on this.I have a data set looking at users and the apps they have access to. Th... by tmtcollins Explorer in Splunk Search 10-18-2021 0 0	0	0
	Production issue - Memoizer expired - Any ideas? Hi - I have a production outage and I am really struggling to fix it - I have had my Unix admin on and Splunk support... by robertlynch2020 Influencer in Splunk Search 10-18-2021 0 1	0	1
	Change color of Column Chart bars based on average of last week Dear Splunk Community,I have the following statistics table and corresponding column chart that show the amount of er... by Bleepie Communicator in Splunk Search 10-18-2021 0 16	0	16
	Search for status of health status of splunkd Hi everyone, I'm looking for a search, that shows me when the health status of splunkd is changing from green to yel... by g_paternicola Path Finder in Splunk Search 10-18-2021 0 4	0	4
	If else conditional search returning table Hello, i need to configure a search using If else condition but the search outputs in a table format. Can someone p... by neerajs_81 Builder in Splunk Search 10-18-2021 0 4	0	4
	Filtering a timechart on time to remove unwanted data Hello,I'm building some dashboard statistics from telecom data.I have a data source as follows :_timeOfferedTime Pic... by Shahindoh Explorer in Splunk Search 10-18-2021 0 6	0	6
	multi field extraction form the logs Hi Experts,Am new to splunk..I need to extract the fields which is in MSGTXT which are highlighted. Only when MSGTXT ... by saravana22 Explorer in Splunk Search 10-18-2021 0 4	0	4
	Display days passed between current time and most recent activation - User Role Auditing The answer to this probably stupid simple. Banging my head on this.Help and patience please. I am writing a query whi... by dmbr Explorer in Splunk Search 10-18-2021 0 2	0	2
	How to extract value of a required field using regx? msg: INFO \| 2021-10-14 10:38 PM \| Message consumed: {"InputAmountToCredit":"22.67","CurrencyCode":"AUD","Buid":"140... by hrishi_deshpand Explorer in Splunk Search 10-17-2021 0 1	0	1
	rex 4 fields HiHow can extract these fields:field1=Versionfield2=Authorfield3=Datefield4=IssueNo Here is the log:23:53:00.512 app ... by indeed_2000 Motivator in Splunk Search 10-17-2021 0 5	0	5
	request comparison Hello. How can two files be compared for identity ?file1.csv:usernameid_userJonh123 file2.csv usernameid_userJonh124 ... by gitingua Communicator in Splunk Search 10-17-2021 0 7	0	7
	whois in search. help How to use "whois" .apps "network tools" doesn't work. "lookup whois" does not work. are there other valid applicatio... by gitingua Communicator in Splunk Search 10-17-2021 0 0	0	0
	relative time question Hello,There is a tube Splunk video on finding new service interactive logins here:https://www.youtube.com/watch?v=bgI... by cbr654 Path Finder in Splunk Search 10-17-2021 0 2	0	2
	How to calculate the index size from top 10 biggest indexers Sorry about this lame post. Our Splunk admin had to leave unexpectedly and now it's up to me to do this without any p... by myleskennison Explorer in Splunk Search 10-16-2021 0 4	0	4
	How do I add an additional calculation to a chart? Hello, I have two separate chart calculations that I would like to combine into a single chart. The first is an avg... by andrewtrobec Motivator in Splunk Search 10-15-2021 0 7	0	7
	Multiple clause table Hey all, I got a really helpful response last time and now I'm back with another question. I have a search with the s... by Brainstorms Explorer in Splunk Search 10-15-2021 0 3	0	3
	REST API output_mode='json' causes client search error responses to be suppressed I've been working with the /services/search/jobs/export API recently and I noticed that setting the output mode to 'j... by phoellig New Member in Splunk Search 10-15-2021 0 0	0	0
	Splunk query to check for S3 Buckets in AWS using PutBucketPolicy Can someone help me to build a search query for the below use case ? My use case is to detect if any S3 buckets have... by neerajs_81 Builder in Splunk Search 10-15-2021 0 10	0	10
	Limit timechart from lookup table Hello all,I'm using a lookup table with a _time field to create a timechart which works great. However, the lookup t... by humanBeing Engager in Splunk Search 10-15-2021 0 1	0	1
	Search to find Agent/Server with No "Reconnect" Event Hi, I am hoping to get some help in creating a search, which will be turned into an alert - I am working with system ... by Johnstone234 Loves-to-Learn in Splunk Search 10-15-2021 0 8	0	8
	Find the good/bad percentage of ERRORS above/below average Hi Experts, As part of an new initiative looking at SLO metrics. I have created the below query whi... by luckyman80 Path Finder in Splunk Search 10-15-2021 0 0	0	0
	rex field message Hiwhat is the rex for thisfield1=this is messagehere is the log:00:09:59.990 app module: AB[0000]: Data[{"code":"OK",... by indeed_2000 Motivator in Splunk Search 10-15-2021 0 1	0	1