Splunk Search

Community Activity

	Filtering a timechart on time to remove unwanted data Hello,I'm building some dashboard statistics from telecom data.I have a data source as follows :_timeOfferedTime Pic... by Shahindoh Explorer in Splunk Search 10-18-2021 0 6	0	6
	multi field extraction form the logs Hi Experts,Am new to splunk..I need to extract the fields which is in MSGTXT which are highlighted. Only when MSGTXT ... by saravana22 Explorer in Splunk Search 10-18-2021 0 4	0	4
	Display days passed between current time and most recent activation - User Role Auditing The answer to this probably stupid simple. Banging my head on this.Help and patience please. I am writing a query whi... by dmbr Explorer in Splunk Search 10-18-2021 0 2	0	2
	How to extract value of a required field using regx? msg: INFO \| 2021-10-14 10:38 PM \| Message consumed: {"InputAmountToCredit":"22.67","CurrencyCode":"AUD","Buid":"140... by hrishi_deshpand Explorer in Splunk Search 10-17-2021 0 1	0	1
	rex 4 fields HiHow can extract these fields:field1=Versionfield2=Authorfield3=Datefield4=IssueNo Here is the log:23:53:00.512 app ... by indeed_2000 Motivator in Splunk Search 10-17-2021 0 5	0	5
	request comparison Hello. How can two files be compared for identity ?file1.csv:usernameid_userJonh123 file2.csv usernameid_userJonh124 ... by gitingua Communicator in Splunk Search 10-17-2021 0 7	0	7
	whois in search. help How to use "whois" .apps "network tools" doesn't work. "lookup whois" does not work. are there other valid applicatio... by gitingua Communicator in Splunk Search 10-17-2021 0 0	0	0
	relative time question Hello,There is a tube Splunk video on finding new service interactive logins here:https://www.youtube.com/watch?v=bgI... by cbr654 Path Finder in Splunk Search 10-17-2021 0 2	0	2
	How to calculate the index size from top 10 biggest indexers Sorry about this lame post. Our Splunk admin had to leave unexpectedly and now it's up to me to do this without any p... by myleskennison Explorer in Splunk Search 10-16-2021 0 4	0	4
	How do I add an additional calculation to a chart? Hello, I have two separate chart calculations that I would like to combine into a single chart. The first is an avg... by andrewtrobec Motivator in Splunk Search 10-15-2021 0 7	0	7
	Multiple clause table Hey all, I got a really helpful response last time and now I'm back with another question. I have a search with the s... by Brainstorms Explorer in Splunk Search 10-15-2021 0 3	0	3
	REST API output_mode='json' causes client search error responses to be suppressed I've been working with the /services/search/jobs/export API recently and I noticed that setting the output mode to 'j... by phoellig New Member in Splunk Search 10-15-2021 0 0	0	0
	Splunk query to check for S3 Buckets in AWS using PutBucketPolicy Can someone help me to build a search query for the below use case ? My use case is to detect if any S3 buckets have... by neerajs_81 Builder in Splunk Search 10-15-2021 0 10	0	10
	Limit timechart from lookup table Hello all,I'm using a lookup table with a _time field to create a timechart which works great. However, the lookup t... by humanBeing Engager in Splunk Search 10-15-2021 0 1	0	1
	Search to find Agent/Server with No "Reconnect" Event Hi, I am hoping to get some help in creating a search, which will be turned into an alert - I am working with system ... by Johnstone234 Loves-to-Learn in Splunk Search 10-15-2021 0 8	0	8
	Find the good/bad percentage of ERRORS above/below average Hi Experts, As part of an new initiative looking at SLO metrics. I have created the below query whi... by luckyman80 Path Finder in Splunk Search 10-15-2021 0 0	0	0
	rex field message Hiwhat is the rex for thisfield1=this is messagehere is the log:00:09:59.990 app module: AB[0000]: Data[{"code":"OK",... by indeed_2000 Motivator in Splunk Search 10-15-2021 0 1	0	1
	find NOCLOSESESSION in logs daily HiI have two field on my logfile <servername> <CLOSESESSION> need to know when CLOSESESSION is 0 each day by serverna... by indeed_2000 Motivator in Splunk Search 10-15-2021 0 9	0	9
	rex for three fields hi what is rex for these three fields?here is the log:2021-10-14 12:51:20,412 INFO [APP] log in : A12345@#4321@califo... by indeed_2000 Motivator in Splunk Search 10-15-2021 0 1	0	1
	search all another field from a search result of grouping by another field in another search We have multiple TraceIDs that have same payload and this payload is part many logs for a given TraceID. Here foo1 is... by krishna81m Engager in Splunk Search 10-14-2021 0 2	0	2
	how to get stats count from 3 multile-value fields Hi team,I have below kind of data in splunk, it contains 3 fields ISRF, DSRF and DSFF. they are all multi-value fiel... by cheriemilk Path Finder in Splunk Search 10-14-2021 0 2	0	2
	Total duration of multiple events Hello Splunk Community,Can anyone help me build a query based on the below;I have a batch job that has multiple steps... by zoebanning Path Finder in Splunk Search 10-14-2021 0 2	0	2
	How do I get a complete list of all Hosts ( Win & Linux) , their time zones & current date & time please? SPL? Is there an SPL to list all my Hosts (Win & Linus), version of their UF, date & time & TZ please? Thanks a million. by SamHTexas Builder in Splunk Search 10-14-2021 0 3	0	3
	Passing Multivalue Fields Through Map Command I have a dashboard used for generating data for reports. Since its initial build, I've been going back and revamping ... by dcsteve24 Explorer in Splunk Search 10-14-2021 0 3	0	3
	Zoom to selection I know that 'Zoom out' will make the search to re-execute but I am not sure about 'zoom in' or 'zoom to select'. Kind... by palisetty Communicator in Splunk Search 10-14-2021 0 9	0	9