Splunk Search

Community Activity

	Props Configuration with for Text File with First 2 lines contain header info Hello,I have an issue writing props configuration for text source file which contains first 2 line (including "----"... by SplunkDash Motivator in Splunk Search 10-18-2021 0 3	0	3
	how to write a request \| inputlookup file1.csvfield1field21a2b3c it is necessary so123abc help! Thanks by gitingua Communicator in Splunk Search 10-18-2021 0 2	0	2
	Grouping HTTP GET requests based on first directory Very new to splunk here. I would like to group each http request to each directory based on their directory, and prod... by JaredYong Explorer in Splunk Search 10-18-2021 0 7	0	7
	Compare 2 fields with differents queries I have the follow situation:queryA returns correlationsAAABBBCCCDDDqueryB returns correlations AAACCCEEEExpect result... by graziaedu Explorer in Splunk Search 10-18-2021 0 2	0	2
	Distinct counts on only those fields that begin with a particular string HiI'm searching on an internet usage index for events that contain a particular word somewhere in the domain. For exa... by deton0 Explorer in Splunk Search 10-18-2021 0 2	0	2
	Does the lookup command have a limit I am currently using a lookup to find matching IDs in my data. The lookup table is like 400k rows and if I use inputl... by klim Path Finder in Splunk Search 10-18-2021 0 3	0	3
	Extract Error Message String I am trying to extract the messages of a commonly used error log: Creating review recommendations service case activi... by mkulicke Explorer in Splunk Search 10-18-2021 0 2	0	2
	Help with regex needed Hello,I am trying to extract the system IDs from single event into the multiple events, I mean that each SID is in a ... by damucka Builder in Splunk Search 10-18-2021 0 3	0	3
	Analysing combinations Hi, I'd really appreciate some advice on this.I have a data set looking at users and the apps they have access to. Th... by tmtcollins Explorer in Splunk Search 10-18-2021 0 0	0	0
	Production issue - Memoizer expired - Any ideas? Hi - I have a production outage and I am really struggling to fix it - I have had my Unix admin on and Splunk support... by robertlynch2020 Influencer in Splunk Search 10-18-2021 0 1	0	1
	Change color of Column Chart bars based on average of last week Dear Splunk Community,I have the following statistics table and corresponding column chart that show the amount of er... by Bleepie Communicator in Splunk Search 10-18-2021 0 16	0	16
	Search for status of health status of splunkd Hi everyone, I'm looking for a search, that shows me when the health status of splunkd is changing from green to yel... by g_paternicola Path Finder in Splunk Search 10-18-2021 0 4	0	4
	If else conditional search returning table Hello, i need to configure a search using If else condition but the search outputs in a table format. Can someone p... by neerajs_81 Builder in Splunk Search 10-18-2021 0 4	0	4
	Filtering a timechart on time to remove unwanted data Hello,I'm building some dashboard statistics from telecom data.I have a data source as follows :_timeOfferedTime Pic... by Shahindoh Explorer in Splunk Search 10-18-2021 0 6	0	6
	multi field extraction form the logs Hi Experts,Am new to splunk..I need to extract the fields which is in MSGTXT which are highlighted. Only when MSGTXT ... by saravana22 Explorer in Splunk Search 10-18-2021 0 4	0	4
	Display days passed between current time and most recent activation - User Role Auditing The answer to this probably stupid simple. Banging my head on this.Help and patience please. I am writing a query whi... by dmbr Explorer in Splunk Search 10-18-2021 0 2	0	2
	How to extract value of a required field using regx? msg: INFO \| 2021-10-14 10:38 PM \| Message consumed: {"InputAmountToCredit":"22.67","CurrencyCode":"AUD","Buid":"140... by hrishi_deshpand Explorer in Splunk Search 10-17-2021 0 1	0	1
	rex 4 fields HiHow can extract these fields:field1=Versionfield2=Authorfield3=Datefield4=IssueNo Here is the log:23:53:00.512 app ... by indeed_2000 Motivator in Splunk Search 10-17-2021 0 5	0	5
	request comparison Hello. How can two files be compared for identity ?file1.csv:usernameid_userJonh123 file2.csv usernameid_userJonh124 ... by gitingua Communicator in Splunk Search 10-17-2021 0 7	0	7
	whois in search. help How to use "whois" .apps "network tools" doesn't work. "lookup whois" does not work. are there other valid applicatio... by gitingua Communicator in Splunk Search 10-17-2021 0 0	0	0
	relative time question Hello,There is a tube Splunk video on finding new service interactive logins here:https://www.youtube.com/watch?v=bgI... by cbr654 Path Finder in Splunk Search 10-17-2021 0 2	0	2
	How to calculate the index size from top 10 biggest indexers Sorry about this lame post. Our Splunk admin had to leave unexpectedly and now it's up to me to do this without any p... by myleskennison Explorer in Splunk Search 10-16-2021 0 4	0	4
	How do I add an additional calculation to a chart? Hello, I have two separate chart calculations that I would like to combine into a single chart. The first is an avg... by andrewtrobec Motivator in Splunk Search 10-15-2021 0 7	0	7
	Multiple clause table Hey all, I got a really helpful response last time and now I'm back with another question. I have a search with the s... by Brainstorms Explorer in Splunk Search 10-15-2021 0 3	0	3
	REST API output_mode='json' causes client search error responses to be suppressed I've been working with the /services/search/jobs/export API recently and I noticed that setting the output mode to 'j... by phoellig New Member in Splunk Search 10-15-2021 0 0	0	0