Splunk Search

Community Activity

How to compare values across rows and columns I have two searches with three fields in common but two field that differ. I'm trying to find returns that don't ha... by maingirl New Member in Splunk Search 10-13-2021 0 2	0	2
Value node is not supposed to have children I'm doing a query to return the text part of the log, but when using it on my dashboard it gives this error message:... by carinahOliveira Explorer in Splunk Search 10-13-2021 0 3	0	3
Field results as table column headings A quick example; Program Name 2.04.0 2.4.3 3.4.24 4.53.5 9 Word 2 1 0 1 Excel ... by Drainy Champion in Splunk Search 10-13-2021 4 2	4	2
Splunk Add-on for Check Point OPSEC LEA I am collecting Firewall logs using OPSEC Lea app. This add on is setup on Heavyforwarder. App is setup correctly a... by Navanitha Path Finder in Splunk Search 10-13-2021 0 2	0	2
Edit a lookup file through the REST API Hello !!I am new to using splunk and would like to know if it is possible to edit a lookup file via Splunk REST API o... by rolyrolex Path Finder in Splunk Search 10-13-2021 1 5	1	5
Sub Search counts I have filed called serial_id which have value ABC2022100845001 I need count with contain 45 in last 5 & 6 th bytes by SUNRAJ Engager in Splunk Search 10-13-2021 0 4	0	4
indexing zip files status HiI want to know when index process is done for zip files through the web ui.I have couple of huge zip files that eve... by indeed_2000 Motivator in Splunk Search 10-13-2021 0 1	0	1
Conditional execution of search Hello All, Can someone help me to build a search query for the below use case ? My use case is to detect if any S3 ... by neerajs_81 Builder in Splunk Search 10-13-2021 0 6	0	6
Time format & Duration Calc Hello Splunk Community, Can anyone help me build a query based on the below;I want to convert a field (Fri Oct 8 23:1... by zoebanning Path Finder in Splunk Search 10-12-2021 0 2	0	2
rex for chkin chkout Hihere is the log:23:50:26.698 app module1: CHKIN: Total:[100000] from table Total:[C000003123456] from PC123:33:39.3... by indeed_2000 Motivator in Splunk Search 10-12-2021 0 5	0	5
splunk search returns multiple events along with matched event Hi,I am making a search similar to this index=abc sourcetype=xyz "searchkeyword"Search result should contain only eve... by mbhima_nike New Member in Splunk Search 10-12-2021 0 3	0	3
How to add extracted fields name as first column value Hello Splunk Gurus,I am trying to generate tabular data for the API requests.Following is the query to extract below ... by techytanzy Explorer in Splunk Search 10-12-2021 0 3	0	3
Percent Change by Host and Error Type We're ingesting Tomcat logs, and looking for items tagged [SEVERE]. I'd like to be able to pull a report of error rat... by Michael_Condon Engager in Splunk Search 10-12-2021 0 2	0	2
Expand XML created variable to search Hi Splunkers, Hopefully I am posting on the correct place, apologies if not!I have the following code/SPL from inside... by vagnet Explorer in Splunk Search 10-12-2021 0 3	0	3
Compare the stats output value State Date Desc Countbc 11102021 vm 234569bc 12102021 vm 456328bc 11102021 vm 234569bc 12102021 vm 4532178cd 11102021... by prettysunshinez Explorer in Splunk Search 10-12-2021 0 1	0	1
Getting the occurrence count when there is no event for the same This is the dummy dataset which has been created to address the issue I am facing.I want to count the number of occur... by av_ Path Finder in Splunk Search 10-11-2021 0 18	0	18
Geostats by phone number HiI have field in my log that call “MobileNumber” that need to show count of MobileNumber by location on map.e.g: 001... by indeed_2000 Motivator in Splunk Search 10-11-2021 0 6	0	6
rex extracr mq errors Hiwhat is the rex for mq error code here is the log:2021-10-08 06:52:12,785 ERROR TOPIC-00000 [Utility] MQJCA1011: Fa... by indeed_2000 Motivator in Splunk Search 10-11-2021 0 1	0	1
rex for error number hiwhat is the rex for error number and error message of this log: (separately)23:43:51.411 app module: 100: Not Fou... by indeed_2000 Motivator in Splunk Search 10-11-2021 0 1	0	1
Query to see which application has followed which integration method to on board the data like HEC,TCP,DB connect Query to see which application has followed which integration method to on board the data on Splunk cloud like HEC,TC... by shreyarathod New Member in Splunk Search 10-11-2021 0 0	0	0
Splunk Simple Math Expression using Eval I need a way to evaluate a simple math expression.The following query works, and expr evaluates to result with a valu... by plunkzombie Engager in Splunk Search 10-11-2021 0 4	0	4
percentile 99th count Hi,I'm trying to build a search to find the count, min,max and Avg within the 99th percentile, all work apart from th... by joe06031990 Communicator in Splunk Search 10-11-2021 0 4	0	4
adding lookup in query ending with incorrect result i am getting two diffrent results in total. query1 is providing acurate result. query2 as soom as adding \|lookup loca... by abdul Explorer in Splunk Search 10-10-2021 0 2	0	2
Write Cron Expression to Schedule Python Scripts Hello,I have 4 python scripts to parse data that we receive in Linux machine once a day where HF has installed. Curr... by SplunkDash Motivator in Splunk Search 10-10-2021 0 3	0	3
combine two search in a one table HiI have log file like this, need to extract "id" from lines that A=20 and match these lines to lines where that B=10... by indeed_2000 Motivator in Splunk Search 10-10-2021 0 15	0	15