Splunk Search

Community Activity

	rex How to split a text like ""Liam John" "Grayson Roy" "Olivia"" into names filed using eval and text.names:Liam JohnGra... by Deku2345 Observer in Splunk Search 10-05-2021 0 1	0	1
	Need help with a regex for line_breaker in props.conf Hi,Need help with regex for LINE_BREAKER attribute in props.conf.I have the below data and wanted it as a single even... by mbachhav Path Finder in Splunk Search 10-05-2021 0 7	0	7
	splunk query request to identify a continous sequence of number i have a below data generated by a timechart i'm trying to write a query where if there are continous sequence of nu... by venky1544 Builder in Splunk Search 10-04-2021 0 2	0	2
	Splunk Concurrency Calculation with Drilldown I have some data from logs in Splunk where I need to determine what other requests were running concurrently at the t... by SBB Loves-to-Learn Lots in Splunk Search 10-04-2021 0 0	0	0
	User agent Extraction - Lookup Hi Team I am trying to extract few report from user agent. like below OS details OS versionBrowserBrowser VersionOper... by jaibalaraman Path Finder in Splunk Search 10-04-2021 0 5	0	5
	Splunk returns different result with search query and Dashboard Hi, I am running a basic search query in splunk search directly with command such asquery:sourcetype=aws*-cloudwatc... by kumarnis45 Path Finder in Splunk Search 10-04-2021 0 2	0	2
	Intrusion detection datamodel providing different results when search is executed in different order Hi All ,Can some one help me understand why similar query gives me 2 different results for a intrusion detection dat... by rahulhari88 Explorer in Splunk Search 10-04-2021 0 0	0	0
	Need help in lookup command to extract user agent (OS, OS version , user device details ) Hi Team I am trying to extract few report from user agent like below OS details OS versionBrowserBrowser VersionOpera... by jaibalaraman Path Finder in Splunk Search 10-04-2021 0 1	0	1
	rex extract first string HiHow can I extract first occured this "User ABC123 invalid" with rex?Here is the log:2021-10-03 13:26:44,441 ERROR ... by indeed_2000 Motivator in Splunk Search 10-04-2021 0 3	0	3
	time format change Hi,I have a field (Lastsynctime) which outputs time in below format2021-10-02 09:06:18.173I want to change the time f... by VijaySrrie Builder in Splunk Search 10-04-2021 0 1	0	1
	Need help on Rex Hi ,can some one help me with the rex command to extract the string included in first [] from below pattern. For exam... by sbhatnagar88 Path Finder in Splunk Search 10-04-2021 0 2	0	2
	How to use MULTISEARCH orAPPEND in 2 searches, both, containing JOIN Good day,As mentioned in the subject, I want to retrieve results from 2 searches, both containing JOIN. The purpose o... by jaysonpryde Path Finder in Splunk Search 10-03-2021 0 1	0	1
	oneshot limit java If I am trying to execute the following code block and my total records is greater than 50K it limits me to the 50K s... by scott_r New Member in Splunk Search 10-03-2021 0 1	0	1
	spath vs xpath parse xml Hii have xml file like this, how can i table it with xpath or spath? <?xml version="1.0" encoding="UTF-8" standalone=... by indeed_2000 Motivator in Splunk Search 10-03-2021 0 6	0	6
	How to replace field value by string if certain condition matched How do I replace a value for a field if the value is lesser than 0.02 by "Good"?ValueKeydate0.0211/1/20170.0211/2/201... by sndpgiri Engager in Splunk Search 10-03-2021 0 3	0	3
	How to rename columns in a chart that cam from nested json? I have a nested json element that gives back up to 8 field names. I table them like: \| table "Config.DiskBrandSize.*"... by thisissplunk Builder in Splunk Search 10-02-2021 0 2	0	2
	Detect server response time outliner HiI have field in my log that call ServerRespTime. I want to detect outliner of ServerRespTime.Here is the conditions... by indeed_2000 Motivator in Splunk Search 10-02-2021 0 0	0	0
	rex extraction xsd tag Hi what is the rex for "No is invalid. Please ask to a admin"Here is the log:21:32:26.729 customer modules: type="xsd... by indeed_2000 Motivator in Splunk Search 10-02-2021 0 2	0	2
	Table from two separate searches and sourcetypes So, to preface this, I am very new to Splunk. The end game is to make a chart overlay, but that's not my main questio... by Brainstorms Explorer in Splunk Search 10-02-2021 0 2	0	2
	Transform data measured in hour interval to day with some conditions. I have data in the following format, measured in an interval of an hour.DateRestaurant idFood CodeAverage Order1/1/20... by sndpgiri Engager in Splunk Search 10-02-2021 0 9	0	9
	stats unique value by latest time Hi,I have ticketing system values in my siem, where different support people working on the ticket. I am trying to cr... by neophyte Engager in Splunk Search 10-02-2021 0 2	0	2
	Eliminate the refund failure transactions using backup processor HiIn my app there are 2 payment processor, netconnect(backup) and sourcejet(primary), where is netconnect is the back... by iqbalintouch Path Finder in Splunk Search 10-01-2021 0 5	0	5
	SPL to identify UFs needed to increase pipeline sets Hi All,We are planning to configure some of our universal forwarders to use multiple pipeline sets. Do you have some ... by jaracan Communicator in Splunk Search 10-01-2021 0 1	0	1
	Unable to rename _time as Time Hi, I'm trying to rename _time as Time so that it will display the timestamp in YYYY-MM-DD HH:MM:SS. But when I do r... by wuming79 Path Finder in Splunk Search 10-01-2021 0 8	0	8
	Timechart - Same time range and span but different timeline Hello,i've put two timecharts on top of each other to compare their events by time. Both timecharts are using the sam... by n0cturne Loves-to-Learn in Splunk Search 10-01-2021 0 5	0	5