Splunk Search

Community Activity

How to remove few IP's from a query that exists in lookup table ? Newbie here...!I have a list of IP's in a CSV from which I need to exclude few IP's (IP1, IP2, IP3, etc.,) from the r... by innoce Path Finder in Splunk Search 10-01-2021 0 1	0	1
Extracting a field in quotes with regex Hi, I'm having trouble with a regex field extraction. I'm looking to extract the numeric ID after the "x-client-id" k... by mkulicke Explorer in Splunk Search 10-01-2021 0 2	0	2
Search through only failing logs - Jenkins I am trying to speed up a search on Splunk. The search looks through millions of logs for matches to around 100 event... by ddaly Engager in Splunk Search 10-01-2021 0 2	0	2
Lookup csv missing in definitions Hi, Hopefully a quick one  I have a user that can upload lookup table files, but when a lookup definition is creat... by cdstealer Contributor in Splunk Search 10-01-2021 0 8	0	8
Combine results of two searches I have error messages in the following formats { "level":"error", "message":"Log: \"error in action {\\\"status\\\":... by alwinaugustin Engager in Splunk Search 10-01-2021 0 1	0	1
Using results from one search as a filter for another Hi,I'm trying to filter the results from one search based on the results from another search.Example:Consider the fol... by dmacl Explorer in Splunk Search 10-01-2021 0 6	0	6
Change hour interval to days and replace the value with average I have a column that has events recorded in an interval of 1 hour.Example:Date ... by sndpgiri Engager in Splunk Search 10-01-2021 0 3	0	3
Rename fields based on Token value Hi,I have some data which spans multiple systems example below:"system" "app" "fld1" "fld2" "fld3"sys1 appA ... by mcaulsc Path Finder in Splunk Search 10-01-2021 0 7	0	7
Multiple key value pairs in a timechart based on the counts of 2 fields Here's an example of some error logs that simply show which app reported an error and which country:_time(s)sourcetyp... by datatan Engager in Splunk Search 09-30-2021 0 1	0	1
how to show table pagination with start and end instead of << previous & Next >> Hi All.. I need help with table pagination by default splunk provides pagination option as << prev & next >> instead... by mvishal Explorer in Splunk Search 09-30-2021 1 2	1	2
Show a part of message for dasboard stats table I have the following query and I am using it in a dashboard to show the errors categorized. index=myindex sourcetype=... by alwinaugustin Engager in Splunk Search 09-30-2021 0 3	0	3
Change _Time to another field on a Single Query Hello,I need to find a way to use another field for _Time on a single query (I don't want to change props just for 1 ... by erog Engager in Splunk Search 09-30-2021 0 1	0	1
LINE_BREAKER Help Needed I need help breaking the following data into segments. The data is currently lumped together. I have been working wit... by babcolee Path Finder in Splunk Search 09-30-2021 0 2	0	2
How are values in lookups matched? When a field value is passed to a lookup, what are the limits on how it can match the value in the lookup? Specifical... by gkanapathy Splunk Employee in Splunk Search 09-30-2021 10 5	10	5
custom sort field values Hello dears,How can i sort these field values ?Field = "port"0/1/0/2/0/8/0/7/0/2/0/3/0/5/0/2/0/6/0/3/0/16/0/20/18/0/6... by corehan Explorer in Splunk Search 09-30-2021 0 16	0	16
Software Versions not comparing correctly I am sure I am sure I am missing something easy but, for some reason, when I compare these two values (they are in st... by Abe_T Explorer in Splunk Search 09-30-2021 0 6	0	6
searching for repeated events from the same user Hi All,I am looking to create an alert based on the following base search. index=wineventlog w19tax.exe app_name=W19T... by tkerr1357 Path Finder in Splunk Search 09-30-2021 0 2	0	2
how to to calculate average size of a syslog message for a particular source Hello dear All, 1* How to calculate average size of a syslog message for a particular source in GB using Splunk query... by pacifikn Communicator in Splunk Search 09-30-2021 0 2	0	2
How to check CIDR overlaps I have lookup with CIDR advanced field which contains: id cidr_field 1 1.1.1.1/24 2 8.8.8.8/24 If I se... by yko84109 Loves-to-Learn in Splunk Search 09-30-2021 0 3	0	3
Require Splunk query to assign field value to another field as value we have two device AUSTDPVPN1 and AUSTDPVPN2 and current user logged in count on device as 0 and 2867.I want whenever... by Abhineet Loves-to-Learn Everything in Splunk Search 09-30-2021 0 9	0	9
Need Help Creating a Nested Stats Table and Grouping by Multiple Values Hey guys, I need some quick help creating a nested stats table and grouping by multiple values within that table. My ... by TheColorBlack Path Finder in Splunk Search 09-30-2021 0 1	0	1
foreach and server limits I was wondering... how are foreach-generated searches treated regarding the searches limits?I mean - normally you hav... by PickleRick SplunkTrust in Splunk Search 09-30-2021 0 2	0	2
Help with search of evaluated field Hello,I need a help with a search that seems very easy, but I'm unable to achieve the results I want.The events are r... by rodrigomarfei Explorer in Splunk Search 09-30-2021 0 3	0	3
Exclude specific String from search I am new to Splunk and would appreciate if anyone helps me on this. I would like to set up a Splunk alert for SocketT... by dababi1234 New Member in Splunk Search 09-30-2021 0 5	0	5
Pass field from joined search into primary search table Hello I would like to pass a value from a joined search (e.g. in this case the "Side") to the final table.I tried dif... by gabrieleguidoni Loves-to-Learn in Splunk Search 09-30-2021 0 1	0	1