Splunk Search

Community Activity

	Extracting through inconsistent data Hello all, Have been trying to extract the values through an inconsistent data as below. Highlighted values needs to ... by srinivas_gowda Path Finder in Splunk Search 09-17-2021 0 3	0	3
	IPLOCATION displaying wrong Country Hello,I am having an issue with IPLOCATION displaying the wrong Country using the following query. index="office365" ... by nathanluke86 Communicator in Splunk Search 09-17-2021 0 5	0	5
	extract only date from a date time field Example i have a csv where the date is like this in the date fieldBilling Start= 43774.7083333But when i format the ... by surekhasplunk Communicator in Splunk Search 09-17-2021 0 1	0	1
	Extract JSON objects How can i extract this:"properties": {"nextLink": null,"columns": [{"name": "Cost", "type": "Number"},{"name": "Date"... by vishaltaneja070 Motivator in Splunk Search 09-17-2021 0 9	0	9
	Field alias does not work in tstats? Hi all, I'm changing a field name in my index, so I'm trying to set up a field alias so both the old field name and n... by phoenix_down Path Finder in Splunk Search 09-17-2021 0 1	0	1
	regex substr help Hi,in anything else this would seem very simple but I seem to be flummoxed trying to do this in splunk. Probably not ... by mcaulsc Path Finder in Splunk Search 09-17-2021 0 6	0	6
	Why does this newly created field (via eval) not produce any values? Hi,I have written the below search query based on some prometheus metrics being onboarded: index=lab_openshift_promet... by johnnydunlop Engager in Splunk Search 09-17-2021 0 2	0	2
	Help with search Hey Guys, this is a continuation of the below topic:https://community.splunk.com/t5/Splunk-Search/Search-query-to-rem... by rodrigomarfei Explorer in Splunk Search 09-17-2021 0 2	0	2
	How to append text in field on result not found Let's suppose I have TOTO in successfully in my logs. I want to display the result for TOTO and append that no result... by Lukas972 Engager in Splunk Search 09-17-2021 0 2	0	2
	Matching several strings in a field I have a field (FIELD1) that may contain one of several strings. These strings may appear in different locations wit... by gelspas Explorer in Splunk Search 09-17-2021 0 4	0	4
	Splunk for analyzing Logs - looking for Big time gaps graph. Hi!I have a log that looks more or less like this: 'H 16-Sep-2021 10:57:03.084; 0:< Jrn.Directive "WindowSize" _... by Arkowski New Member in Splunk Search 09-17-2021 0 0	0	0
	dynamically subtract from counts I am trying to write a splunk query to show what percentage of traffic is split between my on premise and cloud. My s... by UK_Chris_Doyle New Member in Splunk Search 09-17-2021 0 0	0	0
	Machine Learning Toolkit model time shift after apply Has anybody encountered a strange timeshift when applying a model to data Model generation:Apply: by plapila Explorer in Splunk Search 09-17-2021 0 0	0	0
	Data results not aligning with time Been experimenting with ML toolkit and having some weird issues. I can get nice predictions by teaching the data but ... by plapila Explorer in Splunk Search 09-17-2021 0 3	0	3
	regex works on regex101 but not splunk Im trying to get a regex to work in splunk that works in regex101Im using the below regex\b(a_msg)\b[^"]+"([^"]*)"thi... by samneo Path Finder in Splunk Search 09-17-2021 0 4	0	4
	Copy logs from one index to another with use same host information Hi,I want to copy some logs in one index to another index with the same host information. I use collect command to do... by MesutUgurlu New Member in Splunk Search 09-17-2021 0 3	0	3
	When do I move Lookup files to a KVstore? How big is the limit of the Lookup File before moving it to a KVstore? Please. Also please guide me on how to optimize my Lookups for more efficiency. When does one use Lookups vs KVstores? Thank ... by SamHTexas Builder in Splunk Search 09-17-2021 0 1	0	1
	Highlight a table value alone (not the entire cell) HI Splunkers,I am using Splunk tables inbuilt color coding to highlight a cell based on certain condition. The proble... by nadlurinadluri Communicator in Splunk Search 09-16-2021 0 0	0	0
	Help with query Hello - I am new to splunk and am trying to do a search on data that calls out three different fields for duplicates ... by dmtman New Member in Splunk Search 09-16-2021 0 2	0	2
	How to check if a field value from an event matches the results from an ldapsearch. Hi,I am looking to compare a field value against the results of an ldapsearch to check whether the value is present o... by ezmo1982 Path Finder in Splunk Search 09-16-2021 0 3	0	3
	Regex to extract field value from a response [See below] I have this result response[sample]: "{\"meta\":{\"code\":400}},[Content-Type:\"application/json\", Transfer-Encoding... by vivekmisra Observer in Splunk Search 09-16-2021 0 3	0	3
	Can I do multiple joins with different fields Hello I have 3 sets of data and I want to join them all but they don't have the same common field, the trouble I'm ha... by stavbergen Explorer in Splunk Search 09-16-2021 0 1	0	1
	Join results from two lookups My requirement is something like this:Lookup 1 looks like thisName \| Avg_CountA \| 3B \| 7D ... by shaquibk Explorer in Splunk Search 09-16-2021 0 3	0	3
	Add fields in lookup with request without using index or sourcetype looHi everybody, i hope you can help me with my pb.i want add fields in a lookup with a request that dont use index .... by AlexH Engager in Splunk Search 09-16-2021 0 2	0	2
	How to extract sub-transactions from transactions (or how to "reverse" a transaction)? I am parsing SFTP logs of file downloads and want to count how many bytes a specific user downloaded at what time. Th... by Georgi Engager in Splunk Search 09-16-2021 0 4	0	4