Splunk Search

Community Activity

Remove partial duplicate in same field Hi everyone, I am trying to remove partial duplicate in the same field, but couldn't find a solution yet.For instance... by apache_strike Engager in Splunk Search 09-15-2021 0 1	0	1
Trying to determine min/max date/time for a list of ip addresses My search returns a table of a count of ip addresses that have hit our system in a given search period. I am trying t... by dbuckley669 Engager in Splunk Search 09-15-2021 0 3	0	3
Datamodel Search "Job terminated unexpectedly" Hello,I have a problem regarding a datamodel search.My datamodel consists of different boolean values with a span of ... by vsommer Explorer in Splunk Search 09-15-2021 0 6	0	6
ouputlookup not waiting for complete result set Hi there,I'm seeing a strange problem with version 8.0.8I have a search to build a lookup table one time only, which ... by charlesmeo Explorer in Splunk Search 09-14-2021 0 0	0	0
Join matching field of a Sub-Search Hello, I currently have a search over index_A that runs a sub-search from index_B looking to match a field (field_B) ... by epw0rrell Path Finder in Splunk Search 09-14-2021 0 0	0	0
How to group togeher the rows based on some field value in splunk I am having a search in my view code and displaying results in the form of table. small example result: custid Eve... by disha Contributor in Splunk Search 09-14-2021 1 6	1	6
Security Essential Mitre PDF Export - Failed Hi, I am trying to export PDF in Splunk Security Essential App --> Analytics Advisor --> Mitre ATT&CK Framework --> E... by alexspunkshell Contributor in Splunk Search 09-14-2021 0 0	0	0
Comparing / diffing 2 lookup tables Hello,I have 2 CSV lookups updating several times a day. One (A) is from CMDB with the entire list of assets (hostna... by oleg106 Explorer in Splunk Search 09-14-2021 0 1	0	1
Join different events with common values I've got some logs I need to join and put on the same row.I've tried a few different ways and searched the community ... by met Engager in Splunk Search 09-14-2021 0 6	0	6
Desperately need help with a java.lang.Exception when running a search against vix I see the following errors when running a search against data in a vix.We have recently upgraded to 8.1.3 when I assu... by Martin583 Explorer in Splunk Search 09-14-2021 0 0	0	0
Correlation sources in Search filter Role Access restriction Hi All,We have an index indexA, which gets data from multiple agencies agentA, agentB, agentC, and another index inde... by sujith_kumar New Member in Splunk Search 09-14-2021 0 1	0	1
sigma rules Hi there!Please allow me to admit, I'm newbie to splunk + sigma rules for detection.In my test environment, I have i... by splunk_u1 Engager in Splunk Search 09-14-2021 1 0	1	0
PROPS Configuration for XML source Hello,I have some issues writing PROPS configuration for XML source file. Sample XML events (2 Events) are given belo... by SplunkDash Motivator in Splunk Search 09-14-2021 0 2	0	2
Limit users searches to a most recent time I am looking for a way to limit user searches to only the most recent 30 days, specifically for SmartStore purposes. ... by _joe Contributor in Splunk Search 09-14-2021 0 5	0	5
Getting daily count and overall average Hello all, I'm trying to get the stats of the count of events per day, but also the average. ...\| stats count by... by Sam2 Explorer in Splunk Search 09-14-2021 1 7	1	7
How to use inherited fields in child dataset ? Hello, I am using child dataset in data model. Not sure how to use fields which are inherited from parent data model... by AKG1_old1 Builder in Splunk Search 09-14-2021 0 1	0	1
Multiple different font colors in one cell / string Hello people,I'm very new to Splunk and I'm trying to create a dashboard with the "Statistics Table" Visualisation, t... by Cydraech Explorer in Splunk Search 09-14-2021 0 3	0	3
Need help with an SPL to create a search for /opt/splunk/etc/apps/meta_woot/lookups/meta_woot_server_guid.csv Thank U Need help with an SPL to create a search for Please. /opt/splunk/etc/apps/meta_woot/lookups/meta_woot_server_guid.csv... by SamHTexas Builder in Splunk Search 09-13-2021 0 1	0	1
The permissions are fine, but when I change the App, I cannot search. There are some keywords that cannot be searched after changing the App.Even more specific keywords within a specific ... by A44D Explorer in Splunk Search 09-13-2021 0 3	0	3
button "click" event isn't working So I'm trying to change a token when i click a button.Tried it like this:require([ 'jquery', 'splunkjs/mvc', ... by puet Explorer in Splunk Search 09-13-2021 0 4	0	4
Splunk Time variable makes irritating search result with standard time Picker Hallo,i am trying to make a Dashboard that takes the time from reports of jobs.That time is not the same as the time ... by GoodApprentice New Member in Splunk Search 09-13-2021 0 1	0	1
Add two lines in a chart I have this query and I want to add another data series/line to this chart. How can I do it?index="eniq_voice"\|where... by wasifchowdhury Explorer in Splunk Search 09-13-2021 0 3	0	3
Search for a URL from a datamodel NOT in a lookup For example:\| tstats count from datamodel=test where * by test.url, test.user \| rename test.* AS *\| search NOT [ ... by mztopp Explorer in Splunk Search 09-13-2021 0 4	0	4
transpose on selected fields Hi Team,I want to transpose few fields as below ..(index=abc OR index=def) category= * OR NOT blocked =0 AND NOT bloc... by Susha Engager in Splunk Search 09-13-2021 0 5	0	5
Extract field using rex I have the below test raw logsCEF:0\|Forcepoint\|Forcepoint DLP\|8.8.0\|55564097\|DLP Syslog\|2\| act=Permitted duser=destus... by osasfrancis Path Finder in Splunk Search 09-13-2021 0 6	0	6