Splunk Search

Community Activity

Can I do multiple joins with different fields Hello I have 3 sets of data and I want to join them all but they don't have the same common field, the trouble I'm ha... by stavbergen Explorer in Splunk Search 09-16-2021 0 1	0	1
Join results from two lookups My requirement is something like this:Lookup 1 looks like thisName \| Avg_CountA \| 3B \| 7D ... by shaquibk Explorer in Splunk Search 09-16-2021 0 3	0	3
Add fields in lookup with request without using index or sourcetype looHi everybody, i hope you can help me with my pb.i want add fields in a lookup with a request that dont use index .... by AlexH Engager in Splunk Search 09-16-2021 0 2	0	2
How to extract sub-transactions from transactions (or how to "reverse" a transaction)? I am parsing SFTP logs of file downloads and want to count how many bytes a specific user downloaded at what time. Th... by Georgi Engager in Splunk Search 09-16-2021 0 4	0	4
How to consider data grid view in a cell in dashboards? Hello "Good Day"  How to add the progress bar inside the cell in dashoard.i need the dashboard panel format in the ... by renuka Path Finder in Splunk Search 09-16-2021 0 1	0	1
Subtract two fields and create a timechart I have two fields skill1 and skill2skill2: skill1: Both these queries are producing results: timechart span=... by priyangshupal Engager in Splunk Search 09-16-2021 0 10	0	10
how to get 2 fields by taking on field Hello I have table in my dashboard IDJan_TargetJan_Actual1506020N/AIn similar way for all monthsnow i need a f... by renuka Path Finder in Splunk Search 09-15-2021 0 4	0	4
Lookup with wildcard in data, not in lookup table? Hi. I know a lookup file can contain wildcards and use them with the WILDCARD(<field>) setting, but is it possible to... by etoombs Path Finder in Splunk Search 09-15-2021 0 0	0	0
Missing Stats Data When mean & avg are both present on a "stats" search, the first one in order will be missing so:\| makeresults count=1... by jkwilling Engager in Splunk Search 09-15-2021 0 3	0	3
timeline chart Hi I have got this log where it shows how much time it takes to load investor page in millisecond(ms)2021-09-15 13:40... by Rkp_splunk Engager in Splunk Search 09-15-2021 0 1	0	1
I need help with my props conf to extract fields correctly. When I test the regex in both regex101 and using the rex command in the search bar and they parsed out the fields cor... by djreschke Communicator in Splunk Search 09-15-2021 0 1	0	1
Epoch Date format in reporting Hi ,i have 2 queries .(index=abc OR index=def) category= * OR NOT blocked =0 AND NOT blocked =2\|rex field=index "(?<L... by Susha Engager in Splunk Search 09-15-2021 0 2	0	2
Need help in extraction Hello all, I am tryin to extract only the highlighted from the below event, however I am failing to extract.Can you p... by srinivas_gowda Path Finder in Splunk Search 09-15-2021 0 2	0	2
IP FILTER Range HI please tell me how to write the query for the range of the IP ADDRESS Such assrc!=10.0.0.0/8 To src!=10.24.1.3 by mohdameen81 Observer in Splunk Search 09-15-2021 0 2	0	2
Filtering by 24h time in splunk I have a field timeofevent which contains the time at which the event was logged in 24 hour format.Format of timeofev... by priyangshupal Engager in Splunk Search 09-15-2021 0 5	0	5
Plotting Each element of a Json so my log lines look something like this<<METRIC-START>>{"A":332,"B":45,"C":67,"D":23,"E":234,"F":435,"G":43,"H":66,"... by rai4shambhavi Explorer in Splunk Search 09-15-2021 0 1	0	1
Remove partial duplicate in same field Hi everyone, I am trying to remove partial duplicate in the same field, but couldn't find a solution yet.For instance... by apache_strike Engager in Splunk Search 09-15-2021 0 1	0	1
Trying to determine min/max date/time for a list of ip addresses My search returns a table of a count of ip addresses that have hit our system in a given search period. I am trying t... by dbuckley669 Engager in Splunk Search 09-15-2021 0 3	0	3
Datamodel Search "Job terminated unexpectedly" Hello,I have a problem regarding a datamodel search.My datamodel consists of different boolean values with a span of ... by vsommer Explorer in Splunk Search 09-15-2021 0 6	0	6
ouputlookup not waiting for complete result set Hi there,I'm seeing a strange problem with version 8.0.8I have a search to build a lookup table one time only, which ... by charlesmeo Explorer in Splunk Search 09-14-2021 0 0	0	0
Join matching field of a Sub-Search Hello, I currently have a search over index_A that runs a sub-search from index_B looking to match a field (field_B) ... by epw0rrell Path Finder in Splunk Search 09-14-2021 0 0	0	0
How to group togeher the rows based on some field value in splunk I am having a search in my view code and displaying results in the form of table. small example result: custid Eve... by disha Contributor in Splunk Search 09-14-2021 1 6	1	6
Security Essential Mitre PDF Export - Failed Hi, I am trying to export PDF in Splunk Security Essential App --> Analytics Advisor --> Mitre ATT&CK Framework --> E... by alexspunkshell Contributor in Splunk Search 09-14-2021 0 0	0	0
Comparing / diffing 2 lookup tables Hello,I have 2 CSV lookups updating several times a day. One (A) is from CMDB with the entire list of assets (hostna... by oleg106 Explorer in Splunk Search 09-14-2021 0 1	0	1
Join different events with common values I've got some logs I need to join and put on the same row.I've tried a few different ways and searched the community ... by met Engager in Splunk Search 09-14-2021 0 6	0	6