Splunk Search

Community Activity

Join different events with common values I've got some logs I need to join and put on the same row.I've tried a few different ways and searched the community ... by met Engager in Splunk Search 09-14-2021 0 6	0	6
Desperately need help with a java.lang.Exception when running a search against vix I see the following errors when running a search against data in a vix.We have recently upgraded to 8.1.3 when I assu... by Martin583 Explorer in Splunk Search 09-14-2021 0 0	0	0
Correlation sources in Search filter Role Access restriction Hi All,We have an index indexA, which gets data from multiple agencies agentA, agentB, agentC, and another index inde... by sujith_kumar New Member in Splunk Search 09-14-2021 0 1	0	1
sigma rules Hi there!Please allow me to admit, I'm newbie to splunk + sigma rules for detection.In my test environment, I have i... by splunk_u1 Engager in Splunk Search 09-14-2021 1 0	1	0
PROPS Configuration for XML source Hello,I have some issues writing PROPS configuration for XML source file. Sample XML events (2 Events) are given belo... by SplunkDash Motivator in Splunk Search 09-14-2021 0 2	0	2
Limit users searches to a most recent time I am looking for a way to limit user searches to only the most recent 30 days, specifically for SmartStore purposes. ... by _joe Contributor in Splunk Search 09-14-2021 0 5	0	5
Getting daily count and overall average Hello all, I'm trying to get the stats of the count of events per day, but also the average. ...\| stats count by... by Sam2 Explorer in Splunk Search 09-14-2021 1 7	1	7
How to use inherited fields in child dataset ? Hello, I am using child dataset in data model. Not sure how to use fields which are inherited from parent data model... by AKG1_old1 Builder in Splunk Search 09-14-2021 0 1	0	1
Multiple different font colors in one cell / string Hello people,I'm very new to Splunk and I'm trying to create a dashboard with the "Statistics Table" Visualisation, t... by Cydraech Explorer in Splunk Search 09-14-2021 0 3	0	3
Need help with an SPL to create a search for /opt/splunk/etc/apps/meta_woot/lookups/meta_woot_server_guid.csv Thank U Need help with an SPL to create a search for Please. /opt/splunk/etc/apps/meta_woot/lookups/meta_woot_server_guid.csv... by SamHTexas Builder in Splunk Search 09-13-2021 0 1	0	1
The permissions are fine, but when I change the App, I cannot search. There are some keywords that cannot be searched after changing the App.Even more specific keywords within a specific ... by A44D Explorer in Splunk Search 09-13-2021 0 3	0	3
button "click" event isn't working So I'm trying to change a token when i click a button.Tried it like this:require([ 'jquery', 'splunkjs/mvc', ... by puet Explorer in Splunk Search 09-13-2021 0 4	0	4
Splunk Time variable makes irritating search result with standard time Picker Hallo,i am trying to make a Dashboard that takes the time from reports of jobs.That time is not the same as the time ... by GoodApprentice New Member in Splunk Search 09-13-2021 0 1	0	1
Add two lines in a chart I have this query and I want to add another data series/line to this chart. How can I do it?index="eniq_voice"\|where... by wasifchowdhury Explorer in Splunk Search 09-13-2021 0 3	0	3
Search for a URL from a datamodel NOT in a lookup For example:\| tstats count from datamodel=test where * by test.url, test.user \| rename test.* AS *\| search NOT [ ... by mztopp Explorer in Splunk Search 09-13-2021 0 4	0	4
transpose on selected fields Hi Team,I want to transpose few fields as below ..(index=abc OR index=def) category= * OR NOT blocked =0 AND NOT bloc... by Susha Engager in Splunk Search 09-13-2021 0 5	0	5
Extract field using rex I have the below test raw logsCEF:0\|Forcepoint\|Forcepoint DLP\|8.8.0\|55564097\|DLP Syslog\|2\| act=Permitted duser=destus... by osasfrancis Path Finder in Splunk Search 09-13-2021 0 6	0	6
Append 2 searches together in o365 to show if a file share has been deleted I have a search query to display external files shares that are active (Sharepoint/Onedrive). This is working and sh... by nathanluke86 Communicator in Splunk Search 09-13-2021 0 1	0	1
Getting text from raw event with regex Hi everyone, I'm trying to get a simple text from a raw event, but I can't make it works.The event looks like this:a... by g_paternicola Path Finder in Splunk Search 09-13-2021 0 1	0	1
Search Peers Dashboard for Indexer CPU, Mem and Disk Usage Hi AllWe have a distributed environment (no cluster).Splunk Enterprise Version 8.1.3Is there a way to create a dashbo... by MuratKuru Explorer in Splunk Search 09-13-2021 0 1	0	1
I'm trying to extract field That looks like below I'm trying to extract field That looks like "Alert-source-key":"[\"abcdd-gdfc-mb40-a801-e40fd9db481e\"]" I have trie... by PavanSeerapu Explorer in Splunk Search 09-13-2021 0 4	0	4
rex to export users Hiwhat is the spl command to extract users.Here is the sample:2021-09-12 21:40:03,938 ERROR [APPNAME] User H83952 inv... by indeed_2000 Motivator in Splunk Search 09-13-2021 0 1	0	1
How can I combine two different chart queries into a single and get count Hi all, I have two chart queries to get the success count and error count which are working as expected. Now I want... by rkishoreqa Communicator in Splunk Search 09-13-2021 0 2	0	2
Field extraction Hi Splunk team, I would like to receive your dedicated help. I have a string field, the field's structure is name_tim... by alonKri Explorer in Splunk Search 09-13-2021 0 7	0	7
how to add two values in a field and percentage of them with total Hi,I have to get % of 2 and 3 values in a same field .Status count True 200False 50Error 10exc ... by dtccsundar Path Finder in Splunk Search 09-13-2021 0 1	0	1