Splunk Search

Community Activity

	Copy logs from one index to another with use same host information Hi,I want to copy some logs in one index to another index with the same host information. I use collect command to do... by MesutUgurlu New Member in Splunk Search 09-17-2021 0 3	0	3
	When do I move Lookup files to a KVstore? How big is the limit of the Lookup File before moving it to a KVstore? Please. Also please guide me on how to optimize my Lookups for more efficiency. When does one use Lookups vs KVstores? Thank ... by SamHTexas Builder in Splunk Search 09-17-2021 0 1	0	1
	Highlight a table value alone (not the entire cell) HI Splunkers,I am using Splunk tables inbuilt color coding to highlight a cell based on certain condition. The proble... by nadlurinadluri Communicator in Splunk Search 09-16-2021 0 0	0	0
	Help with query Hello - I am new to splunk and am trying to do a search on data that calls out three different fields for duplicates ... by dmtman New Member in Splunk Search 09-16-2021 0 2	0	2
	How to check if a field value from an event matches the results from an ldapsearch. Hi,I am looking to compare a field value against the results of an ldapsearch to check whether the value is present o... by ezmo1982 Path Finder in Splunk Search 09-16-2021 0 3	0	3
	Regex to extract field value from a response [See below] I have this result response[sample]: "{\"meta\":{\"code\":400}},[Content-Type:\"application/json\", Transfer-Encoding... by vivekmisra Observer in Splunk Search 09-16-2021 0 3	0	3
	Can I do multiple joins with different fields Hello I have 3 sets of data and I want to join them all but they don't have the same common field, the trouble I'm ha... by stavbergen Explorer in Splunk Search 09-16-2021 0 1	0	1
	Join results from two lookups My requirement is something like this:Lookup 1 looks like thisName \| Avg_CountA \| 3B \| 7D ... by shaquibk Explorer in Splunk Search 09-16-2021 0 3	0	3
	Add fields in lookup with request without using index or sourcetype looHi everybody, i hope you can help me with my pb.i want add fields in a lookup with a request that dont use index .... by AlexH Engager in Splunk Search 09-16-2021 0 2	0	2
	How to extract sub-transactions from transactions (or how to "reverse" a transaction)? I am parsing SFTP logs of file downloads and want to count how many bytes a specific user downloaded at what time. Th... by Georgi Engager in Splunk Search 09-16-2021 0 4	0	4
	How to consider data grid view in a cell in dashboards? Hello "Good Day"  How to add the progress bar inside the cell in dashoard.i need the dashboard panel format in the ... by renuka Path Finder in Splunk Search 09-16-2021 0 1	0	1
	Subtract two fields and create a timechart I have two fields skill1 and skill2skill2: skill1: Both these queries are producing results: timechart span=... by priyangshupal Engager in Splunk Search 09-16-2021 0 10	0	10
	how to get 2 fields by taking on field Hello I have table in my dashboard IDJan_TargetJan_Actual1506020N/AIn similar way for all monthsnow i need a f... by renuka Path Finder in Splunk Search 09-15-2021 0 4	0	4
	Lookup with wildcard in data, not in lookup table? Hi. I know a lookup file can contain wildcards and use them with the WILDCARD(<field>) setting, but is it possible to... by etoombs Path Finder in Splunk Search 09-15-2021 0 0	0	0
	Missing Stats Data When mean & avg are both present on a "stats" search, the first one in order will be missing so:\| makeresults count=1... by jkwilling Engager in Splunk Search 09-15-2021 0 3	0	3
	timeline chart Hi I have got this log where it shows how much time it takes to load investor page in millisecond(ms)2021-09-15 13:40... by Rkp_splunk Engager in Splunk Search 09-15-2021 0 1	0	1
	I need help with my props conf to extract fields correctly. When I test the regex in both regex101 and using the rex command in the search bar and they parsed out the fields cor... by djreschke Communicator in Splunk Search 09-15-2021 0 1	0	1
	Epoch Date format in reporting Hi ,i have 2 queries .(index=abc OR index=def) category= * OR NOT blocked =0 AND NOT blocked =2\|rex field=index "(?<L... by Susha Engager in Splunk Search 09-15-2021 0 2	0	2
	Need help in extraction Hello all, I am tryin to extract only the highlighted from the below event, however I am failing to extract.Can you p... by srinivas_gowda Path Finder in Splunk Search 09-15-2021 0 2	0	2
	IP FILTER Range HI please tell me how to write the query for the range of the IP ADDRESS Such assrc!=10.0.0.0/8 To src!=10.24.1.3 by mohdameen81 Observer in Splunk Search 09-15-2021 0 2	0	2
	Filtering by 24h time in splunk I have a field timeofevent which contains the time at which the event was logged in 24 hour format.Format of timeofev... by priyangshupal Engager in Splunk Search 09-15-2021 0 5	0	5
	Plotting Each element of a Json so my log lines look something like this<<METRIC-START>>{"A":332,"B":45,"C":67,"D":23,"E":234,"F":435,"G":43,"H":66,"... by rai4shambhavi Explorer in Splunk Search 09-15-2021 0 1	0	1
	Remove partial duplicate in same field Hi everyone, I am trying to remove partial duplicate in the same field, but couldn't find a solution yet.For instance... by apache_strike Engager in Splunk Search 09-15-2021 0 1	0	1
	Trying to determine min/max date/time for a list of ip addresses My search returns a table of a count of ip addresses that have hit our system in a given search period. I am trying t... by dbuckley669 Engager in Splunk Search 09-15-2021 0 3	0	3
	Datamodel Search "Job terminated unexpectedly" Hello,I have a problem regarding a datamodel search.My datamodel consists of different boolean values with a span of ... by vsommer Explorer in Splunk Search 09-15-2021 0 6	0	6