Splunk Search

Community Activity

	How to deal with Logon/Logoff scatterd over multiple events I have onboarded data from a system, that scatters actual events over many logging events. Especially successful or ... by jroedel Path Finder in Splunk Search 10-11-2024 0 8	0	8
	Internal index data and performance data is missing To investigate the issue of missing data in Splunk for a period of 3-4 hours, where gaps were observed in the _intern... by uagraw01 Motivator in Splunk Search 10-10-2024 0 3	0	3
	Append a lookup value from csv to a chart table I am looking to append a value in a lookup csv to an existing search index=* \|fields _time,x \|chart count(_raw) by X ... by Topher22 Observer in Splunk Search 10-10-2024 0 2	0	2
	please excuse... as it is very basic... AND in search or WHERE..what is diff Hi All, Thanks for your time. I am sorry in advance as this is very basic question. just started exploring the search... by Raj_Splunk_Ing Path Finder in Splunk Search 10-10-2024 0 6	0	6
	How do you get a Saved Search to ignore a specific automatic lookup? How do you get a Saved Search to ignore a specific automatic lookup?The reason for wanting to do this is because the ... by jaburke1 Path Finder in Splunk Search 10-10-2024 0 3	0	3
	URLs by host I need a query that lists URLs a particular host has reached out in a particular time e.g in the last 24 hours. Pleas... by waJesu Path Finder in Splunk Search 10-10-2024 0 3	0	3
	Printer Log search to list all printers from lookup and give record count and page printed count Looking for help running a stats count and stats count sum referencing a lookup using print logs. Looking to output ... by ramuzzini Path Finder in Splunk Search 10-10-2024 0 3	0	3
	Getting a .json file into Splunk at the backend Am having trouble getting a .json file into splunk through the backend to help support a customized dashboard. Is the... by whitecat001 Explorer in Splunk Search 10-10-2024 0 1	0	1
	percent of results per bin Hi all, New to splunk, running out of ideas, please help! I have created a search to show: \| bin span=10m _time \| st... by tp29 Engager in Splunk Search 10-10-2024 0 2	0	2
	Finding a way to include creator name and creation date in Indexes Hi, I'm exploring a way to get the search results for the name of Indexes, who created those indexes and creation dat... by shoaibalimir Explorer in Splunk Search 10-09-2024 0 2	0	2
	To count the filed with different time range Hi I have events that having multiple countries... I want to count the country field and with different time range. I... by parthiban Path Finder in Splunk Search 10-09-2024 0 5	0	5
	How to use search results in a table in a new search also using row count? I'm still learning Splunk and would like to learn how to combine some searches.Goal: Use the VPN search results to pe... by dt9150813 Engager in Splunk Search 10-09-2024 0 2	0	2
	How to combain two rex I have two rex queries and want know how to combine Query : 1 index=test1 sourcetype=teams \| search "osversion=" \| re... by VRP136 Engager in Splunk Search 10-09-2024 0 1	0	1
	Run macro commands from lookup HiI'm wondering if it's possible to define and execute a macro from a lookup. I have an index with several (about 50... by apiprek2 Explorer in Splunk Search 10-09-2024 0 2	0	2
	To compare the value of particular day with the same day of the last week and last to last week. Hi Can someone please tell me how we can compare the value of a particular day with the value of the same day of last... by Real_captain Path Finder in Splunk Search 10-09-2024 0 9	0	9
	I want to group similar urls as one and get the count and average times My query is index=stuff \| search "kubernetes.labels.app"="some_stuff" "log.msg"="Response" "log.level"=30 "log.respo... by pandeyrohit51 Explorer in Splunk Search 10-09-2024 0 8	0	8
	Lookup question Hi, I'm pretty new to Splunk and I have a simple question that maybe one of you guys could help me figure out. I ha... by OgoNARA Explorer in Splunk Search 10-08-2024 0 1	0	1
	Remote connectivity (Using someone else's Splunk instance credentials to log in) I am trying to use the credentials of my friend to log into Splunk Enterprise, and I am unable to do that. Also, I am... by Haseeb_Ashiq Engager in Splunk Search 10-08-2024 0 2	0	2
	Splunk DB connect add-on InfluxDB 2.6 I have ingested data form influx DB to Splunk Enterprise using influxDB add from splunk db connect.Performing InfluxQ... by Samir1 New Member in Splunk Search 10-08-2024 0 0	0	0
	Transaction starting and ending 'event' are not always showing the correct overview Hi,I am trying to create a Transaction where my starting and ending 'event' are not always showing the correct overvi... by Sentira Explorer in Splunk Search 10-08-2024 0 6	0	6
	Match or Substring for nested object not working I am running query -> index=* source="/somesource/*" message "403"\| search level IN (ERROR)And Response is -->{<!-- -->"insta... by aniketsamudra Engager in Splunk Search 10-08-2024 0 3	0	3
	how to install splunk AI assistance Can anyone help me to provide the URL to download or steps of how to use Splunk AI. by avi7326 Path Finder in Splunk Search 10-07-2024 0 3	0	3
	TIme difference between first and last My query returns these events, i need to compute the total time A was in this state and total time B was in this stat... by darkins Engager in Splunk Search 10-07-2024 0 4	0	4
	need assistance with splunk tojson I have a splunk query which generates output in csv/table format. I wanted to convert this to a json format before wr... by sdkp03 Communicator in Splunk Search 10-07-2024 0 7	0	7
	Grouping logs by tranId, date and time Hello, I'm attempting to display a group of logs by the tranId. We log multiple user actions under a single tranId. ... by msarkaus Path Finder in Splunk Search 10-07-2024 0 2	0	2