Splunk Search

Community Activity

transpose on selected fields Hi Team,I want to transpose few fields as below ..(index=abc OR index=def) category= * OR NOT blocked =0 AND NOT bloc... by Susha Engager in Splunk Search 09-13-2021 0 5	0	5
Extract field using rex I have the below test raw logsCEF:0\|Forcepoint\|Forcepoint DLP\|8.8.0\|55564097\|DLP Syslog\|2\| act=Permitted duser=destus... by osasfrancis Path Finder in Splunk Search 09-13-2021 0 6	0	6
Append 2 searches together in o365 to show if a file share has been deleted I have a search query to display external files shares that are active (Sharepoint/Onedrive). This is working and sh... by nathanluke86 Communicator in Splunk Search 09-13-2021 0 1	0	1
Getting text from raw event with regex Hi everyone, I'm trying to get a simple text from a raw event, but I can't make it works.The event looks like this:a... by g_paternicola Path Finder in Splunk Search 09-13-2021 0 1	0	1
Search Peers Dashboard for Indexer CPU, Mem and Disk Usage Hi AllWe have a distributed environment (no cluster).Splunk Enterprise Version 8.1.3Is there a way to create a dashbo... by MuratKuru Explorer in Splunk Search 09-13-2021 0 1	0	1
I'm trying to extract field That looks like below I'm trying to extract field That looks like "Alert-source-key":"[\"abcdd-gdfc-mb40-a801-e40fd9db481e\"]" I have trie... by PavanSeerapu Explorer in Splunk Search 09-13-2021 0 4	0	4
rex to export users Hiwhat is the spl command to extract users.Here is the sample:2021-09-12 21:40:03,938 ERROR [APPNAME] User H83952 inv... by indeed_2000 Motivator in Splunk Search 09-13-2021 0 1	0	1
How can I combine two different chart queries into a single and get count Hi all, I have two chart queries to get the success count and error count which are working as expected. Now I want... by rkishoreqa Communicator in Splunk Search 09-13-2021 0 2	0	2
Field extraction Hi Splunk team, I would like to receive your dedicated help. I have a string field, the field's structure is name_tim... by alonKri Explorer in Splunk Search 09-13-2021 0 7	0	7
how to add two values in a field and percentage of them with total Hi,I have to get % of 2 and 3 values in a same field .Status count True 200False 50Error 10exc ... by dtccsundar Path Finder in Splunk Search 09-13-2021 0 1	0	1
How to run an eval command if a statment is true, and keep non true data in the search? HiBelow is a simple example of what I am trying to do.I am trying to remove the duplicate out of the process name. So... by robertlynch2020 Influencer in Splunk Search 09-13-2021 0 2	0	2
Add manual input through text box into a new column in a table splunk Hi ,I want to add a text box in a dashboard panel and the manual input value of that textbox should be added to a new... by nikitha15 Explorer in Splunk Search 09-13-2021 0 1	0	1
how to match multiple regex in splunk? hi all,I have multiple string that are regex, i want to find logs that match with this string.this is a example of my... by szone Engager in Splunk Search 09-13-2021 0 5	0	5
Matching results with previous results of the same search Hello guys,does someone know, whether it is possible, to do a matching of search results with previous results of the... by blablabla Path Finder in Splunk Search 09-13-2021 1 5	1	5
Unable to fetch result of hosts which are not having any activity from last 60 mins Hi Team,I am trying to fetch the count and percentage of hosts having success and failures along with failure percent... by sahil237888 Path Finder in Splunk Search 09-12-2021 0 3	0	3
Join wont perform accurate count (Event table joined to summary table) Hi there!I am trying to join an event table (E1) with a summary table (S1). S1 is just a summary table containing sta... by maryV Engager in Splunk Search 09-12-2021 0 2	0	2
Search processing Query Hi allI am new to Splunk. I want to learn Search Processing. Can anyone give me some example of Search Processing Que... by mohdameen81 Observer in Splunk Search 09-12-2021 0 1	0	1
Splunk Report after keyword I have following events in the log. Although there are lot of rows in it but I interested in these rows only and in e... by runiyal Path Finder in Splunk Search 09-11-2021 0 7	0	7
Typecasting String to Hex/Dec/Oct I'm looking for a way of typecasting ASCII characters (A,B,C,D,etc) into their decimal or hexadecimal formats.I've tr... by juanfiguera New Member in Splunk Search 09-11-2021 0 8	0	8
How to match strings that in a text .file with my logs that indexed? hi.I have a txt file include many strings, and many logs from my web server that indexed.I want to find the logs tha... by szone Engager in Splunk Search 09-11-2021 0 3	0	3
compare 2 field different source type Hello guys,I have the VPN log and network log.- In VPN log's it's possible to show IP and USERNAME - In Network log i... by pgabriel10 Loves-to-Learn Lots in Splunk Search 09-11-2021 0 3	0	3
Extract multiple key value pairs from one of the partially auto extracted field Hi,I am having difficulty in extracting key=value pairs from one of the auto extracted field.The problem is that, thi... by ak9092 Path Finder in Splunk Search 09-10-2021 0 4	0	4
Convert 210910085155 to yymmddhhmmss or dd/mm/yy hh:mm:ss Hi Need help converting 210910085155 to yymmddhhmmssindex=mydata\| eval fields=split(EventMsg,",")\| eval file_string=m... by peterk New Member in Splunk Search 09-10-2021 0 2	0	2
Webtools app how to make get requests Hello @jkat54 , @richgalloway I am new to the add-on and am not able to figure out how to make API calls with this.... by nikhilnsr1998 Explorer in Splunk Search 09-10-2021 0 2	0	2
Backslash character on subsearch result Hi, i am currently working in a search to filter values based on a lookup table and i am having a difficult time with... by joshiro Communicator in Splunk Search 09-10-2021 0 2	0	2