Splunk Search

Community Activity

	Filter data from showing up Hi Guys, I would like to check if it's possible to prevent some data from showing up in the search. Below is what I w... by splunknewbie81 Engager in Splunk Search 09-02-2021 0 5	0	5
	Zero count not displaying when stats count is used My query is :index="stage" source="record service*" \| eval type=case(like(message, "%successful generated account%"... by Harshi1993 New Member in Splunk Search 09-02-2021 0 3	0	3
	get max figure for latest time in data Hi,I have data as below sample:Date Time val1 val2 val3 ......21/08/31 01:00:00 2 1 2 2 2 2 2 1 1 2 69 1 0 2 0 0 3 32... by mcaulsc Path Finder in Splunk Search 09-02-2021 0 2	0	2
	Help with Rex Commands Hi All, I am having some trouble extracing out the following with the following details 1. username 2. Default Msg3. ... by splunknewbie81 Engager in Splunk Search 09-02-2021 0 12	0	12
	Searches delayed in search head captain Hi all,We have 3 search heads are in cluster. serach head 1 is captain.Recently we upgraded to 7.2.3 to 8.0.3.after t... by btshivanand Path Finder in Splunk Search 09-01-2021 0 3	0	3
	How to use mvindex to break json file with multiple values Hello All, So i have a field like below with JSON file {"results_appcodes": [{"count": 2, "app_code": "XYZ", "group... by rczone Path Finder in Splunk Search 09-01-2021 0 7	0	7
	PROPS Configuration for HTML data source Hello,How I would write my Props Configuration (Tme Prefix, Time Format, LINE/EVENT Breaker...etc) for following HTM... by SplunkDash Motivator in Splunk Search 09-01-2021 0 5	0	5
	Input Configuration file Hello,I have some issues using following input configuration file for windows machine: [monitor://T:\Toshtest\logs\te... by SplunkDash Motivator in Splunk Search 09-01-2021 0 1	0	1
	Using Index info to cross reference CSV and Map Hello, I have an indexed list of internal IPs that I have been able to get a count for based on a CIDR list on a CSV ... by IrishGuru Loves-to-Learn Lots in Splunk Search 09-01-2021 0 0	0	0
	rex extract literal stings with special characters I have a list of hundreds of string values that need to be extracted from a fieldthe problem is the values that need ... by spicy Path Finder in Splunk Search 09-01-2021 0 5	0	5
	subsearch matching latest I'm trying to create a query that basically says: Show me events that contain A, B, C or D where the latest is A or B... by rj1 Engager in Splunk Search 09-01-2021 0 2	0	2
	Dealing with logs that have different update times (while comparing them) (This is a continuation of https://community.splunk.com/t5/Splunk-Search/Creating-a-search-that-looks-up-values-from-... by aubine Explorer in Splunk Search 09-01-2021 0 0	0	0
	Creating a search that looks up values from one logfile and compares against another I have two logfiles, logfile1.log and logfile2.log. I have created their own field extractions for both of them. Here... by aubine Explorer in Splunk Search 09-01-2021 0 4	0	4
	Count events matching a specific string From the logs, I need to get the count of events from the below msg field value which matches factType=COMMERCIAL and... by newtosplunk14 Explorer in Splunk Search 09-01-2021 0 2	0	2
	Subtraction of X days from a date Hi guys, Probably very simple question but I just tangled myself in the logic. I want to create 2 fields, one with t... by klaudiac Path Finder in Splunk Search 09-01-2021 0 6	0	6
	Single value panel with trend based on avg(count) Hello there.What I'm trying to do is the following: search \| bucket span=60s _time \| stats count by _time \| ... I wan... by marco_carolo Path Finder in Splunk Search 09-01-2021 0 13	0	13
	Determining the total storage space a user's search artifacts are occupying (and calculating the time a search expires) I'm working on calculating the storage space taken up by a specific user. I would like to calculate the total size of... by BernardEAI Communicator in Splunk Search 09-01-2021 0 4	0	4
	How do I search for a list of Saves searches that don't use index name for searching in Splunk Ent. or ES. Thank u a lot I need to find a list of saved searches that don't use the index name in searching please. Any way to list the name o... by SamHTexas Builder in Splunk Search 08-31-2021 0 4	0	4
	Sum of particular field values Hi,Current tableExpectedfstatuscountsuccess604Userdefined39 Need to sum the "password mismach","policy policy constra... by Madhusri Engager in Splunk Search 08-31-2021 0 2	0	2
	Unable to get values of a field Hi Team, I have data with me as below. 2021-08-31 00:05:28\|Test\|Event\|[c.f.d.aop.sql.database ] 2ms :testing82021-08-... by sahil237888 Path Finder in Splunk Search 08-31-2021 0 1	0	1
	How do I make a list of Dashboards that are not working & who created them? in Splunk Ent. or ES? How do I search (any SPLs) for Dashboards that are not working (either built-in or created by users) or having errors... by SamHTexas Builder in Splunk Search 08-31-2021 0 1	0	1
	Why do I get "this health check item is not applicable" in Monitoring Console in ES while I have many KVstores ? Thank u How do I make sure the the ES KVstores are working & mapped properly to use them & avoid such errors? I appreciate so... by SamHTexas Builder in Splunk Search 08-31-2021 0 0	0	0
	How do I obtain an API key for an App. in ES please? I am getting an error with MITRE ATT&CK app that the API key needs to be corrected. Please advise. Thanks a million. by SamHTexas Builder in Splunk Search 08-31-2021 0 0	0	0
	How to exclude blank rows with time being displayed Hello Splunk Community,I've a query which lists accountNumber , targetAccountNumber, eventType, eventTimeThe query is... by iamsplunker Communicator in Splunk Search 08-31-2021 0 4	0	4
	multi lookup If the fields are different I'm going to stats through two lookups.srcip.csv fieldsrc_ip , subnetmaksdest.csv fielddest_ip,subnetmakssrc_ip , des... by nnonm111 Path Finder in Splunk Search 08-31-2021 0 1	0	1