Splunk Search

Community Activity

Why am I only getting a maximum of 100 events returned through a oneshot search via Java SDK? I'm using Splunk's Java SDK to get Splunk events, and the problem I'm facing is that Splunk only returns a maximum of... by ahmadka2 New Member in Splunk Search 09-06-2021 0 3	0	3
inputlookup field help My index has client_ip.However, I want to use the client_ip that exists in the user_ip.csv field.index="my_index" [ \|... by splfedor Loves-to-Learn Lots in Splunk Search 09-06-2021 0 1	0	1
Windows EventLogs: 3 failed logins from 3 different users from same host Using Windows EventCodes I want to find 3 or more users failing to log in. So far my syntax is \| stats values(user) a... by Fe-atSplunk Explorer in Splunk Search 09-06-2021 0 2	0	2
Timeformat Hello Splunkers !! What timeformat should i use for the below time in props? [2021-09-06T09:10:01.459-04:00] by uagraw01 Motivator in Splunk Search 09-06-2021 0 3	0	3
How to compare two fields with every value? Hi guys. I'm completly new to Splunk. Sorry if my question seems kinda stupid I have some log-data including a GUID.... by username13 Explorer in Splunk Search 09-06-2021 0 2	0	2
Help please! - linkage analysis in Splunk Hi, I hope someone can help guide me in what type of query or visualisation to use here so show the linkage of access... by tmtcollins Explorer in Splunk Search 09-06-2021 0 0	0	0
Replace letters with numbers Hi all,I have an alert that looks for a specific message that includes the record ID.I would like to be able to creat... by timrich66 Communicator in Splunk Search 09-06-2021 0 9	0	9
Logs between "string1" and "string2" I have to find logs between "string1" and "string2" in Splunk for index=abc. Then I need to verify if there is any ... by VS0909 Communicator in Splunk Search 09-06-2021 0 6	0	6
Renaming regex returned token values and passing old token value(before they were renamed) to a drilldown search query i I have a splunk query that finds top errors in the log using regular expression. I then display it as a bar chart: ... by nsingh49 Explorer in Splunk Search 09-06-2021 0 3	0	3
How to Exclude Events on a Certain Day, within a Certain Time, and With a Specific User Greetings,I need to exclude events that happen every Saturday between 2 AM and 4AM only if they have a specific usern... by SplunkLunk Path Finder in Splunk Search 09-06-2021 0 4	0	4
Shelly Energy Monitor EM3 access individual Values in MVFields Hi,im splunking a shelly EM3 Powermeter and get MV Values of the JSON status Rest APIhttp://192.168.1.2/status which... by EnricoP Engager in Splunk Search 09-05-2021 0 1	0	1
How to combine a range of multiple IP address and compare it to a variable So, I have multiple ip addresses i want to combine them using regex or normal by supplying dashes and compare them to... by commanman Explorer in Splunk Search 09-05-2021 0 6	0	6
Splunk Query Task I want Splunk query related to:1. Firewalls availability2. Endpoint protection availabilityFor my own work, you can h... by Rawabi1994 New Member in Splunk Search 09-05-2021 0 1	0	1
Field Extraction using Regex Hi There,In my logs, the specific field "Other Parameters" contains a lot of logs. I want it to extract the logs and ... by alexspunkshell Contributor in Splunk Search 09-04-2021 0 3	0	3
Splunk Cloud: Increase limit in field extraction from JSON I am using Splunk Cloud and I have defined a sourcetype (from the UI) of category Structured and Indexed Extractions ... by eduzamora Engager in Splunk Search 09-04-2021 0 3	0	3
Convert UTC time to EPOCH Hi Team, I am finding a way to convert UTC to EPOCH and vice versa for my search query Sample is here -> date: 2021... by SK2007 Loves-to-Learn Lots in Splunk Search 09-04-2021 0 3	0	3
How to automate the export of search results from cloud ITSI to an on-prem server How may I automatically generate a file on an on-prem server from the results of a search query by keesling Engager in Splunk Search 09-03-2021 0 2	0	2
Regex to match lines with multiple src_ip Hello, To pull in specific events in splunk i am trying to write a regex to identify lines that matches both the cond... by saurabhkharkar Path Finder in Splunk Search 09-03-2021 0 1	0	1
How to split a single line which contains multiple field values separated by spaces into multiple fields in Splunk? I have a csv file query as follows :- \| inputlookup file_1.csvwhich gives the result as follows in a single line as a... by pavanae Builder in Splunk Search 09-03-2021 1 1	1	1
How to fetch and compare unique id's from different events in Splunk query Hi team, I am creating a query to fetch a unique id from different events which are having different statuses. If t... by rkishoreqa Communicator in Splunk Search 09-03-2021 0 4	0	4
Convert Splunk results from spl to JSON before 8.2 Hello everybody,I'm using an spl query that extracts some values from a lookup and sends them to a web API via POST r... by D0do Explorer in Splunk Search 09-03-2021 0 2	0	2
how multiple sourcetype stats There are multiple sourcetypes in index="main".I'm trying to stats at SOURCETYPE number one and I need a field of sou... by nnonm111 Path Finder in Splunk Search 09-03-2021 0 3	0	3
Unable to initialize modular input "validation_mi" I'm unable to use the Validate & Package function of Add-on builder. When I run it, it says 'preparing validation' th... by kfennell Engager in Splunk Search 09-02-2021 0 0	0	0
How to calculate average of response time in seconds Hi,I need to calculate average of response time in seconds for my application. Query i am usingindex="prod_ping" s... by Madhusri Engager in Splunk Search 09-02-2021 0 3	0	3
Why aren't all my field extractions working? Hi,I'm having an odd issue. I made some field extractions and validated them through Regex101. However only some of t... by ebs Communicator in Splunk Search 09-02-2021 0 6	0	6