Splunk Search

Community Activity

	Determining the total storage space a user's search artifacts are occupying (and calculating the time a search expires) I'm working on calculating the storage space taken up by a specific user. I would like to calculate the total size of... by BernardEAI Communicator in Splunk Search 09-01-2021 0 4	0	4
	How do I search for a list of Saves searches that don't use index name for searching in Splunk Ent. or ES. Thank u a lot I need to find a list of saved searches that don't use the index name in searching please. Any way to list the name o... by SamHTexas Builder in Splunk Search 08-31-2021 0 4	0	4
	Sum of particular field values Hi,Current tableExpectedfstatuscountsuccess604Userdefined39 Need to sum the "password mismach","policy policy constra... by Madhusri Engager in Splunk Search 08-31-2021 0 2	0	2
	Unable to get values of a field Hi Team, I have data with me as below. 2021-08-31 00:05:28\|Test\|Event\|[c.f.d.aop.sql.database ] 2ms :testing82021-08-... by sahil237888 Path Finder in Splunk Search 08-31-2021 0 1	0	1
	How do I make a list of Dashboards that are not working & who created them? in Splunk Ent. or ES? How do I search (any SPLs) for Dashboards that are not working (either built-in or created by users) or having errors... by SamHTexas Builder in Splunk Search 08-31-2021 0 1	0	1
	Why do I get "this health check item is not applicable" in Monitoring Console in ES while I have many KVstores ? Thank u How do I make sure the the ES KVstores are working & mapped properly to use them & avoid such errors? I appreciate so... by SamHTexas Builder in Splunk Search 08-31-2021 0 0	0	0
	How do I obtain an API key for an App. in ES please? I am getting an error with MITRE ATT&CK app that the API key needs to be corrected. Please advise. Thanks a million. by SamHTexas Builder in Splunk Search 08-31-2021 0 0	0	0
	How to exclude blank rows with time being displayed Hello Splunk Community,I've a query which lists accountNumber , targetAccountNumber, eventType, eventTimeThe query is... by iamsplunker Communicator in Splunk Search 08-31-2021 0 4	0	4
	multi lookup If the fields are different I'm going to stats through two lookups.srcip.csv fieldsrc_ip , subnetmaksdest.csv fielddest_ip,subnetmakssrc_ip , des... by nnonm111 Path Finder in Splunk Search 08-31-2021 0 1	0	1
	Remove spacing from records after inputlookup The contents of my lookup file, test12345.csv is shown below.ProductNumber,SerialNumber,StatusDateTime,Status"A12345 ... by moinyuso96 Path Finder in Splunk Search 08-31-2021 0 3	0	3
	How to use the result from one function into another function Hello all, I need help with this :((How to use derivatives of 1st function results into the 2nd function in splunk? P... by splunkymage Observer in Splunk Search 08-31-2021 0 1	0	1
	if else conditions in query Hi Team,Current tablecolumnrow1row2statusfailuresuccess My Requirement-1------if the row 1 has value as failure and i... by Madhusri Engager in Splunk Search 08-31-2021 0 1	0	1
	How do I search if a windows Event code xxxx from the Security logs is being ingested into Splunk? Please share a SPL to show if a certain event code ( Windows) from Security logs is being ingested into Splunk. I app... by SamHTexas Builder in Splunk Search 08-31-2021 0 3	0	3
	Use parametric time variable in source name Hello to everybody,we are trying to set a search that makes a diff between two files of two different days. This is t... by nicofantinato Path Finder in Splunk Search 08-30-2021 0 2	0	2
	how to extract payload data (key,value) into table i have data something like thisinput: firstname=value1,lastname=value2,email=value3,address=value4.. etc firstname=v... by ramki1459 Explorer in Splunk Search 08-30-2021 0 2	0	2
	Adding a row that is the sum of the events for each specific time to a table Is this possible to transform a data set from : TimeUserNumber of Errors9 pmJosh29 pmAndy110 pmJosh010 pmAndy111 pmJ... by learningsplunk Path Finder in Splunk Search 08-30-2021 0 2	0	2
	timewrap charts having timescale as the current week + 1/2/3 weeks before I am using timewrap function to compare data for a particular day of the week with same day of the week for last 4 we... by MayankChandra Engager in Splunk Search 08-30-2021 0 0	0	0
	timewrap output I am using timewrap to compare data for a particular day of the week with same day of the week for last 4 weeks. i.e ... by MayankChandra Engager in Splunk Search 08-30-2021 0 3	0	3
	How to overlay two graphs with different time ranges Would you know how can I display an overlay of two charts that have different time ranges on the X-axis?For example, ... by OctoberP Explorer in Splunk Search 08-30-2021 0 5	0	5
	Need to display count having zero events I am having below search string and suppose the file "magic_new.log" has no events and the requirement is to show tha... by prajwal_94 Explorer in Splunk Search 08-30-2021 0 3	0	3
	peak day count for the day of the month and avg for the month Hi, I get the exactly same count for avg and peak, any issue with my query? index=a sourcetype=ab earliest=-30d lates... by francly Explorer in Splunk Search 08-30-2021 0 3	0	3
	table command without changing sort order Hello all,I would like to use the table command without changing the order of events.To give an example: When searchi... by whrg Motivator in Splunk Search 08-30-2021 0 7	0	7
	User login Hi ,A newbie to Splunk here. I have found the query for login info for users on a host: index=os source=var/log/sec... by RanjithaN99 Explorer in Splunk Search 08-30-2021 0 6	0	6
	search language Hi, how do I get subtotal count for each Host and Total for all count, in additional count for all different status.H... by francly Explorer in Splunk Search 08-30-2021 0 4	0	4
	nested if loop I would like to write in splunk a nested if loop: What I want to achieve:if buyer_from_France: do ... by splunkymage Observer in Splunk Search 08-29-2021 0 0	0	0