Splunk Search

Community Activity

Splunk Query Task I want Splunk query related to:1. Firewalls availability2. Endpoint protection availabilityFor my own work, you can h... by Rawabi1994 New Member in Splunk Search 09-05-2021 0 1	0	1
Field Extraction using Regex Hi There,In my logs, the specific field "Other Parameters" contains a lot of logs. I want it to extract the logs and ... by alexspunkshell Contributor in Splunk Search 09-04-2021 0 3	0	3
Splunk Cloud: Increase limit in field extraction from JSON I am using Splunk Cloud and I have defined a sourcetype (from the UI) of category Structured and Indexed Extractions ... by eduzamora Engager in Splunk Search 09-04-2021 0 3	0	3
Convert UTC time to EPOCH Hi Team, I am finding a way to convert UTC to EPOCH and vice versa for my search query Sample is here -> date: 2021... by SK2007 Loves-to-Learn Lots in Splunk Search 09-04-2021 0 3	0	3
How to automate the export of search results from cloud ITSI to an on-prem server How may I automatically generate a file on an on-prem server from the results of a search query by keesling Engager in Splunk Search 09-03-2021 0 2	0	2
Regex to match lines with multiple src_ip Hello, To pull in specific events in splunk i am trying to write a regex to identify lines that matches both the cond... by saurabhkharkar Path Finder in Splunk Search 09-03-2021 0 1	0	1
How to split a single line which contains multiple field values separated by spaces into multiple fields in Splunk? I have a csv file query as follows :- \| inputlookup file_1.csvwhich gives the result as follows in a single line as a... by pavanae Builder in Splunk Search 09-03-2021 1 1	1	1
How to fetch and compare unique id's from different events in Splunk query Hi team, I am creating a query to fetch a unique id from different events which are having different statuses. If t... by rkishoreqa Communicator in Splunk Search 09-03-2021 0 4	0	4
Convert Splunk results from spl to JSON before 8.2 Hello everybody,I'm using an spl query that extracts some values from a lookup and sends them to a web API via POST r... by D0do Explorer in Splunk Search 09-03-2021 0 2	0	2
how multiple sourcetype stats There are multiple sourcetypes in index="main".I'm trying to stats at SOURCETYPE number one and I need a field of sou... by nnonm111 Path Finder in Splunk Search 09-03-2021 0 3	0	3
Unable to initialize modular input "validation_mi" I'm unable to use the Validate & Package function of Add-on builder. When I run it, it says 'preparing validation' th... by kfennell Engager in Splunk Search 09-02-2021 0 0	0	0
How to calculate average of response time in seconds Hi,I need to calculate average of response time in seconds for my application. Query i am usingindex="prod_ping" s... by Madhusri Engager in Splunk Search 09-02-2021 0 3	0	3
Why aren't all my field extractions working? Hi,I'm having an odd issue. I made some field extractions and validated them through Regex101. However only some of t... by ebs Communicator in Splunk Search 09-02-2021 0 6	0	6
Difference between two fields from two events based on condition I have two events as below -event 1 "id=1 api=xyz apiResTime=50" event 2 "id=1 api=xyz duration=200" I want to plot... by rohinisb91 Observer in Splunk Search 09-02-2021 0 1	0	1
Sorting the fields based on values in a row This is my splunk query index=xxxxx "searchTerm")\|rex "someterm(?<errortype>)" \| timechart count byerrortype span ="1... by nsingh49 Explorer in Splunk Search 09-02-2021 0 2	0	2
Taking Value of One Field, Adding Text, And Comparing Against Another Field Greetings,I want to exclude search results if a field contains a value compared against another field with additional... by SplunkLunk Path Finder in Splunk Search 09-02-2021 0 1	0	1
change table view Helloi have a table that looks like this : and i want it to look like this: so the type values will be the header wha... by sarit_s Communicator in Splunk Search 09-02-2021 0 16	0	16
Table not generated with join subsearch Hi,We are sending a reduced size logs to out splunk to do some smarts. We realized for the past year or so one of our... by vantoryc Explorer in Splunk Search 09-02-2021 0 9	0	9
Search in splunk with string having " and / Hi,I want to search "xyzetc\";0, ---this is my string .Unable to search this exact pattern, Unba... by opamlan Loves-to-Learn in Splunk Search 09-02-2021 0 1	0	1
How to calculate percentages with multiple count function？ I'm trying to calculate percentages based on the number of events per vary group. There are actually a lot of events,... by homer07 Explorer in Splunk Search 09-02-2021 0 4	0	4
using transaction in subsearch to define earliest latest in mainsearch I want to use the subsearch to get start and endtime of the newest transaction (here a botsession).The subsearch alon... by TheEggi98 Path Finder in Splunk Search 09-02-2021 0 3	0	3
sort table values by table values HelloI have a table with 3 columns1 is stringsand 2 columns with numbersis there a way to sort the table from the hig... by sarit_s Communicator in Splunk Search 09-02-2021 0 6	0	6
Need to get all the values in piechart Hi,Current piechartIn the above piechart highlighted cities details are not displaying.have to use mouse over to chec... by Madhusri Engager in Splunk Search 09-02-2021 0 1	0	1
Filter data from showing up Hi Guys, I would like to check if it's possible to prevent some data from showing up in the search. Below is what I w... by splunknewbie81 Engager in Splunk Search 09-02-2021 0 5	0	5
Zero count not displaying when stats count is used My query is :index="stage" source="record service*" \| eval type=case(like(message, "%successful generated account%"... by Harshi1993 New Member in Splunk Search 09-02-2021 0 3	0	3