Splunk Search

Community Activity

	Splunk search - How to search the fields1 values contains in field2 Hi All, Hope you guys are doing fine.I do have few doubts with relates to field comparison. Please find the below sam... by kartm2020 Communicator in Splunk Search 08-22-2021 0 6	0	6
	Edit data In Splunk I have a data in Splunk likeindex="main"FnameCountryfname1USAfname1USAfname3USA I want to add and change some datawhe... by jokovitch Explorer in Splunk Search 08-22-2021 0 6	0	6
	How to obtain duration if the End Time is conditional? Currently my Splunk Search is shown as below:SerialDescriptionDateTimeStartTimeEndTimeMY111Registration2021-05-01 00:... by moinyuso96 Path Finder in Splunk Search 08-22-2021 0 1	0	1
	ITSI search editor hotkeys When editing searches in ITSI, control-e expands macros and control-z undoes the last change. I know this only by be... by keesling Engager in Splunk Search 08-21-2021 0 0	0	0
	How do I do a search for multiple IP's, URL's and File Hashes by RYEAMAN Observer in Splunk Search 08-21-2021 0 1	0	1
	Event Breaking for PROPS Configuration File Hello,Please let me know how I would break the events, write TIME_PREFIX and TIME_FORMAT for my PROPS Conf. file fo... by SplunkDash Motivator in Splunk Search 08-20-2021 0 11	0	11
	Detecting Spikes/Anomalies in Failed Logins - over time My goal is to calculate a score of confidence based on how anomalous the amount of failed logins is compared to activ... by cyberdiver Explorer in Splunk Search 08-20-2021 0 0	0	0
	searching a lookup table with multiple values in a field I have a csv file that that I am using for a lookup which has multiple values in a particular field. I am trying to d... by raysonjoberts Path Finder in Splunk Search 08-20-2021 0 4	0	4
	Split without delimiter How can I split a field, into many other fields, but without using a delimiter, and using the position range instead?... by EberlinM Engager in Splunk Search 08-20-2021 0 2	0	2
	How to get a predicted value from the data statistics I want to get a predicted value from the data statistics.Is it possible to output the predicted value for each patter... by miyuog13 Engager in Splunk Search 08-20-2021 0 1	0	1
	[Lookup] Unable to filter/display out data from modify lookup Hi Splunkers,I have query where i want to filter out all the legitimate process by path process which ive identify th... by Splunkin Explorer in Splunk Search 08-20-2021 0 1	0	1
	Show count by a field value Hi Experts,I have a requirement to in which a table is ingested to Splunk. And the table has a field named Time showi... by Karthikeyan Engager in Splunk Search 08-20-2021 0 3	0	3
	splunk showing 1 event 2 times in multi site cluster We aren't supposed to see the same results from both sites. For a given event we should only see it coming from one s... by pranay_adla Explorer in Splunk Search 08-20-2021 0 2	0	2
	How to increase the subsearches maxout limit ? Hi All,Can someone please help me if our subsearch has results more than 50000 and we need to append those as well to... by datamine Loves-to-Learn Lots in Splunk Search 08-20-2021 0 3	0	3
	Combine column values and search I have a dynamic table extracted from a search result. Example Table1 that I can get:ErrorCodeComputerInternet Connec... by chiilii Explorer in Splunk Search 08-20-2021 0 4	0	4
	CsvDataProvider - Unable to find filename property for lookup Dear Sirs, I am using lookup to enrich my event data on the fly, and it seems to work fine. However, every invocation... by kaurinko Communicator in Splunk Search 08-20-2021 0 2	0	2
	Confused with Transaction and map command Hi I have two searches for which searches pacs.200(input) and pacs.800(output) records for an ID inxdex="xyz" sourc... by KBudhale Observer in Splunk Search 08-20-2021 0 4	0	4
	Request for searching APIs Hi,How do I get APIs for measuring Units that is SVC(Splunk Virtual Compute Unit) and vCPU (Virtual CPU) in splunk?al... by babypal6 New Member in Splunk Search 08-19-2021 0 0	0	0
	_json query problem Hi, can anybody help me please?I have _json indexed events in Splunk.19.08.21 08:26:27,746{<!-- --> [-] name: S8.ManuelFail... by spisiakmi Contributor in Splunk Search 08-19-2021 0 1	0	1
	Scheduled searches running at top hour Hi Team,Can you help me with splunk query which gives me visualization for scheduled searches spiking top of the hou... by sharada Loves-to-Learn Everything in Splunk Search 08-19-2021 0 2	0	2
	Splunk extraction query index=app_pc "Last Executed SQL" "Tablespace"\| rex field=_raw <SERVICE_NAME>(?<SERVICE_NAME>.*)</SERVICE_NAME>\| rex f... by lv66735 New Member in Splunk Search 08-19-2021 0 1	0	1
	99% Percentile for Response Time IIS Hi,I currently have the bellow Search to find the 99% Percentile for Response Time: index=test sourcetype=test\|eval r... by joe06031990 Communicator in Splunk Search 08-19-2021 0 0	0	0
	Dashboard token value substitution Hi I have a input token in my dashboard for register number called $tok_reg_num$.The customers can put in a specific... by randy_moore Path Finder in Splunk Search 08-19-2021 0 2	0	2
	Lookup wildcard Hello,I need a help with using wildcards in lookup. I want to exclude from search results fields, which are located i... by bosseres Contributor in Splunk Search 08-19-2021 0 2	0	2
	Calculate percent index=Myindex sourcetype=mine mysearch \| eval Result=if(Apple="1","Bad","Good")\| stats count by Result The search ... by C37996518 Explorer in Splunk Search 08-19-2021 0 3	0	3