Splunk Search

Community Activity

	How to obtain duration if the End Time is conditional? Currently my Splunk Search is shown as below:SerialDescriptionDateTimeStartTimeEndTimeMY111Registration2021-05-01 00:... by moinyuso96 Path Finder in Splunk Search 08-22-2021 0 1	0	1
	ITSI search editor hotkeys When editing searches in ITSI, control-e expands macros and control-z undoes the last change. I know this only by be... by keesling Engager in Splunk Search 08-21-2021 0 0	0	0
	How do I do a search for multiple IP's, URL's and File Hashes by RYEAMAN Observer in Splunk Search 08-21-2021 0 1	0	1
	Event Breaking for PROPS Configuration File Hello,Please let me know how I would break the events, write TIME_PREFIX and TIME_FORMAT for my PROPS Conf. file fo... by SplunkDash Motivator in Splunk Search 08-20-2021 0 11	0	11
	Detecting Spikes/Anomalies in Failed Logins - over time My goal is to calculate a score of confidence based on how anomalous the amount of failed logins is compared to activ... by cyberdiver Explorer in Splunk Search 08-20-2021 0 0	0	0
	searching a lookup table with multiple values in a field I have a csv file that that I am using for a lookup which has multiple values in a particular field. I am trying to d... by raysonjoberts Path Finder in Splunk Search 08-20-2021 0 4	0	4
	Split without delimiter How can I split a field, into many other fields, but without using a delimiter, and using the position range instead?... by EberlinM Engager in Splunk Search 08-20-2021 0 2	0	2
	How to get a predicted value from the data statistics I want to get a predicted value from the data statistics.Is it possible to output the predicted value for each patter... by miyuog13 Engager in Splunk Search 08-20-2021 0 1	0	1
	[Lookup] Unable to filter/display out data from modify lookup Hi Splunkers,I have query where i want to filter out all the legitimate process by path process which ive identify th... by Splunkin Explorer in Splunk Search 08-20-2021 0 1	0	1
	Show count by a field value Hi Experts,I have a requirement to in which a table is ingested to Splunk. And the table has a field named Time showi... by Karthikeyan Engager in Splunk Search 08-20-2021 0 3	0	3
	splunk showing 1 event 2 times in multi site cluster We aren't supposed to see the same results from both sites. For a given event we should only see it coming from one s... by pranay_adla Explorer in Splunk Search 08-20-2021 0 2	0	2
	How to increase the subsearches maxout limit ? Hi All,Can someone please help me if our subsearch has results more than 50000 and we need to append those as well to... by datamine Loves-to-Learn Lots in Splunk Search 08-20-2021 0 3	0	3
	Combine column values and search I have a dynamic table extracted from a search result. Example Table1 that I can get:ErrorCodeComputerInternet Connec... by chiilii Explorer in Splunk Search 08-20-2021 0 4	0	4
	CsvDataProvider - Unable to find filename property for lookup Dear Sirs, I am using lookup to enrich my event data on the fly, and it seems to work fine. However, every invocation... by kaurinko Communicator in Splunk Search 08-20-2021 0 2	0	2
	Confused with Transaction and map command Hi I have two searches for which searches pacs.200(input) and pacs.800(output) records for an ID inxdex="xyz" sourc... by KBudhale Observer in Splunk Search 08-20-2021 0 4	0	4
	Request for searching APIs Hi,How do I get APIs for measuring Units that is SVC(Splunk Virtual Compute Unit) and vCPU (Virtual CPU) in splunk?al... by babypal6 New Member in Splunk Search 08-19-2021 0 0	0	0
	_json query problem Hi, can anybody help me please?I have _json indexed events in Splunk.19.08.21 08:26:27,746{<!-- --> [-] name: S8.ManuelFail... by spisiakmi Contributor in Splunk Search 08-19-2021 0 1	0	1
	Scheduled searches running at top hour Hi Team,Can you help me with splunk query which gives me visualization for scheduled searches spiking top of the hou... by sharada Loves-to-Learn Everything in Splunk Search 08-19-2021 0 2	0	2
	Splunk extraction query index=app_pc "Last Executed SQL" "Tablespace"\| rex field=_raw <SERVICE_NAME>(?<SERVICE_NAME>.*)</SERVICE_NAME>\| rex f... by lv66735 New Member in Splunk Search 08-19-2021 0 1	0	1
	99% Percentile for Response Time IIS Hi,I currently have the bellow Search to find the 99% Percentile for Response Time: index=test sourcetype=test\|eval r... by joe06031990 Communicator in Splunk Search 08-19-2021 0 0	0	0
	Dashboard token value substitution Hi I have a input token in my dashboard for register number called $tok_reg_num$.The customers can put in a specific... by randy_moore Path Finder in Splunk Search 08-19-2021 0 2	0	2
	Lookup wildcard Hello,I need a help with using wildcards in lookup. I want to exclude from search results fields, which are located i... by bosseres Contributor in Splunk Search 08-19-2021 0 2	0	2
	Calculate percent index=Myindex sourcetype=mine mysearch \| eval Result=if(Apple="1","Bad","Good")\| stats count by Result The search ... by C37996518 Explorer in Splunk Search 08-19-2021 0 3	0	3
	How to increase the subsearch limit? Hello, I'm trying to do a subsearch like this one: index = raw_internet_cartonista programa = ILCL [ search index ... by vitorvmiguel Explorer in Splunk Search 08-19-2021 0 8	0	8
	one timestamp multi events HiIn my search table are some multible events with one timestamp.I need to split them.Does somebody has any idea?Than... by gotarr Explorer in Splunk Search 08-19-2021 0 6	0	6