Splunk Search

Community Activity

How to pass a mutliple values into a Token? Hi all,Is it possible pass multiple value to a Token from one search to another? This is what I try to do.First Panel... by Tomas_K Explorer in Splunk Search 08-11-2021 0 3	0	3
multisearch with a lookup and index? I'm looking to combine data from a lookup file to data from our security server to create a comparison chart between ... by msage Path Finder in Splunk Search 08-11-2021 0 5	0	5
Dealing with Lists I have network logs that show various network device communication that are in an index in Splunk. I have another in... by richtate Path Finder in Splunk Search 08-11-2021 0 13	0	13
Querying partial match from lookup Hi, I've a lookup that looks like this - clientid url abc accounts//balanceabc accounts//namexyz /user/*/details An... by pjtbasu Explorer in Splunk Search 08-11-2021 0 2	0	2
How to split a row into two columns We want to replicate this table (especially the circled row).We have to divide data (from 1 to 3 and from 4 to 6) for... by Raghork Loves-to-Learn Lots in Splunk Search 08-11-2021 0 0	0	0
Filtering specific digit at the end of a field value Hi community,i have the following tstats output"\| tstats count WHERE fromzone="INTRANET" index=__* by index sourc... by brennson90 Path Finder in Splunk Search 08-11-2021 0 2	0	2
Loop on the values of a column of a table Hello,I have the following SPL command : \|tstats count where index=main host IN (H1,H2) by host, _time span=1h \| pred... by silverdiver New Member in Splunk Search 08-11-2021 0 1	0	1
How could I create a timespan for alternating events? Hey Splunk- community, I need your help again. My data are events which reports disturbments. "action=kommend" marks ... by Felix82 Explorer in Splunk Search 08-11-2021 0 4	0	4
how to get max val by time in splunk index="performance" sourcetype="physical_cpu"\| addtotals fieldname=CPU_SUM CPU_*\| rex mode=sed field=_raw "s/ //g"\| e... by chohye12 New Member in Splunk Search 08-11-2021 0 3	0	3
Generating alert based on condition Hi All ,i have configured alerts for the search below:index="ebs_red_0" host="dev-obiee-ux0*" source="/obiee_12c/app/... by Ashutosh_30 Loves-to-Learn in Splunk Search 08-11-2021 0 2	0	2
What should I do to see the value of two counts? What should I do to see the value of two counts?I want to see the number of clientips and destinations at the same ti... by nnonm111 Path Finder in Splunk Search 08-11-2021 0 1	0	1
Splunk regex help Hi Team, I've a field name uri, which has value like this --/dev/{AccountNumber}/accountDetail/uat/{ContentID}/conten... by pjtbasu Explorer in Splunk Search 08-10-2021 0 2	0	2
Trying to extract fields using regex Hi, I am new to Splunk environment. I am trying to extract ModifiedAccountName, ModifiedAccountDomain, ModifiedLogonI... by manojsrms Engager in Splunk Search 08-10-2021 1 2	1	2
Find all fileds by file list I have a data in Splunk like FnameLnameCountryfname1lname1USAfname2lname2USAfname3lname3USA And I have file in Splunk... by jokovitch Explorer in Splunk Search 08-10-2021 0 16	0	16
Field extraction for space Hi Team,We have one field as Customer=ABC DEF where one space in between where if i am giving any as Customer = *DEF... by Susha Engager in Splunk Search 08-10-2021 0 2	0	2
Create Statistic Table Based on Regex Hi experts, I am new to Splunk and came across this requirement at work.Requirement:I want to create a table showing ... by Wendy Explorer in Splunk Search 08-10-2021 0 4	0	4
Table with two headings Hi ALL, I have the below data in a log . Type = success or error . region names( In, CN, EMEA, APAC) Time ... by Rukmani_Splunk Path Finder in Splunk Search 08-10-2021 0 0	0	0
Displaying difference between two search query stats I am using the following query to retrieve events that I then display. I would like to add another column that is th... by jmalachoSPL64 Engager in Splunk Search 08-10-2021 0 2	0	2
why user with same role not able to see data Hi Guys,I have created a simple query with stats command and I'm able to see the required results.If same search is r... by vikramyadav Contributor in Splunk Search 08-10-2021 0 4	0	4
FInd different value from "-" on column HelloI have a query that gives me the data below:_time \| id \| order_i... by _Mauro_Costa_ Explorer in Splunk Search 08-10-2021 0 2	0	2
deploy and configure apps to a cluster with heavy forwarders Can anyone tell me the steps to deploy and configure multiple apps in a cluster with heavy forwarders. by sam1010 Explorer in Splunk Search 08-10-2021 0 5	0	5
JSON field extraction from JSON event with inner JSON This seems to be an odd issue or at least I've been searching for the wrong thing. My event sourcetype is json and t... by phil_tt Engager in Splunk Search 08-09-2021 0 2	0	2
Filtering data prior to timechart - finding values that are outside of filter I'm seeking to make a spunk timechart of values that match a certain filter:source="/var/log/bcore/ws_metric*" event=... by codekiln Explorer in Splunk Search 08-09-2021 0 1	0	1
Limiting lookup options using a token Hi all,I have a lookup and I'd like to filter based on tokenized value. The lookup dropdown also sets a different tok... by ft_kd02 Path Finder in Splunk Search 08-09-2021 0 1	0	1
Too many results returned from SFDC Lead object I've been having a hard time trying to get a Splunk search that will give me a count of all records in my Lead object... by arist0telis Explorer in Splunk Search 08-09-2021 0 0	0	0