Splunk Search

Community Activity

"Page not found" when trying to search through REST API Hello everyone!I receive "Page not found" message when I try to search using REST API.My URL: [splunkhost]/en-US/serv... by dzkashlach Engager in Splunk Search 08-03-2021 0 2	0	2
Splunk Es Hi Splunkers.Could anyone give me some info on what kind of attacks I can work on based on Linux and Windows logs. I'... by revanthammineni Path Finder in Splunk Search 08-03-2021 0 1	0	1
Required Regex Hi Team,I will be getting below text randomly in logs, I need a regex for the 1st IP's separately & 2nd IP's separate... by SabariRajanT Path Finder in Splunk Search 08-03-2021 0 2	0	2
How to encode a URL for a Hipchat notification alert action if there is no urlencode() function? Hi all, I have a Splunk alert configured to send Hipchat notifications. My goal is to have a link in the search to g... by floriancoulmier Engager in Splunk Search 08-03-2021 3 12	3	12
Date Calculation (Negative Display) I have a query where in I am subtracting 2 dates from the current time. While my query works, I have noted that if t... by willadams Contributor in Splunk Search 08-03-2021 0 2	0	2
Removing some field values from a mulitiple value field hello,I want to remove the string in field_2 from field_1.I want it to be like the value in the result field.Like a l... by youngrap Explorer in Splunk Search 08-03-2021 0 2	0	2
compare two fields with against other field not in order Hi I'm trying to compare two fields against one field, can anyone please suggest how can I achieve this.Cluster ... by kirrusk Communicator in Splunk Search 08-03-2021 0 3	0	3
Calculate time taken from each failed task to next successful task(MTTR) from a list of tasks Hello all,I have a dashboard and the source is json files.{<!-- -->"ID": "123","TIME": "Jul 11, 2021, 08:55:54 AM","STATUS": ... by anooshac Communicator in Splunk Search 08-03-2021 0 10	0	10
join three queries Hi All, In Splunk is it possible to join two joint queries. I have queries like 1)index=_inter sourcetype=project \| d... by kirrusk Communicator in Splunk Search 08-02-2021 0 1	0	1
DC of users per 5 mins with Kbps calculation Hi all,I have been using Splunk for about 2 days, so am VERY new. I'm trying to get a utilization number for endpoin... by a277437 Explorer in Splunk Search 08-02-2021 0 5	0	5
Subnet monitoring Hi, I want to monitor the subnet 172.30.0.0/24 through splunk, which IP address is used and which is not. Whenever ne... by Whyruss Explorer in Splunk Search 08-02-2021 0 6	0	6
event for given time window on each date I would like to get event count for a particular time period for each day for a given date range (that I will select ... by PUNSNYC New Member in Splunk Search 08-02-2021 0 1	0	1
Enum for non numerical values I have a non numerical field (text), and I want to create an enum field. Meaning that I will have a new field with nu... by ndd Engager in Splunk Search 08-01-2021 0 5	0	5
Using both earliest(_time) and latest(_time) together in a search is returning the same value for both. Hi, so I am trying to record the Earliest connection for IP addresses and the Latest connection for IP addresses howe... by jt1234567 Loves-to-Learn in Splunk Search 07-31-2021 0 1	0	1
Successful Brute Force Attempts using the Authentication Data Model Question Hello all,I'm trying to create an alert for Successful Brute Force Attempts using the Authentication Data Model. Curr... by md Explorer in Splunk Search 07-31-2021 0 0	0	0
How to add two different soucetype Hi, We are looking to join two different soucretype which is given below1- first source type for abc(In this soucety... by sushil_sh Engager in Splunk Search 07-31-2021 0 2	0	2
Stats Results After Upgrade All, Just upgraded to 8.2.1 last night and noticed something today with stats. # This search returns 160k+ eventsinde... by dpwtheitguy Loves-to-Learn Lots in Splunk Search 07-30-2021 0 1	0	1
Has anyone else come across unexpected behavior using the (?J) mode modifier in the rex command? Hi, I wanted to see if anyone else had come across some strange behaviour when using the (?J) mode modifier in the '... by gvmorley Contributor in Splunk Search 07-30-2021 6 7	6	7
Calculate time server CPU above alert percentage Hi,I need to track the number of times and duration where the CPU used percent is above a threshold number.The search... by timrich66 Communicator in Splunk Search 07-30-2021 0 0	0	0
csv lookup for search query based on continuity and 7-day condition Hi Splunk Experts, I wonder if you could help me putting the below logic in to a search query?Here the link reference... by longmen Path Finder in Splunk Search 07-30-2021 0 21	0	21
Splunk chart select zoom & reset zoom permanent Hi All..Is there a way to keep the in chart zoom & pan option button to keep visible even on zero zoom selection by mvishal Explorer in Splunk Search 07-30-2021 0 0	0	0
Comparing data between rows and show only needed result Hi Splunker I'm quite new to splunk. Can you please help me out on this search?I have a table of antivirus database v... by flukey Engager in Splunk Search 07-30-2021 0 2	0	2
Pass a token to regex or pass a field to regex I am extracting a list of free text string in the _ raw and creating a new field.The list of terms comes from user in... by spicy Path Finder in Splunk Search 07-29-2021 0 4	0	4
Splunk search with regex Hi everyone, I got lots of the blow _row after the search:........2002-02-22 17:32:15.592 somedatainformation ==> ASH... by ss394546910 Engager in Splunk Search 07-29-2021 0 1	0	1
Splunk rest curl query fails to execute on the successive attempts with the session key authorization First attempt creates the splunk SID, but fails on the successive attempts to create search id. Same issue occurs whi... by sathishraja92 Explorer in Splunk Search 07-29-2021 2 1	2	1