Splunk Search

Community Activity

	Inputcsv using a regex for the filename? I'd like to inputcsv a file using a wildcard for part of the file name. How can I accomplish this? More in-depth des... by nick405060 Motivator in Splunk Search 07-27-2021 0 6	0	6
	Change search based on Token Value Hi,I am kind of new to Splunk and have a problem with my search. I have a dashboard where I have an input field for a... by moonie Explorer in Splunk Search 07-27-2021 0 1	0	1
	Network topology Hi everyone!Maybe someone faced such a problem:I want to build a Layer 2 network topology, I have enough data for thi... by Zhanali Path Finder in Splunk Search 07-27-2021 0 4	0	4
	How can you adjust timezone in search? Convert UTC to AEST Hi, I have a field value 2021-07-26T00:30:51.411 UTC which I got from \| eval strftime(_time,"%Y-%m-%dT%H:%M:%S.%Q %Z"... by ebs Communicator in Splunk Search 07-26-2021 0 5	0	5
	Splunk query exclude keywords Hi alli need some help with my splunk query… basically I need to exclude all jobs from output with job name ending in... by Csingh Engager in Splunk Search 07-26-2021 0 1	0	1
	How can i remove the particular user in table? I have the below query:\| inputlookup test.csv\| eval epochtime=strptime(_time, "%a %b %d %H:%M:%S %Y")\| eval desired_t... by Sangeetha96 Engager in Splunk Search 07-26-2021 0 1	0	1
	Unable to search particular summary index field following Splunk upgrade from 7.0.0 to 8.1.4 Encountering a very odd issue where I have a daily summary index that has pretty simple key=value pairings for fields... by briancronrath Contributor in Splunk Search 07-26-2021 0 2	0	2
	How to rename dbxquery fields in dashboards? I am converting many dashboards from using dbquery to dbxquery. I have a few hundred of these queries to convert, wi... by RickWilson Engager in Splunk Search 07-26-2021 0 3	0	3
	How can we optimize a query that consumes lots of cpu? We have the following code that ran for one and a half hours last week and consumed lots of cpu. How can we optimize ... by danielbb Motivator in Splunk Search 07-26-2021 0 9	0	9
	Search improvement Hi - looking for a more efficient way to do this, if anyone has any tips: index=xyz sourcetype=abc NOT user_email=una... by ibmbaranski Engager in Splunk Search 07-26-2021 0 1	0	1
	Log format for Splunk key=value Hello guys,do you advice this log format:key=value instead of key="value" ? Thanks. by splunkreal Influencer in Splunk Search 07-26-2021 0 2	0	2
	Loop through single column list in Inputlookup csv and check if column values are found across multiple index events Hello. I have an input lookup csv file with a single column named “Domain” that has a list of domain names in that co... by dk777 New Member in Splunk Search 07-26-2021 0 1	0	1
	How to get the difference of columns from two different tables? (the number of rows in the column is different) Hi! My task is as follows: I want to compare the increment of a certain type of errors: the average value of each typ... by iyanushkevich Loves-to-Learn Lots in Splunk Search 07-26-2021 0 4	0	4
	Transaction not grouping results with startswith and endswith filter I am doing the labs for Fundamentals Part 2 and I am not understanding something I have to use the startswith and end... by dasfx Engager in Splunk Search 07-26-2021 0 2	0	2
	Group widgets/panel in a dashboard with a common border How to add group widgets/panel in a dashboard with a common border?Eggroup1 : panel1, panel 2 - combined border fo... by VS0909 Communicator in Splunk Search 07-26-2021 0 1	0	1
	specifying field in Field Extraction in search, w/ rex command I can specify which field I want to apply the Regex as following example\| rex field=event "... by Rabbit Loves-to-Learn in Splunk Search 07-25-2021 0 5	0	5
	Heavy forwarder and sysmon Hello friends, Suppose I install Microsoft Sysmon on a Windows server. I then go install the Universal Forwarder on ... by verifi81 Path Finder in Splunk Search 07-25-2021 0 2	0	2
	Regex help Hi,I have below sources,source = C:\Stats\user1\Tmpdata\Mappers\Consolesx\start.logsource = C:\Stats\user2\Tmpdata\... by SS1 Path Finder in Splunk Search 07-25-2021 0 4	0	4
	Help with Dashboarding Hello,Here is the whole context and question:https://community.splunk.com/t5/Splunk-Search/Aggregate-query-help/m-p/5... by aag Engager in Splunk Search 07-25-2021 0 1	0	1
	How do I implement multiple rename commands based on user input I have a single algorithm with 2 methods. Each method produces the same type of data but with different fields names ... by actionabledata Path Finder in Splunk Search 07-24-2021 0 0	0	0
	Multiple Rows into one row with primary key Hi, I have data that looks like this (as you can see user_id 9 has filled numerous rows). This is just a csv ingested... by jimhill Engager in Splunk Search 07-24-2021 0 4	0	4
	Dynamically Change panel background color based on returned value (no js possible) Hi. First, I've been using this forum for a few months now as I'm new to Splunk. Thanks to all the contributors on ... by AdrianH Explorer in Splunk Search 07-24-2021 0 4	0	4
	Combine two stacked bar charts side by side Hi All, I have a use case to align two stacked graphs side by side. So, there are 4 columns with values for any parti... by Abhishek_ Observer in Splunk Search 07-24-2021 0 2	0	2
	Firewall logs sourcetype=cp_log action!=Drop OR action!=Reject OR action!=dropped I am socked ,when i am searching with above quer... by rahul8777 Explorer in Splunk Search 07-24-2021 0 2	0	2
	how to set limit Hello Experts,I am new to Splunk and trying to build basic queries in Splunk to build use cases. Currently I am worki... by parthou Explorer in Splunk Search 07-23-2021 0 8	0	8