Splunk Search

Community Activity

Different events number while searching via python sdk Hi,I am using python SDK to search with this configuration:query_kwargs = {<!-- -->'earliest_time': earliest, ... by osnathy83 Observer in Splunk Search 07-21-2021 0 0	0	0
Inputlookup some data not matching with dbxquery I have a dbxquery which pulls some applicationdata which includes servername. Also I have a inputlookup which fetche... by rijuth New Member in Splunk Search 07-20-2021 0 2	0	2
Search - Combine different events which are results of a single search command Hi,My Jenkins sends my testresults data for the same job (Automation regression tests job) to Splunk in multiple eve... by JP Explorer in Splunk Search 07-20-2021 0 2	0	2
Time Chart Command Question I am reading:The following section: https://docs.splunk.com/Documentation/Splunk/latest/SearchReference/timechartlimi... by jason_hotchkiss Communicator in Splunk Search 07-20-2021 0 2	0	2
Col operation Hi everyone,Is it possible to achieve this: My search has resulted in four columnsColumn1 Column2 Colu... by mandyst Engager in Splunk Search 07-20-2021 0 2	0	2
How to read an array of fields from a single event and make into different records ? Hi,In Splunk, I have Test Automation results logs which has details like Test case name, Test Status, Error, Duration... by JP Explorer in Splunk Search 07-20-2021 0 13	0	13
Using Time Modifiers in search for timechart Hello - I was reading this: https://docs.splunk.com/Documentation/SCS/current/Search/TimemodifiersBut it is not very... by jason_hotchkiss Communicator in Splunk Search 07-20-2021 0 2	0	2
Search for a snapshot count total for the last 20 mins on every hour I'm looking to do a search that captures a snapshot of how many devices from certain subnets we have had going throug... by FC50 Path Finder in Splunk Search 07-20-2021 0 9	0	9
Converting a field from a string to a number So, long story short...I am trying to determine the event count by source, which host is producing the most events in... by jason_hotchkiss Communicator in Splunk Search 07-20-2021 0 4	0	4
Extracting a field after a certain text string Hello, I'm trying to extract some SSID info into a field in Splunk. This info comes after a certain text string in so... by FC50 Path Finder in Splunk Search 07-20-2021 0 3	0	3
what is the format to use for a date in a search / dashboard I tried to specify an exact date for a search time range, but couldn't make it work relative and epoch date works : ... by mataharry Communicator in Splunk Search 07-20-2021 3 11	3	11
Suppose i have some process to run to give input and output count based on that we were calculating rejection percentage Suppose i have some process to run to give input and output count based on that we were calculating rejection percent... by 9198459056 Loves-to-Learn Everything in Splunk Search 07-20-2021 0 0	0	0
How to perform incremental search I have some events data in which I have fields like Eventid, EventTime, EventRunId, AccountID etc. As per my use case... by hmlathigara Observer in Splunk Search 07-20-2021 0 1	0	1
Help with Palo Alto Network and Splunk Good afternoon!I have Palo Alto generating logs and redirecting them to Splunk, I am wanting to use Palo Alto Network... by JoseMaría Explorer in Splunk Search 07-20-2021 0 0	0	0
Variable reference in To: field of an email alert. Hi Splunk Team.Can I use variable reference in To: field of an email alert? I have a distribution_list variable assoc... by mdzmuran Observer in Splunk Search 07-20-2021 0 3	0	3
Calculate after stats command L.s.,I want to get the latency from the input from a forwarder to an index. So whe use the app Meta_woot. It creates ... by jariw Path Finder in Splunk Search 07-19-2021 0 4	0	4
Can I specify app name in Splunk query and run that query from any app ? Can I specify app name in Splunk query and run that query from any app ? by VS0909 Communicator in Splunk Search 07-19-2021 0 3	0	3
File will not be read, seekptr checksum did not match I am getting the error below"File will not be read, seekptr checksum did not match (file=<file name>0). Last time we ... by mcohen13 Loves-to-Learn in Splunk Search 07-19-2021 0 0	0	0
Multiple stats command bin _time span=1h \| stats count(eval(eventDay==curDay)) AS cv by uid \| stats count(eval(eventDay!=curDay)) AS ce by ... by lkslsaks Loves-to-Learn in Splunk Search 07-19-2021 0 2	0	2
Specify App Name in Splunk Query I want to execute a query in app1, but I want to get the data from app2For eg:Execute query in app1 "index="abc", Th... by VS0909 Communicator in Splunk Search 07-19-2021 0 5	0	5
How to detect when files are deleted, modified, or read on Windows Server? Hello there, I'm trying to monitor file access on our file server (Windows 2012 R2) with Splunk Light but I can't q... by elindemann Engager in Splunk Search 07-19-2021 0 3	0	3
Windows TA field extractions are not working Hi, When I search for Windows Event Logs using : index=oswin sourcetype=XmlWinEventLog I'm not getting any pars... by iainsmart Engager in Splunk Search 07-19-2021 0 4	0	4
1% slowest requests Iis Hi,I am looking on generating a search to find the 1% slowest requests from IIS logs however I am not sure if this is... by joe06031990 Communicator in Splunk Search 07-19-2021 0 0	0	0
Disjoint results of multiple searches I have 2 query searches, one returns set result A and the other one returns set result B. I would like to get the res... by mhagoel Engager in Splunk Search 07-19-2021 0 1	0	1
Multivalue-Field Filter I receive a bunch of messages that all are assigned to a group by the groupID.I also have a dynamic set of a range as... by doki971 Loves-to-Learn Everything in Splunk Search 07-19-2021 0 10	0	10