Splunk Search

Community Activity

	rex extraction user & module HiHere is my log, what is the rex for extract "0000A0@#0000" and "mymodulename" 2021-07-14 23:59:05,185 INFO [APP] Us... by indeed_2000 Motivator in Splunk Search 07-15-2021 0 8	0	8
	Quoting values and CSV export If I run this search I generate two numeric fields, one called number the other called decimal \| makeresults 1 \| eva... by benton Path Finder in Splunk Search 07-15-2021 0 7	0	7
	rex for source target Hihere is my log:2020-01-19 13:20:15,093 INFO ABC.InEE-Product-00000 [MyProcessor] Detail Packet: M[000] T[111] P[0A0... by indeed_2000 Motivator in Splunk Search 07-15-2021 0 2	0	2
	Prop Conf for CSV input data Hello,Please let me know how I would write Props Configuration file for this csv file. Segment of sample data for thi... by SplunkDash Motivator in Splunk Search 07-15-2021 0 5	0	5
	How to filter time AFTER timechart using relative time Hello!I have a search with timechart that I need to filter time AFTER the timechart based on the current time. I've ... by msyparker Explorer in Splunk Search 07-15-2021 0 2	0	2
	How do I search for a complete list of all the Apps on my Deployment server ? Without the Built In apps. How do I search for a complete list of all the Apps on my Deployment server ? If possible Excluding the Built In apps... by SamHTexas Builder in Splunk Search 07-15-2021 0 1	0	1
	Run a for loop in splunk to look at a dynamic list I have a user that is asking me to look at the file hashes of every file that some into splunk across today and yeste... by mybestfriendbob Explorer in Splunk Search 07-15-2021 0 2	0	2
	Exclude 'default'/'system' fields in `table ` I've got a JSON event that I like to tabulate by using `index=myindex \| table `When I do this though it includes som... by henricook New Member in Splunk Search 07-15-2021 0 1	0	1
	I need complete this query find the top 5 viewed products referred by a domain. This is my sentence but is not completed. I can't find the solution on Doc. index=main sourcetype=acc* action=view [s... by EdwinOssa Engager in Splunk Search 07-15-2021 0 3	0	3
	Joining the results of a search with a dataset I've been trying to join the results of a search with a dataset on one line. I can get it to work with two lines, but... by Mick26 Engager in Splunk Search 07-15-2021 0 2	0	2
	Assign workload pool to user and/or roles Is there a way to assign workload pools to certain roles? Like say - we have 2 types of users. TypeA and TypeB users.... by ashwinhs New Member in Splunk Search 07-15-2021 0 1	0	1
	How to count number of occurrences of string in single event and group as per count ? I want to find out How many times string appeared in ONE SINGLE EVENT.and group all the events and find table like :... by splunkDevendra Explorer in Splunk Search 07-15-2021 0 6	0	6
	Top 1 for already selected values using query Current query :index=salcus sourcetype= ticket_mgmt_rest source= http:ticket_mgmt_rest \|rename "properties.o2-Troubl... by Digvijay Path Finder in Splunk Search 07-15-2021 0 2	0	2
	how to find out average response time for all events by looking at two fields in same event msg ? I've JSON Object in msg field as :"objectA":{<!-- -->"aggrStatus":"SUCCESS","attempts":[{<!-- -->"aggrStatus":"FAILURE","responses":[... by splunkDevendra Explorer in Splunk Search 07-15-2021 0 2	0	2
	Several user logon event for same host Hi,I have Splunk on Windows network, and using UF for windows events.I am searching to detect users logon during spec... by a_n Path Finder in Splunk Search 07-15-2021 0 6	0	6
	Search strings in a different fields with different name under different indexes I have two indexes including command line arguments, one has field name arg, the other one has field name command, wh... by splunkerer Path Finder in Splunk Search 07-14-2021 0 3	0	3
	Props config is not taking effect, trying to rename fields Hello,I am trying to rename some fields pre-index using props.conf and it's not working. Props below.[onelogin:event... by oleg106 Explorer in Splunk Search 07-14-2021 0 2	0	2
	search help Hi All,I am looking for a little help with a search today. I am looking to create an alert based on this search that ... by tkerr1357 Path Finder in Splunk Search 07-14-2021 0 2	0	2
	For hourly maximum value graph of REST API request response , I want logs of maximum value on drill down In the above attachment , I created graph which shows hourly maximum response time with respect to request response p... by Digvijay Path Finder in Splunk Search 07-14-2021 0 1	0	1
	timechart process of cpu usage of maximum PID Hihave log like below:_time source cpu_load_percent process pctCPU cpu... by indeed_2000 Motivator in Splunk Search 07-14-2021 0 2	0	2
	Using map to sendemail (email body is empty) Would like to automatically send an email to all email addresses which are the output of a search. My problem is that... by Tim00 Explorer in Splunk Search 07-14-2021 0 0	0	0
	How to export several GUIDs from the traceids obtained? Hi community,I can get 2126 events in the past 7 days with the following statement.index=* "*Error Sending SMS : org.... by MadocHuang New Member in Splunk Search 07-14-2021 0 1	0	1
	Network traffic for Windows Update (Firewall logs) Hello,I am checking a firewall log (Watchguard firebox) to monitor the network traffic for a windows LAN.I need to fi... by a_n Path Finder in Splunk Search 07-14-2021 0 1	0	1
	How to use if statements to validate two strings I would like TestResult to give output "1" if there are "Pass" or "Completed" in Status and "0" if otherwise. How to ... by moinyuso96 Path Finder in Splunk Search 07-13-2021 0 1	0	1
	Search help Hi All,The following search has been created to identify the unsecure communications.Also i need to see the end-to-en... by vikkysplunk Path Finder in Splunk Search 07-13-2021 0 0	0	0