Splunk Search

Community Activity

Eval for Performance based on Category and if below MaxResponseTime Hi,I want to look at each response_time value for each Tier, and count the amount of response times that are above an... by ebs Communicator in Splunk Search 06-29-2021 0 6	0	6
Splunk 8.0.1 and 8.2.0 stats latest behaving differently Following produces values for a and b in Splunk 8.2.0, but in 8.0.1, values of a is emptyIs there any changes in beha... by mrrijo New Member in Splunk Search 06-29-2021 0 2	0	2
SPL \| REST command does not work when non-Admin User with these capabilities fails, but ADMIN user works. This SPL works fine when logged in as ADMIN, but does not ... by simpkins1958 Contributor in Splunk Search 06-29-2021 0 4	0	4
Splunk SPL to detect anomaly over usages from indexes Hello ,I would really appreciate your help in creating a splunk search query to find out the anomaly over size from ... by bhilim Loves-to-Learn Lots in Splunk Search 06-29-2021 0 2	0	2
Use the result from the subsearch to a main search In one of the search strings, I have an event from which i extract the correlation ids and in turn want to search thr... by thenormalone Path Finder in Splunk Search 06-29-2021 0 3	0	3
earliest and latest HH:MM across multiple days I want to set dynamic SLA's for File Processing. In order to do this I need to:1. get the earliest HH:MM:SS the job ... by middlemiddle Explorer in Splunk Search 06-29-2021 0 4	0	4
How do i search for IPv6 addresses from my src_ip field. I'm trying to do a search that finds IPv6 addresses. Currently our field src_ip has both IPv4 and IPv6 in it. How can... by cesaccenturefed Path Finder in Splunk Search 06-29-2021 2 5	2	5
How to use stats instead of transaction command ? log1 : user_id , status=interrupt,log2 : user_id, status = successHi All,I want to find user_ids that failed due to a... by appu Explorer in Splunk Search 06-29-2021 0 1	0	1
Combine two searches Hi, I have 2 sample logs and I need to combine them into 1 query to grab the "Accesses" values,Due to the log format ... by qysplunk Loves-to-Learn Lots in Splunk Search 06-29-2021 0 0	0	0
Help with Boolean query Below is an example of what I want to accomplish: If x="example" and y="success", return true for this segment. If x=... by TheBravoSierra Path Finder in Splunk Search 06-29-2021 0 1	0	1
Searching data that is not indexed We have data which is not being indexed that needs to be searched. I've been told by our Splunk admin team that the d... by RedHonda03 Explorer in Splunk Search 06-29-2021 0 3	0	3
Exclude Source IP and Destination IP from results if they belong to same private ip range Hi There,How do i Exclude Source IP and Destination IP from results if they belong to same private ip range? For e.g.... by sarwshai Communicator in Splunk Search 06-29-2021 0 6	0	6
SPL Query to filter the ip used less than 20+users Hi Team,I have a dashboard where existing results showing Event date, Event title, email id, Logon IP, Logon Location... by SabariRajanT Path Finder in Splunk Search 06-29-2021 0 3	0	3
Count of all query present in lookup file I've created a lookup file with 2 columns like this, basically a lookup file containing list of search queries. Name ... by pjtbasu Explorer in Splunk Search 06-29-2021 0 1	0	1
split filed into multiple filed I would like to break "X" field into multiple field based on available value. "X" contain data in following format. F... by abhijeet Explorer in Splunk Search 06-29-2021 0 2	0	2
regex extraction Hi from this log:23:52:52.758 alex appinfo: Terminating due to signal: 1 How can I extract these item with rex:user=a... by indeed_2000 Motivator in Splunk Search 06-29-2021 0 4	0	4
map command alternative Hi Everyone,I had been using map command on a set of few tens of entries . Basically it gets Busername field and sea... by Simr New Member in Splunk Search 06-29-2021 0 2	0	2
I see error in Low Level HTTP request failure err=failed method=POST in search head cluster I have see below error messages in my search head cluster members .i am using 8.2v.can i get some resolution for this... by btshivanand Path Finder in Splunk Search 06-29-2021 0 0	0	0
Search filter returning odd results Hey everyone!Hope you are doing alright and my question is in the right place here. For a few days, i am seeing a st... by jansvensen Loves-to-Learn Lots in Splunk Search 06-28-2021 0 18	0	18
Splunk Query Hi @gcusello ,Can you please help me to design a Splunk query to show whether a particular user has been coming into ... by rahul2gupta Path Finder in Splunk Search 06-28-2021 0 4	0	4
Spliting single filed into multiple fields based on different delimiters Hi,I have the following value in a field which needs to be split into multiple fields,Classname: abc.TestAutomation.N... by JP Explorer in Splunk Search 06-28-2021 0 2	0	2
Blind mask with eval Hi, I would like to count how many times "Booking failed with 1 source conflict and 1 destination conflict" message o... by dabroma5 Explorer in Splunk Search 06-28-2021 0 3	0	3
How to find the number of fields that consists "Passed" and also the Total number of fields available. This is my sample data. i need the total "passed" These are the Headers, Node Name _time, Anti-Spoofing, Rule Banner... by vinod743374 Communicator in Splunk Search 06-28-2021 0 11	0	11
Why is `trigger_time` different for every _audit search query? I am running following search query to obtain history of triggered alerts (time, name, severity), manually: index=_au... by LegalPrime Path Finder in Splunk Search 06-28-2021 0 0	0	0
How do I split a SQL statement's query fields and relate each field with the app name? I have a search result like below:{ [-] dt: 2021-06-24T22:46:40.7013297Z flds: [ [-] { [-] fn: username... by rilee Explorer in Splunk Search 06-28-2021 0 4	0	4