Splunk Search

Ask a Question

Discussions

Thread Info

how to identify malformed regex ?

Dear Splunker, I have a lookup, which contains all the regex patterns. I would like to identify which of them are m...

by Engager in

User agent Android 10 & IOS 14 - Difficult in extracting Field

Hi I am trying to extract field from the user agent details like ( Operating system, Software, Software version, S...

by Loves-to-Learn in

Fillnull on an eval field post stats

Hi, I want to do a fillnull on an eval created field post stats but it never works quite right with either creating...

by Communicator in

Make a stats by value a separate field

I've performed a stats by command I was wondering if there was a way to store all these as fields and then for the by...

by Communicator in

How to use Regex to find values between two strings

I have this event: <f:Table><f:Row><f:Cell>IE Group Policy</f:Cell></f:Row><f:Row><f:Cell>HKEY_LOCAL_MACHINE\SOFTW...

by Motivator in

Parsing kaspersky syslog events

Hi community, I need help in parsing events containing not pure json. This is the raw event: May 28 15:...

by Path Finder in

Time conversion

Hi Team I have the time in this format "startTime":1606406489009 i wanted to convert it to date-month-year hour...

by Path Finder in

Add fonction AVG, STDEV and eval command to contingency command

Hello, I have an excel file like this : And I wanna do this on splunk, but I can't / don't know how to do ...

by Explorer in

Using a stats avg function after an eval case command to categorise

Hi, I have a requirement where we need to categorise events based on the url into 4 separate categories, then calcu...

by Communicator in

Dashboard base search with extra search values

Hello, I have a dashboard with 3 panels that load at the same time.Almost 3 identical searches. The difference is i...

by Path Finder in

Query syslog fields

Dear all, I have a syslog-ng relay server collecting syslog messages from remote network devices and saving them as...

by Explorer in

X axis and y axis title font size change

How to change the font size for x axis and y axis titles in splunk. Need inputs on this.

by Engager in

Transaction Command not returning all results

Hi, I have a splunk query as below: index=platform env=sandbox http_method="GET" This gave me 1 result...

by Engager in

If a field includes certain number of predefined strings?

Hi, data set to search in field1: ("foo", "bar", execute", "thanx", "tax", "trade" ) if field1 includes any rand...

by Path Finder in

Use call stats to calculate concurrent calls.

I have a data source that provides call records for telephone calls. Each call record contains a call duration and t...

by Explorer in

Need to compare the contents of a lookup file with search results

Hi, Brand new to splunk here. I've been using it about 1 month. I have a lookup file, all_identities_prod.csv,...

by Explorer in

How can I get max number of hours without events for all indexes, myindex=* ?

I have the summary index to record hourly event count for all device (de_count). I have the following search to get m...

by Path Finder in

How can I get the search work with multiple indexes

I have the search to get max number of hours without events for feeds. It works just for one index. It wouldn't wor...

by Path Finder in

Sum of field b after making multivalue fields and sort by date

I have created several 'rex' expressions that parse data into their own fields and the created multivalue fields comb...

by Path Finder in

Learning my Companies Splunk Data

I am trying to better learn what data is in the indexes at my company. There is a command that gives you something ...

by Path Finder in

Search for non-matched values

Hello, Is there any way to search non-matched values from two tables like you can do on excel using VLOOKUP? T...

by Contributor in

count time of my select time within week-ends

Hi community, is it possible to calculate the time between info_max_time and info_min_time according to the period ...

by Path Finder in

Reference Table Header in Javascript

Hi - I am currently working on adding a tooltip to a column header on a table in a Splunk dashboard. I have seen ways...

by Path Finder in

Divide the results of a query based on a field in the log

Hi, I wanted to divide each hostname by using the count of "documentcompletetime" field. index=nextgen so...

by Path Finder in

How to find find my reports and alert coming from which directory

Hi Team, Need help in identifying how can we find the path/directory of my alers and reports.. For ex all...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

how to identify malformed regex ?

User agent Android 10 & IOS 14 - Difficult in extracting Field

Fillnull on an eval field post stats

Make a stats by value a separate field

How to use Regex to find values between two strings

Parsing kaspersky syslog events

Time conversion

Add fonction AVG, STDEV and eval command to contingency command

Using a stats avg function after an eval case command to categorise

Dashboard base search with extra search values

Query syslog fields

X axis and y axis title font size change

Transaction Command not returning all results

If a field includes certain number of predefined strings?

Use call stats to calculate concurrent calls.

Need to compare the contents of a lookup file with search results

How can I get max number of hours without events for all indexes, myindex=* ?

How can I get the search work with multiple indexes

Sum of field b after making multivalue fields and sort by date

Learning my Companies Splunk Data

Search for non-matched values

count time of my select time within week-ends

Reference Table Header in Javascript

Divide the results of a query based on a field in the log

How to find find my reports and alert coming from which directory

Aligning Observability Costs with Business Value: Practical Strategies

Mastering Data Pipelines: Unlocking Value with Splunk

Splunk Up Your Game: Why It's Time to Embrace Python 3.9+ and OpenSSL 3.0

How to show the line when its value is NULL with ...

Search for triggered save searches and their actio...

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Using Machine Learning Toolkit to detect auth abus...

Splunk Search

Are you a member of the Splunk Community?

Discussions