Splunk Search

Community Activity

	How To Pass Parameters to Saved Search Using Splunklib Hello,Does anyone know how to pass parameters to a saved search using the splunklib for the Splunk API?I am able to u... by Traer001 Path Finder in Splunk Search 06-24-2021 0 0	0	0
	How do I extract value from stats list I want to extract count from list (picture 1 ) to table (picture 2) How do I do? \|stats count by Name,severity ... by apichai32356 Explorer in Splunk Search 06-24-2021 0 4	0	4
	Bar chart width resize in Simple XML Hello, I have created a vertical bar chart using Simple XML, My requirement is to fix the width of all the bars. I ... by dinesh_wadhwa Engager in Splunk Search 06-24-2021 0 2	0	2
	Ignore if a certain string is present in the next X min Hi, I am working on a search that looks for instances of "string1", but only those that are not followed by instances... by grasshopper_ Loves-to-Learn in Splunk Search 06-24-2021 0 3	0	3
	Error in 'IndexScopedSearch': The search failed We're trying to run a search but are getting these errors while doing so:3 errors occurred while the search was execu... by msmith12 Engager in Splunk Search 06-24-2021 0 0	0	0
	inputlookup special fields Hello,I have recently found there is a strange difference between lookup and inputlookup commands. \|makeresults \| eva... by acadea Explorer in Splunk Search 06-24-2021 0 4	0	4
	Regex help connected string I would like to extract two groups which are TestName and Model. In the second row, the TestName is connected to Mode... by moinyuso96 Path Finder in Splunk Search 06-24-2021 0 2	0	2
	inputlookup convert columns to rows I have a lookup with file_type name and a threshold per hour as the headers, like below. I would like the hour heade... by middlemiddle Explorer in Splunk Search 06-24-2021 0 2	0	2
	Get the previous day 8-9PM data based on the date selected in the query HI,While running a query I am giving timings as below 23-06-2021 01:00 to 23-06-2021 04:00 AMThe timings can change a... by SG Path Finder in Splunk Search 06-24-2021 0 1	0	1
	Exclude the logs with the same time for search results Hi Guys, I'd like to exclude the logs with same time for the search results_time _... by JiachengWei Engager in Splunk Search 06-24-2021 0 3	0	3
	How to extract, convert and show data I have following data and :......2021-06-18 21:05:45.037 +02:00 [Information] ChuteAndStatus=[20202020202020202020202... by Sentira Explorer in Splunk Search 06-23-2021 0 1	0	1
	How to get multiple lookups to work in a single search? So I am attempting to perform two lookups in a single query, and i'm receiving an error. if I remove the second look... by tmarlette Motivator in Splunk Search 06-23-2021 0 5	0	5
	How to extract, convert and show data I have following data and :......2021-06-18 21:05:45.037 +02:00 [Information] Status=[1111111111111111111111111111111... by Sentira Explorer in Splunk Search 06-23-2021 0 1	0	1
	Regex inside eval is not working I am trying to do a stats count where 2XX https response means as success and any non 2XX means that it's a failure. ... by pjtbasu Explorer in Splunk Search 06-23-2021 0 1	0	1
	[ Search] Finding the same user connecting to Okta from Separate IPs Currently trying to work out a search that would allow me to generate a notable event if a user has made successful c... by mattdev Loves-to-Learn Lots in Splunk Search 06-23-2021 0 0	0	0
	How to get two different field values In a query Hi TeamI am looking to get two different field values in a single query in Splunk, example, I have two different coun... by aaa2324 Explorer in Splunk Search 06-23-2021 0 3	0	3
	Calculate elapsed time from two events Hi,I'm sure I'm not the first to ask this question, but I can't seem to find an answer that covers what I am trying t... by timrich66 Communicator in Splunk Search 06-23-2021 0 12	0	12
	How to trigger second search based on first search where condition I have a dbquery alert which will trigger when first query has more than 250 records then second search will trigger ... by ibob0304 Communicator in Splunk Search 06-23-2021 0 15	0	15
	How to resolve "the max number of concurrent historical searches on this instance has been reached" on Skipped search? How to resolve "the max number of concurrent historical searches on this instance has been reached" on Skipped search... by SamHTexas Builder in Splunk Search 06-23-2021 0 2	0	2
	Is it possible to change default colors for charts? Is it possible to change the default colors for charts (seriesColors), preferably so that it survives an upgrade? I ... by dominiquevocat SplunkTrust in Splunk Search 06-22-2021 0 9	0	9
	Splunk dashboard using drilldown showing detailed info, but also sending email alert for us if result > 0 Guys, I've created a dashboard where I hunt IOCs from OTX intelligence across several logs in Splunk.This dashboard ... by Luciana Explorer in Splunk Search 06-22-2021 0 25	0	25
	Dashboard - How to trigger second search based on first search where condition is : first result count Please, Can someone help me here?Basically , in the first search IF the search stats count >=1 then, a second search ... by Luciana Explorer in Splunk Search 06-22-2021 0 11	0	11
	How can I use the chart to show top 100 of a json list? I have a json list like this:package: [{duration: 100, name: a}, {duration: 90, name: b} ...]and I want to show the t... by LMN007 Engager in Splunk Search 06-22-2021 0 2	0	2
	Splunk wildcard for specific position of character in a host list I have a table with more than 50000 hostnames. I want to run a wild card for 5th & 6th character in a hostname list.M... by utk123 Path Finder in Splunk Search 06-22-2021 0 2	0	2
	Simple regex extraction not working? Hi. I have an event that has the line "Total time taken for process: 535 ms" in it. it's not in a field it's just a r... by eid1550 New Member in Splunk Search 06-22-2021 0 1	0	1