Splunk Search

Community Activity

How to table out two string fields under one field/column? \| eval Alert_Message_DISK = status_disk.": Disk utilization for ".host." is ".total_disk_utilization."%" \| eval Ale... by FaridHamidi Engager in Splunk Search 06-10-2021 0 1	0	1
Rex command to Show number values between two fields How to use Rex command to show Value in between 'Id' and `language` for example 0827ce61-e07c-4b51-a052-681dcc94fa2f ... by rajasplunk89 Engager in Splunk Search 06-10-2021 0 15	0	15
How to get notified for indexer automatic detention Im not seeing any way Splunk will notify regarding automatic detention, which usually happens because of disk space i... by jpillai Path Finder in Splunk Search 06-10-2021 0 5	0	5
Using regex in field extraction Hi, I'm trying to create a field extraction(extension) that goes off an existing field(TargetFilename) but it isn't w... by TheBravoSierra Path Finder in Splunk Search 06-09-2021 0 8	0	8
How to obtain valid value of a field among known bad ones I have some data with flip-flop values akin to the following simulation \| makeresults count=20 \| eval id = "id" . (ra... by yuanliu SplunkTrust in Splunk Search 06-09-2021 0 3	0	3
Regex in transforms.conf I'm trying to get this extraction for the filename to work via transforms.conf but it isn't working. Any ideas?[My_so... by TheBravoSierra Path Finder in Splunk Search 06-09-2021 0 2	0	2
How to retrieve a field named as "source" in a search Hi,I was able to do a search using this SPLindex="myapp_index" source="d:\\splunk\\test.json" \| spath input=payload \|... by william_choo Explorer in Splunk Search 06-09-2021 0 4	0	4
get all csv names in a splunk environment How to get all the csv names present in Splunk environment ? Lets say, i have 1000+ csv and i want to get all csv nam... by Saikat001 Explorer in Splunk Search 06-09-2021 0 2	0	2
Display table of top 5 URL with their status and percentage Need a table to show top 5 URL as given below in splunk. Is this possible in splunk? I tried many ways but I cant get... by Augustine_Vijay Explorer in Splunk Search 06-09-2021 0 16	0	16
Finding a host from multiple csv Lets say, i have 1000+ csv and i want to find a host that might be present in multiple csv's. i want to find and retu... by Saikat001 Explorer in Splunk Search 06-09-2021 0 1	0	1
Error while search query executing Any idea what this error is. I am getting the desired results with the query but it throws below error while executin... by harry_123 Loves-to-Learn Lots in Splunk Search 06-09-2021 0 1	0	1
tstats search fails when attempting cidr match on IPv6 subnets Attempting to run a tstats search that excludes a collection of IPv6 ranges from the results as follows:\| tstats summ... by jpawloski Path Finder in Splunk Search 06-09-2021 0 0	0	0
How to create a condition on one event based on the values of another event Hi all, I have a situation like the following:I have some events with a start and end time that tell me when there ha... by tommasoscarpa Explorer in Splunk Search 06-09-2021 0 3	0	3
How to pass earliest/latest and time input to the search as the same token to the searches in the dashboard? I have created a time input and also two text boxes to pass earliest and latest values to the searches.When I select ... by sbollam Explorer in Splunk Search 06-09-2021 0 4	0	4
Extracting information nested in a JSON-like format Hello,I'm designing some searches from O365 logs that have a complicated field called "Data", depending on the worklo... by husse_wl Loves-to-Learn in Splunk Search 06-09-2021 0 2	0	2
StreamingCommand block when input contains non-ascii character Environment: splunk8.0 python3 splunk python SDK 1.6.11 When I write a customized command with python: #!/usr/bin/e... by jeffcui134 Engager in Splunk Search 06-09-2021 1 3	1	3
lookup returns multivalue on match of single field? Hi,Strange behavior with Automatic lookup (same with manual lookup).I have csv file that contains codes, example:1 - ... by jbanAtSplunk Communicator in Splunk Search 06-09-2021 0 2	0	2
Dynamic search for multi sources Hi All,I need some help in searching,so I have 1 index but it has multiple sources,Index = Index1and within the index... by Laxman24 Explorer in Splunk Search 06-09-2021 0 2	0	2
need search with if condition Am getting data in this format now.but i need to show only those row where sum of all column values are > 500am tryi... by avikc100 Path Finder in Splunk Search 06-09-2021 0 3	0	3
Port flapping MAC search Hi team!Couldn't find any info about it....but how make a proper search string to see what MAC address was on flappin... by sSiDs New Member in Splunk Search 06-08-2021 0 1	0	1
How to Keep Fields from Becoming Multivalued Hello,I have events like this:2021-06-07 17:53:01 UserId:123 Session complete2021-06-07 17:25:01 UserId:123 Start ses... by Traer001 Path Finder in Splunk Search 06-08-2021 0 1	0	1
How to Get An Event from Within a Transaction Hello,I am trying to get an event inside of a transaction to use for duration calculation. My events currently look l... by Traer001 Path Finder in Splunk Search 06-08-2021 0 1	0	1
Why custom search command not working without being prefixed by dedup Hi,I created a custom StreamingCommand which makes REST API calls to get user details, based on a userid.If command i... by Cristian Observer in Splunk Search 06-08-2021 0 0	0	0
Transaction global status Hi,I have some events like :---------------------------------TXID;RECEIVER;STATUSAA11;RCV00001;OKAA11;RCV00001;KOAA11... by Atif Explorer in Splunk Search 06-08-2021 0 2	0	2
limits.conf, non-global settings local to specific App All, Hopefully a straightforward question.Is it possible to increase the following setting in a .../appname/local/lim... by actionabledata Path Finder in Splunk Search 06-08-2021 0 1	0	1