Splunk Search

Community Activity

SENS-PRD splunk not listing events in search result Good morning. I added new PRD Splunk forwarders and sourcetypes last Wednesday night, June 9. I can see the events in... by anil1432 Explorer in Splunk Search 06-13-2021 0 1	0	1
How my file path name is modified automatically I have one file which is monitoring from 1 year in deployment server in inputs my file name is sourcetype: D:\Appl... by anil1432 Explorer in Splunk Search 06-13-2021 0 2	0	2
Subsearch error Hii everyone, Please can any one do splunk query optimization.Phenomenon we are facingThe report count looks incorrec... by anil1432 Explorer in Splunk Search 06-13-2021 0 2	0	2
Saved searches lifetime: difference between dispatch.ttl and alert.expires in savedsearches.conf I'm trying to accurately control the lifetime of the search artifacts of a saved search. I have set the "Expiry" time... by BernardEAI Communicator in Splunk Search 06-12-2021 0 2	0	2
Is there an SPL search for Searches (saved or scheduled) that run in Real time? Is there an SPL search for Searches (saved or scheduled) that run in Real time? Should the all scheduled or saved sea... by SamHTexas Builder in Splunk Search 06-12-2021 0 6	0	6
Plot average time between events. Can someone help me with the query to plot average time between events matching a field having certain value e.g msg=... by picktheneedle Loves-to-Learn in Splunk Search 06-12-2021 0 1	0	1
Fill Multiple values in a field I have some numeric values that is coming from job search results and the result is saved in tokens. These values are... by Jazzyb New Member in Splunk Search 06-12-2021 0 2	0	2
How to deal with varied time formats? I have some data containing timestamps with varied formats, e.g., sometimes "%m/%d/%y %H:%M", sometimes use "%m/%d/%Y... by yuanliu SplunkTrust in Splunk Search 06-12-2021 0 3	0	3
Filter Specific results & include specific result in query If the user's AD & Logon locations are the same, then I am filtering the results with the below query. \| rex field=Lo... by alexspunkshell Contributor in Splunk Search 06-12-2021 0 6	0	6
How do you use tstats to list the number of unique hosts over time? Hi, Is there a way to use the tstats command to list the number of unique hosts that report into Splunk over time? ... by a212830 Champion in Splunk Search 06-12-2021 0 3	0	3
Query with bin and stat calculations produces different results I'm trying to get the total number of hours a user is connected to a workspace per month. I am getting the raw data ... by ChihiroK New Member in Splunk Search 06-12-2021 0 2	0	2
How to drop extra fields while maintaining groupby? To groupby? Or not to groupby? That is the question. (Not really. The question arises because trellis splitby seem... by yuanliu SplunkTrust in Splunk Search 06-11-2021 0 1	0	1
How to Extract Any Values With a Decimal in my Rex String Hello,This may be an easy one, but I've been struggling with finding an answer for it.I have events that look like th... by Traer001 Path Finder in Splunk Search 06-11-2021 1 2	1	2
How to find standard deviation of the aliase I calculate the mean of the four weeks using the aliases, but how do I calculate the standard deviation of the four p... by aayushshah Engager in Splunk Search 06-11-2021 0 4	0	4
Showing >100% Complete status Using Python in Jupyter notebooks to run Splunk API. The queries run fine from both Python and Splunk itself. However... by kcull997 Observer in Splunk Search 06-11-2021 0 0	0	0
Subsearch filtering not working between sourcetypes Just started getting data flowing from a new machine that produces data which is similar in content, but different in... by jcarlock Explorer in Splunk Search 06-11-2021 0 2	0	2
How to get the total sum value and top 10 values in same timechart I am trying to get the top 10 users based on GB used in a timechart graph visualization and also the the total GB us... by vrmandadi Builder in Splunk Search 06-11-2021 0 0	0	0
How to get top 10 users by usage per day for last 30 days I have an index which gives user information of how much GB of data they used and from what source .I would like to g... by vrmandadi Builder in Splunk Search 06-11-2021 0 5	0	5
How to filter results from Lookup? In my search results, I have multiple results for "Alert" & "UPN"I want to only include "Alert=Anonymous IP address" ... by alexspunkshell Contributor in Splunk Search 06-11-2021 0 1	0	1
Search for multiple login attempts from same IP Hi,I try to find out a way to search for login events(bruteforce)were the user comes from one IP address and tries mu... by anomalyfinder Engager in Splunk Search 06-11-2021 0 2	0	2
API search query help hi me again. need help.this search string works perfectly fine when doing search int he guithis search works fine in ... by thaghost99 Path Finder in Splunk Search 06-11-2021 0 7	0	7
Delete logs Hi All,How can I delete my logs permanently Request to delete old Splunk logs for EMS and Truvue webservices that are... by anil1432 Explorer in Splunk Search 06-11-2021 0 3	0	3
how to filter the data from logs Hi Teami have a field agentId where i can find my data that is required data(i.e)cname=abc ,cname=xyz and so on ,whil... by Nith1 Path Finder in Splunk Search 06-11-2021 0 2	0	2
Can not searching by date in inputlookup es_notable_events Hi, please help to make search by date in inputlookup "es_notable_events". I thried to search by "earliest" its not w... by Dmitriy Explorer in Splunk Search 06-11-2021 0 3	0	3
HEC - WARN HttpListener - Read Timeout communicating with x.x.x.x:61888, disconnecting My splunk HEC server disconnecting the HEC connections from the clients when clients trying to send the log over HE... by splunkhu123 Loves-to-Learn in Splunk Search 06-10-2021 0 0	0	0