Splunk Search

Community Activity

Searching for data from different log files with similar field names Hi,I'm new to Splunk here... I have a local instance of Splunk Enterprise on my local machine where I've created a d... by william_choo Explorer in Splunk Search 06-01-2021 0 2	0	2
Need to exculde data in search by using lookup data Hello All"Good Day"index="aedc"\| rex field=source "-_(?<source>\S+)"\| rex "(?<ModuleID>MY\d+)"\| rex "(?<Path>/F.\s\S+... by renuka Path Finder in Splunk Search 06-01-2021 0 0	0	0
How To Exclude Events from Transaction if there is Time Gap Larger than X Hello,I am creating transactions for the earliest instance of a location being reserved and that location being relea... by Traer001 Path Finder in Splunk Search 06-01-2021 0 8	0	8
How to get duration for the product A in 2 occurrences ? So what I have now from my search so farProduct Status TimeA Start 8.00 AMA ... by moinyuso96 Path Finder in Splunk Search 06-01-2021 0 2	0	2
Add field post stats and transpose commands Hi, I want my data presented in a very specific way, which means I can't go the typical route of just adding the fiel... by ebs Communicator in Splunk Search 06-01-2021 0 4	0	4
Hi, can you help me?? How can I do Three search in the same query, but the results separate for a week How can I do Three search in the same query, but the results separate for a week (the results of last 4 weeks), and t... by DavidRojas Engager in Splunk Search 06-01-2021 0 2	0	2
Inputs.conf blacklist with a negative regex Hello, I need to create a whitelist with the blacklist. I mean... I have three blacklist in the windows security i... by rafadvega Path Finder in Splunk Search 06-01-2021 1 4	1	4
Using Regex to break down a string Hello guys I hope you are all having a great weekI work in a hotel chain and we provide transportation services, but ... by cindygibbs_08 Communicator in Splunk Search 06-01-2021 0 2	0	2
Merging events from two indexes I would like to create a dashboard to query the logs of our two firewall devices (paloalto and sns). Both has their o... by corti77 Contributor in Splunk Search 06-01-2021 0 3	0	3
Iterate over lookup table to perform replace on search field I am trying to use a lookup table to perform a series of string replacements on a single field in a search resultThe ... by wanderson8 Engager in Splunk Search 06-01-2021 0 4	0	4
Proofpoint field mapping with splunk Hi,Can some body help me with a query or basic search WRT Proofpoint as source to identify spoofed emails by sankum3920 New Member in Splunk Search 06-01-2021 0 0	0	0
Total of 2 rows Hi everyone, I have a table which gives me 2 fields Username and Duration. How can I dedup the Username and add the t... by g_paternicola Path Finder in Splunk Search 06-01-2021 0 3	0	3
how to identify malformed regex ? Dear Splunker,I have a lookup, which contains all the regex patterns. I would like to identify which of them are malf... by tarunmalhotra79 Engager in Splunk Search 06-01-2021 0 5	0	5
User agent Android 10 & IOS 14 - Difficult in extracting Field Hi I am trying to extract field from the user agent details like ( Operating system, Software, Software version, Soft... by advidlan Loves-to-Learn in Splunk Search 05-31-2021 0 2	0	2
Fillnull on an eval field post stats Hi,I want to do a fillnull on an eval created field post stats but it never works quite right with either creating th... by ebs Communicator in Splunk Search 05-31-2021 0 1	0	1
Make a stats by value a separate field I've performed a stats by command I was wondering if there was a way to store all these as fields and then for the by... by ebs Communicator in Splunk Search 05-31-2021 0 5	0	5
How to use Regex to find values between two strings I have this event: <f:Table><f:Row><f:Cell>IE Group Policy</f:Cell></f:Row><f:Row><f:Cell>HKEY_LOCAL_MACHINE\SOFTWAR... by hartfoml Motivator in Splunk Search 05-31-2021 0 4	0	4
Parsing kaspersky syslog events Hi community,I need help in parsing events containing not pure json.This is the raw event: May 28 15:00:15 sd960evo E... by martaBenedetti Path Finder in Splunk Search 05-31-2021 0 2	0	2
Time conversion Hi Team I have the time in this format "startTime":1606406489009 i wanted to convert it to date-month-year hour-secon... by Nith1 Path Finder in Splunk Search 05-31-2021 0 4	0	4
Add fonction AVG, STDEV and eval command to contingency command Hello,I have an excel file like this :And I wanna do this on splunk, but I can't / don't know how to do itMy request ... by yoan Explorer in Splunk Search 05-30-2021 0 2	0	2
Using a stats avg function after an eval case command to categorise Hi,I have a requirement where we need to categorise events based on the url into 4 separate categories, then calculat... by ebs Communicator in Splunk Search 05-30-2021 0 2	0	2
Dashboard base search with extra search values Hello,I have a dashboard with 3 panels that load at the same time.Almost 3 identical searches. The difference is i ad... by hvdtol Path Finder in Splunk Search 05-30-2021 0 8	0	8
Query syslog fields Dear all,I have a syslog-ng relay server collecting syslog messages from remote network devices and saving them as lo... by ChintanaM Explorer in Splunk Search 05-30-2021 0 6	0	6
X axis and y axis title font size change How to change the font size for x axis and y axis titles in splunk. Need inputs on this. by ManjunathN Engager in Splunk Search 05-30-2021 0 2	0	2
Transaction Command not returning all results Hi, I have a splunk query as below:index=platform env=sandbox http_method="GET" This gave me 1 result back.Now, when... by splunkuser1948 Engager in Splunk Search 05-29-2021 0 5	0	5