Splunk Search

Community Activity

URL proxy block with high counts and recurring on a host Hello, i have a spike which comes from A URL being constantly blocked by proxy. I need help with a query on finding ... by brizzoh20 Observer in Splunk Search 06-02-2021 0 0	0	0
splunk query with if condition Hi Teami want to display the success and failure count for that i have only one field i.eb_failed="false"using this i... by Nith1 Path Finder in Splunk Search 06-02-2021 0 2	0	2
Show multi values Hi, i am a beginner.I have 2 sourcetype (table). One of conatins requirement_id other ones conatins Testcase_id and r... by kig121 Loves-to-Learn Lots in Splunk Search 06-02-2021 0 2	0	2
'host' field being populated automatically when indexing a report I have a report that is getting events from an existing index, processing the data and indexing again to another cust... by denissotoacc Path Finder in Splunk Search 06-02-2021 0 3	0	3
Avoid streamstats truncate to obtain previous value I have a index with the follow data:KEY_ID, GROUP, DATEWith for example:1, group1, 2021-06-011, group2, 2021-06-022, ... by DanielSp Explorer in Splunk Search 06-02-2021 0 2	0	2
Need to add Additional panel with total? Hello "Good Day"I am trying to add the extra column for totals. If you observe above picture, I have four counts of ... by renuka Path Finder in Splunk Search 06-02-2021 0 5	0	5
Drilldown close button i have a table with multiple values, and on click of any of the value, an inline panel opens (using depends option) v... by akankshayadav Path Finder in Splunk Search 06-02-2021 0 7	0	7
Instead of using Job Manager, rest call to kill/stop all running current adhoc jobs for one user? Does anyone know of a rest call that can be used to kill all adhoc queries for a user? I do not wish to all users se... by john_glasscock Path Finder in Splunk Search 06-01-2021 0 1	0	1
Searching for data from different log files with similar field names Hi,I'm new to Splunk here... I have a local instance of Splunk Enterprise on my local machine where I've created a d... by william_choo Explorer in Splunk Search 06-01-2021 0 2	0	2
Need to exculde data in search by using lookup data Hello All"Good Day"index="aedc"\| rex field=source "-_(?<source>\S+)"\| rex "(?<ModuleID>MY\d+)"\| rex "(?<Path>/F.\s\S+... by renuka Path Finder in Splunk Search 06-01-2021 0 0	0	0
How To Exclude Events from Transaction if there is Time Gap Larger than X Hello,I am creating transactions for the earliest instance of a location being reserved and that location being relea... by Traer001 Path Finder in Splunk Search 06-01-2021 0 8	0	8
How to get duration for the product A in 2 occurrences ? So what I have now from my search so farProduct Status TimeA Start 8.00 AMA ... by moinyuso96 Path Finder in Splunk Search 06-01-2021 0 2	0	2
Add field post stats and transpose commands Hi, I want my data presented in a very specific way, which means I can't go the typical route of just adding the fiel... by ebs Communicator in Splunk Search 06-01-2021 0 4	0	4
Hi, can you help me?? How can I do Three search in the same query, but the results separate for a week How can I do Three search in the same query, but the results separate for a week (the results of last 4 weeks), and t... by DavidRojas Engager in Splunk Search 06-01-2021 0 2	0	2
Inputs.conf blacklist with a negative regex Hello, I need to create a whitelist with the blacklist. I mean... I have three blacklist in the windows security i... by rafadvega Path Finder in Splunk Search 06-01-2021 1 4	1	4
Using Regex to break down a string Hello guys I hope you are all having a great weekI work in a hotel chain and we provide transportation services, but ... by cindygibbs_08 Communicator in Splunk Search 06-01-2021 0 2	0	2
Merging events from two indexes I would like to create a dashboard to query the logs of our two firewall devices (paloalto and sns). Both has their o... by corti77 Contributor in Splunk Search 06-01-2021 0 3	0	3
Iterate over lookup table to perform replace on search field I am trying to use a lookup table to perform a series of string replacements on a single field in a search resultThe ... by wanderson8 Engager in Splunk Search 06-01-2021 0 4	0	4
Proofpoint field mapping with splunk Hi,Can some body help me with a query or basic search WRT Proofpoint as source to identify spoofed emails by sankum3920 New Member in Splunk Search 06-01-2021 0 0	0	0
Total of 2 rows Hi everyone, I have a table which gives me 2 fields Username and Duration. How can I dedup the Username and add the t... by g_paternicola Path Finder in Splunk Search 06-01-2021 0 3	0	3
how to identify malformed regex ? Dear Splunker,I have a lookup, which contains all the regex patterns. I would like to identify which of them are malf... by tarunmalhotra79 Engager in Splunk Search 06-01-2021 0 5	0	5
User agent Android 10 & IOS 14 - Difficult in extracting Field Hi I am trying to extract field from the user agent details like ( Operating system, Software, Software version, Soft... by advidlan Loves-to-Learn in Splunk Search 05-31-2021 0 2	0	2
Fillnull on an eval field post stats Hi,I want to do a fillnull on an eval created field post stats but it never works quite right with either creating th... by ebs Communicator in Splunk Search 05-31-2021 0 1	0	1
Make a stats by value a separate field I've performed a stats by command I was wondering if there was a way to store all these as fields and then for the by... by ebs Communicator in Splunk Search 05-31-2021 0 5	0	5
How to use Regex to find values between two strings I have this event: <f:Table><f:Row><f:Cell>IE Group Policy</f:Cell></f:Row><f:Row><f:Cell>HKEY_LOCAL_MACHINE\SOFTWAR... by hartfoml Motivator in Splunk Search 05-31-2021 0 4	0	4