Splunk Search

Community Activity

	Outputlookup Removes Multivalue Fields I had an extremely expensive query that would return results in this format: I needed to speed up the query because... by david_rose Communicator in Splunk Search 05-27-2021 0 7	0	7
	Avg and most common Search time frame A quick search didn't find anything. I am looking to determine what the most used and avg Search window is. I.e. how ... by cboillot Contributor in Splunk Search 05-27-2021 0 3	0	3
	How to filter out results where an extra event is present Hello,I have events that look like this:2021-05-27 14:33:44 UserId:123 Begin Fix for Issue:4354657687 <-- extra/de... by Traer001 Path Finder in Splunk Search 05-27-2021 0 0	0	0
	I need to display field value in dashboard from realtime log Hi,I have logs coming from 5 servers, consider each sends status data everytime there is change in status, So I want ... by Sangu Explorer in Splunk Search 05-27-2021 0 1	0	1
	Show only those users who exceed percentage of a certain value I have a preliminary search of a web-server-like log that looks like:index=whatever Method=GET\| where Response in (20... by plucas_splunk Splunk Employee in Splunk Search 05-27-2021 0 5	0	5
	Splunk Search to see which queries they ran and exported out of Splunk I have a need to pull all the users and the files/sourcetype or queries they ran to export data out of splunkI found ... by puneetkharband1 Path Finder in Splunk Search 05-27-2021 0 1	0	1
	Issue with dbinspect command Splunk version 7.3.6When I run \| dbinspect index=* I receive the expected output but only for hot/warm buckets. Is... by ericjorgensenjr Path Finder in Splunk Search 05-27-2021 0 1	0	1
	Join alternatives I've read in other posts that using join in Splunk isn't great so I'm looking for a better way to do my search.I want... by LynneEss Engager in Splunk Search 05-27-2021 0 4	0	4
	How to get intersection of two sets ? Hello folks,Thanks to visit my question.Users are getting two kinds of errors say A and B one at a time. Both cannot ... by Sid_kum Explorer in Splunk Search 05-27-2021 0 5	0	5
	Create a chart with stacked success status and status>500 Hello there. I've a series of GET/POST request.The request is to have inside the dashboard a stacked column graph tha... by marco_carolo Path Finder in Splunk Search 05-27-2021 0 1	0	1
	eval strftime to create current_hour (HH:MM) to be used with inputlookup fields I have a lookup with the files that should be sent each hour (common/flat file names) with the hour as the header, I ... by middlemiddle Explorer in Splunk Search 05-27-2021 0 2	0	2
	Add stopwords to tfidf command in splunk I have the following search: earliest=-1d@d latest=@d index=cdb_summary sourcetype=cfg_summary source=CDM_*_Daily_Sum... by parkz Explorer in Splunk Search 05-27-2021 0 0	0	0
	how to store a value from rex and reuse this value in another search Dear fellows,I have two logs and i am looking to do some correlation between them.In the log1, i am looking for IP_x ... by silverem78 Engager in Splunk Search 05-27-2021 0 5	0	5
	same field name exists in two indexes but with different values Hola splunker. i performed a search using two indexes, but these tow indexes have different fields that uses the same... by moayadalghamdi Path Finder in Splunk Search 05-27-2021 0 5	0	5
	Find out index of hosts sending new since 24hrs HiI wanted to write a search that show all hosts that sends new since 24hrs into Splunk. The problem now is that I wa... by lslschr21 Loves-to-Learn Lots in Splunk Search 05-27-2021 0 0	0	0
	Search using two indexes Hola Splunkers !! i want to search in two indexes with one common values in between, for exapmle: index=Exchange_serv... by moayadalghamdi Path Finder in Splunk Search 05-27-2021 0 1	0	1
	Is there a way to deduplicate event in summary index I created a report for finding list intersection of two setA: inputlookup spam_ip (Indicator of compromise)B: index=m... by Daniel_Pham Explorer in Splunk Search 05-27-2021 0 2	0	2
	How to print latest value and average value of a column Hi, I have a list of values as shown below from the above picture data I wanted to pick the average of each column's ... by SG Path Finder in Splunk Search 05-26-2021 0 2	0	2
	Calculate performance metrics for different categories in a single search Hi,Bit out of my depth here but I have done an eval so we divide the events in the index by the URLs and I have 4 cat... by ebs Communicator in Splunk Search 05-26-2021 0 0	0	0
	How to filter a field by common words I have a field of titles that are filled with sentences about why a test was failed in a security audit, but they are... by parkz Explorer in Splunk Search 05-26-2021 0 1	0	1
	regex vs where match() I've never used \|regex, but use \|where match() quite often. Is the former just syntax sugar or is there any differen... by yuanliu SplunkTrust in Splunk Search 05-26-2021 0 4	0	4
	SPL to find all UF clients that picked up specific deployment app? Hi,I know there are other ways to get this through the deployment server, but I'm trying to find a SPL to get results... by dkr3500 Path Finder in Splunk Search 05-26-2021 0 1	0	1
	Design a search for find list intersection of kvstore and inndex and put them to summary index I'm new to Splunk And I'm trying to build summary index i have KVStore and indexA: inputlookup spam_ip (which is Indi... by Daniel_Pham Explorer in Splunk Search 05-26-2021 0 7	0	7
	Alltime-Realtime Able to See Data - Zero Data for Historical Searches Strangest thing. I have some Infoblox logs coming in from a Syslog-NG server where we have a UF installed. UF is succ... by bitofrumncoke New Member in Splunk Search 05-26-2021 0 2	0	2
	Regex to extract whole line from raw data Hello,I am trying to extract the full line from the raw data log matching a pattern in the line. Sample data:blah bl... by nm8181 Engager in Splunk Search 05-26-2021 0 2	0	2