Splunk Search

Community Activity

	Finding a way to include creator name and creation date in Indexes Hi, I'm exploring a way to get the search results for the name of Indexes, who created those indexes and creation dat... by shoaibalimir Path Finder in Splunk Search 10-09-2024 0 2	0	2
	To count the filed with different time range Hi I have events that having multiple countries... I want to count the country field and with different time range. I... by parthiban Path Finder in Splunk Search 10-09-2024 0 5	0	5
	How to use search results in a table in a new search also using row count? I'm still learning Splunk and would like to learn how to combine some searches.Goal: Use the VPN search results to pe... by dt9150813 Engager in Splunk Search 10-09-2024 0 2	0	2
	How to combain two rex I have two rex queries and want know how to combine Query : 1 index=test1 sourcetype=teams \| search "osversion=" \| re... by VRP136 Engager in Splunk Search 10-09-2024 0 1	0	1
	Run macro commands from lookup HiI'm wondering if it's possible to define and execute a macro from a lookup. I have an index with several (about 50... by apiprek2 Explorer in Splunk Search 10-09-2024 0 2	0	2
	To compare the value of particular day with the same day of the last week and last to last week. Hi Can someone please tell me how we can compare the value of a particular day with the value of the same day of last... by Real_captain Path Finder in Splunk Search 10-09-2024 0 9	0	9
	I want to group similar urls as one and get the count and average times My query is index=stuff \| search "kubernetes.labels.app"="some_stuff" "log.msg"="Response" "log.level"=30 "log.respo... by pandeyrohit51 Explorer in Splunk Search 10-09-2024 0 8	0	8
	Lookup question Hi, I'm pretty new to Splunk and I have a simple question that maybe one of you guys could help me figure out. I ha... by OgoNARA Explorer in Splunk Search 10-08-2024 0 1	0	1
	Remote connectivity (Using someone else's Splunk instance credentials to log in) I am trying to use the credentials of my friend to log into Splunk Enterprise, and I am unable to do that. Also, I am... by Haseeb_Ashiq Engager in Splunk Search 10-08-2024 0 2	0	2
	Splunk DB connect add-on InfluxDB 2.6 I have ingested data form influx DB to Splunk Enterprise using influxDB add from splunk db connect.Performing InfluxQ... by Samir1 New Member in Splunk Search 10-08-2024 0 0	0	0
	Transaction starting and ending 'event' are not always showing the correct overview Hi,I am trying to create a Transaction where my starting and ending 'event' are not always showing the correct overvi... by Sentira Explorer in Splunk Search 10-08-2024 0 6	0	6
	Match or Substring for nested object not working I am running query -> index=* source="/somesource/*" message "403"\| search level IN (ERROR)And Response is -->{<!-- -->"insta... by aniketsamudra Engager in Splunk Search 10-08-2024 0 3	0	3
	how to install splunk AI assistance Can anyone help me to provide the URL to download or steps of how to use Splunk AI. by avi7326 Path Finder in Splunk Search 10-07-2024 0 3	0	3
	TIme difference between first and last My query returns these events, i need to compute the total time A was in this state and total time B was in this stat... by darkins Engager in Splunk Search 10-07-2024 0 4	0	4
	need assistance with splunk tojson I have a splunk query which generates output in csv/table format. I wanted to convert this to a json format before wr... by sdkp03 Communicator in Splunk Search 10-07-2024 0 7	0	7
	Grouping logs by tranId, date and time Hello, I'm attempting to display a group of logs by the tranId. We log multiple user actions under a single tranId. ... by msarkaus Path Finder in Splunk Search 10-07-2024 0 2	0	2
	How to use the field extraction expression directly using a Rex command ? Hi Team Can you please let me know how can i use the below Field extraction formula directly using the rex command ? ... by Real_captain Path Finder in Splunk Search 10-07-2024 0 7	0	7
	How to Optimize Search Performance in Splunk for Large Datasets? Hi everyone,My name is Emmanuel Katto. I’m currently working on a project where I need to analyze large datasets in S... by emmanuelkatto23 New Member in Splunk Search 10-07-2024 0 3	0	3
	Script that Writes Splunk Query Based on Alerts' Results Greetings ,Does anyone know if it's possible to create a script that writes splunk search quey based on the alerts re... by SarSec New Member in Splunk Search 10-06-2024 0 2	0	2
	How to Calculate Percentage for a single value and display both Value and Percentage in the Bracket in the same Panel I have a Sample Data like below. Now i need to display single value count of Completed and Pending in 2 different sin... by Mallik657 Explorer in Splunk Search 10-05-2024 0 10	0	10
	Please help me extract the tags from json format so i can show the count and tagname in tabular format "c7n:MatchedFilters": [ "tag:ApplicationFailoverGroup", "tag:AppTier", "tag:Attributes", "tag:DBNodes", "tag:rk_aws_n... by Hemant_h Engager in Splunk Search 10-05-2024 0 8	0	8
	Splunk stats count & group by on key value using a single field How do I generate reports and run stats on key=value from just message field . Ignoring rest of the fields. {"cluster... by hthwal Explorer in Splunk Search 10-05-2024 0 11	0	11
	User Getting double field name result User receiving duplicated field names in splunk result for example when i run a search i get an output for the ... by whitecat001 Explorer in Splunk Search 10-05-2024 0 3	0	3
	Need Help with spl query Hello,I'm trying to achieve a result set which can be used in an alert later on.Basically when search is executed, it... by 807mohd Explorer in Splunk Search 10-04-2024 0 4	0	4
	Tracking ticket statuses and getting timechart to ignore empty time spans I am trying to track a set of service desk ticket status across time. The data input is a series of ticket updates t... by corecost Explorer in Splunk Search 10-04-2024 0 3	0	3