Splunk Search

Community Activity

I want to group similar urls as one and get the count and average times My query is index=stuff \| search "kubernetes.labels.app"="some_stuff" "log.msg"="Response" "log.level"=30 "log.respo... by pandeyrohit51 Explorer in Splunk Search 10-09-2024 0 8	0	8
Lookup question Hi, I'm pretty new to Splunk and I have a simple question that maybe one of you guys could help me figure out. I ha... by OgoNARA Explorer in Splunk Search 10-08-2024 0 1	0	1
Remote connectivity (Using someone else's Splunk instance credentials to log in) I am trying to use the credentials of my friend to log into Splunk Enterprise, and I am unable to do that. Also, I am... by Haseeb_Ashiq Engager in Splunk Search 10-08-2024 0 2	0	2
Splunk DB connect add-on InfluxDB 2.6 I have ingested data form influx DB to Splunk Enterprise using influxDB add from splunk db connect.Performing InfluxQ... by Samir1 New Member in Splunk Search 10-08-2024 0 0	0	0
Transaction starting and ending 'event' are not always showing the correct overview Hi,I am trying to create a Transaction where my starting and ending 'event' are not always showing the correct overvi... by Sentira Explorer in Splunk Search 10-08-2024 0 6	0	6
Match or Substring for nested object not working I am running query -> index=* source="/somesource/*" message "403"\| search level IN (ERROR)And Response is -->{<!-- -->"insta... by aniketsamudra Engager in Splunk Search 10-08-2024 0 3	0	3
how to install splunk AI assistance Can anyone help me to provide the URL to download or steps of how to use Splunk AI. by avi7326 Path Finder in Splunk Search 10-07-2024 0 3	0	3
TIme difference between first and last My query returns these events, i need to compute the total time A was in this state and total time B was in this stat... by darkins Engager in Splunk Search 10-07-2024 0 4	0	4
need assistance with splunk tojson I have a splunk query which generates output in csv/table format. I wanted to convert this to a json format before wr... by sdkp03 Communicator in Splunk Search 10-07-2024 0 7	0	7
Grouping logs by tranId, date and time Hello, I'm attempting to display a group of logs by the tranId. We log multiple user actions under a single tranId. ... by msarkaus Path Finder in Splunk Search 10-07-2024 0 2	0	2
How to use the field extraction expression directly using a Rex command ? Hi Team Can you please let me know how can i use the below Field extraction formula directly using the rex command ? ... by Real_captain Path Finder in Splunk Search 10-07-2024 0 7	0	7
How to Optimize Search Performance in Splunk for Large Datasets? Hi everyone,My name is Emmanuel Katto. I’m currently working on a project where I need to analyze large datasets in S... by emmanuelkatto23 New Member in Splunk Search 10-07-2024 0 3	0	3
Script that Writes Splunk Query Based on Alerts' Results Greetings ,Does anyone know if it's possible to create a script that writes splunk search quey based on the alerts re... by SarSec New Member in Splunk Search 10-06-2024 0 2	0	2
How to Calculate Percentage for a single value and display both Value and Percentage in the Bracket in the same Panel I have a Sample Data like below. Now i need to display single value count of Completed and Pending in 2 different sin... by Mallik657 Explorer in Splunk Search 10-05-2024 0 10	0	10
Please help me extract the tags from json format so i can show the count and tagname in tabular format "c7n:MatchedFilters": [ "tag:ApplicationFailoverGroup", "tag:AppTier", "tag:Attributes", "tag:DBNodes", "tag:rk_aws_n... by Hemant_h Engager in Splunk Search 10-05-2024 0 8	0	8
Splunk stats count & group by on key value using a single field How do I generate reports and run stats on key=value from just message field . Ignoring rest of the fields. {"cluster... by hthwal Explorer in Splunk Search 10-05-2024 0 11	0	11
User Getting double field name result User receiving duplicated field names in splunk result for example when i run a search i get an output for the ... by whitecat001 Explorer in Splunk Search 10-05-2024 0 3	0	3
Need Help with spl query Hello,I'm trying to achieve a result set which can be used in an alert later on.Basically when search is executed, it... by 807mohd Explorer in Splunk Search 10-04-2024 0 4	0	4
Tracking ticket statuses and getting timechart to ignore empty time spans I am trying to track a set of service desk ticket status across time. The data input is a series of ticket updates t... by corecost Explorer in Splunk Search 10-04-2024 0 3	0	3
Compare two indexes and report on mismatch I'm comparing two indexes, A and B, using the hostname as the common field. My current search successfully identifies... by Richy_s Path Finder in Splunk Search 10-04-2024 0 11	0	11
Using a lookup table in a base search I have a lookup table that we update on daily basis with two fields that are relevant here, NAME and ID. NAMEIDToront... by DATT Path Finder in Splunk Search 10-04-2024 0 6	0	6
How to get ingest volume for 1200 sourcetypes ? i have a query that will calculate the volume of data ingested in a sourcetype-- index=federated:infosec_apg_share... by sverdhan Loves-to-Learn Lots in Splunk Search 10-04-2024 0 2	0	2
How to filter on KV Store lookup time-based fields using a time picker? I have a large data set in my KV Store collections. These fields also contains time specific fields. I would like to ... by nawneel Communicator in Splunk Search 10-04-2024 1 7	1	7
Report a value from a field to another result line Hello community,I need to set up a dashboard that tracks the status of an alert from Splunk OnCall. An alert can have... by Rajaion Path Finder in Splunk Search 10-04-2024 0 4	0	4
How to find SQL Injection activity or OWASP attack through the Splunk Hi Guys, How to find SQL Injection activity or OWASP attacks through the Splunk by Steave4app New Member in Splunk Search 10-04-2024 0 4	0	4