Splunk Search

Community Activity

rex for extracting particular keyword in logs I am searching for exceptions/the type of exception in logs and using below query-index=abcd ("Exception" OR "excep... by prajwal_94 Explorer in Splunk Search 05-01-2021 0 1	0	1
foreach and fit I have a timechart with more than 1 time series and would like to run the fit command on each of the time series sepa... by pjohnson1 Path Finder in Splunk Search 04-30-2021 0 2	0	2
Basic percentage question I am trying to count click through, the percent of total clicks over total searches. index=basesearch action=click O... by user93 Communicator in Splunk Search 04-30-2021 0 1	0	1
use "others" for lookup results Hi,Currently I am using a lookup table to match an account code to an application. How can I make it in such a way th... by aquinojason Path Finder in Splunk Search 04-30-2021 0 3	0	3
Date extraction command Question for LDAP dump hi there- I tried a few things already, but looking to get guidence on this one- I am using the LDAP query module in ... by daryllj Path Finder in Splunk Search 04-30-2021 0 2	0	2
Creating a chart based on time values, not epoch time Is it possible to create a chart using time values "4:53:43" vs. converting them to epoch time "1505930393"? I'd li... by loatswil Path Finder in Splunk Search 04-30-2021 0 3	0	3
What is the max search limit for a macro Hello, I have a macro that calls other macros in order to have a simple view of the code search.The thing is that whe... by xyz123 Explorer in Splunk Search 04-30-2021 0 0	0	0
Extract InProgress Transaction I want to filter out transactions(where status ="InProgress ") that started in the previous slot and those completed ... by manvi_spl8 New Member in Splunk Search 04-30-2021 0 3	0	3
How to compare events using two values of a multi-value field. Hello all, I have been struggling for a while now to create a query for comparing the events using two different valu... by parthmadane Explorer in Splunk Search 04-30-2021 0 6	0	6
Calculate time difference with extracted fields and offset time zones I've got logs that contain a timestamp in 24 hour YYYY-MM-DD HH:MM:ss:SSS format (example: 2021-04-29 18:43:07.557). ... by mrhodes93 Explorer in Splunk Search 04-30-2021 0 1	0	1
Search with a Variable Hi Team How are u?I have a little questionI have a index with same informations, index="epo" source="endpoint" In ... by JuanAntunes Explorer in Splunk Search 04-30-2021 0 3	0	3
Why are empty emails being sent using map & sendemail commands in my search and how do I prevent this? Hi. I tried to send an email for each event when triggered. I used map and sendemail commands, but there is an emp... by splunkrocks2014 Communicator in Splunk Search 04-29-2021 0 7	0	7
Splunk 8.0 sendemail/subsearch issues after upgrading Recently upgraded from 7.2.3 to 8.0 and a previously configured scheduled alert is not longer sending emails correctl... by aallred Engager in Splunk Search 04-29-2021 1 6	1	6
How to Use Earliest Starting Field in Transaction Hello,I have events that look like this (for a user with id 123):2021-04-29 14:30:45 Notification Received [User Id:1... by Traer001 Path Finder in Splunk Search 04-29-2021 0 2	0	2
Splunk Case-Sensitive Search Hi,Can someone help me with the regex command for below?\| search ="UPN=*T@mail.cloud"Thanks in advance! by alexspunkshell Contributor in Splunk Search 04-29-2021 0 3	0	3
How to pass event time from an inner subsearch to the outer search results table? Hi, Here are my searchesindex=foo <search criteria> \| table user _timeindex=bar <search criteria> \| table user _timeT... by Glasses Builder in Splunk Search 04-29-2021 0 6	0	6
Large scale join between two sourcetypes Hello Everyone, I have been working on a problem for the last few weeks and haven't had huge amounts of success and w... by NDolan Loves-to-Learn Lots in Splunk Search 04-29-2021 0 4	0	4
Splunk File Download Hi all, I have used an app to generate a document that according to this log went succesfull. Is there a way to allow... by me74fhfd Path Finder in Splunk Search 04-29-2021 0 1	0	1
Splunk query to eliminate specific events Hi All,Below is my Splunk query.I want to only eliminate the result if "UPN" & "Event_title" both are the same for 7 ... by alexspunkshell Contributor in Splunk Search 04-29-2021 0 7	0	7
How to combine multiple rows (from sub search results) into different columns on single row (main search) I have a query that returns the following result. Column 1Column 2A1A2B1B2C1C2D1D2 And I would like to transform it ... by Raymond2T Path Finder in Splunk Search 04-29-2021 0 2	0	2
Searching/Listing down all Installed App Usage, to find how which is the least used app. Hey all!I am tasked to do some housekeeping and find out which installed apps are being used the least so that I can ... by jawk339 Engager in Splunk Search 04-29-2021 0 2	0	2
Splunk DB Connect and Neo4j anyone? I am trying to connect to Neo4j using their JDBC driver with no luck. Has anybody done better than this? by Paolo_Prigione Builder in Splunk Search 04-29-2021 0 7	0	7
Get top 20 queries for avarage execution time Hello there  So, I've extracted from the log, using rex, the time, called OSY_time and each individual slow query, c... by marco_carolo Path Finder in Splunk Search 04-29-2021 0 1	0	1
table returns duplicates for extracted Fields that are not Selected table returns duplicates for extracted Fields that are not Selected fieldsIn the following image, host is a Selected ... by johnrk Engager in Splunk Search 04-29-2021 0 4	0	4
How do you generate CSV File on Schedule basis automatically as an attachment to Email. Hello,How do we schedule a CSV file as an attachment to the Email. What is the script that needs to be added in the s... by Dheeru Engager in Splunk Search 04-29-2021 0 1	0	1