Splunk Search

Community Activity

	How to pass event time from an inner subsearch to the outer search results table? Hi, Here are my searchesindex=foo <search criteria> \| table user _timeindex=bar <search criteria> \| table user _timeT... by Glasses Builder in Splunk Search 04-29-2021 0 6	0	6
	Large scale join between two sourcetypes Hello Everyone, I have been working on a problem for the last few weeks and haven't had huge amounts of success and w... by NDolan Loves-to-Learn Lots in Splunk Search 04-29-2021 0 4	0	4
	Splunk File Download Hi all, I have used an app to generate a document that according to this log went succesfull. Is there a way to allow... by me74fhfd Path Finder in Splunk Search 04-29-2021 0 1	0	1
	Splunk query to eliminate specific events Hi All,Below is my Splunk query.I want to only eliminate the result if "UPN" & "Event_title" both are the same for 7 ... by alexspunkshell Contributor in Splunk Search 04-29-2021 0 7	0	7
	How to combine multiple rows (from sub search results) into different columns on single row (main search) I have a query that returns the following result. Column 1Column 2A1A2B1B2C1C2D1D2 And I would like to transform it ... by Raymond2T Path Finder in Splunk Search 04-29-2021 0 2	0	2
	Searching/Listing down all Installed App Usage, to find how which is the least used app. Hey all!I am tasked to do some housekeeping and find out which installed apps are being used the least so that I can ... by jawk339 Engager in Splunk Search 04-29-2021 0 2	0	2
	Splunk DB Connect and Neo4j anyone? I am trying to connect to Neo4j using their JDBC driver with no luck. Has anybody done better than this? by Paolo_Prigione Builder in Splunk Search 04-29-2021 0 7	0	7
	Get top 20 queries for avarage execution time Hello there  So, I've extracted from the log, using rex, the time, called OSY_time and each individual slow query, c... by marco_carolo Path Finder in Splunk Search 04-29-2021 0 1	0	1
	table returns duplicates for extracted Fields that are not Selected table returns duplicates for extracted Fields that are not Selected fieldsIn the following image, host is a Selected ... by johnrk Engager in Splunk Search 04-29-2021 0 4	0	4
	How do you generate CSV File on Schedule basis automatically as an attachment to Email. Hello,How do we schedule a CSV file as an attachment to the Email. What is the script that needs to be added in the s... by Dheeru Engager in Splunk Search 04-29-2021 0 1	0	1
	extract multiple values from fields in same event Hello team , I am having one event in which single field have multiple value like provided below: {"body":{"records":... by kannu Communicator in Splunk Search 04-28-2021 0 3	0	3
	regex Hi all,I have a column containingRequest = REQ_IN ...... { ...... "productId": "test", ...... { ....... "productId": ... by simo Path Finder in Splunk Search 04-28-2021 0 11	0	11
	What is the search for creating account on MAC OS? What is the search for creating account on MAC OS? by NewZealandGrom Loves-to-Learn Lots in Splunk Search 04-28-2021 0 0	0	0
	How to collect events that form part of a common tree I have a large NodeRED JSON flows.json file that I'm ingesting into Splunk. In that file there are one or more 'flows... by bowesmana SplunkTrust in Splunk Search 04-28-2021 0 0	0	0
	makemv and mvindex not working as expected I am working with JSON data type events and am trying to extract the username (user1, user2) from the pathspec data s... by ankit Explorer in Splunk Search 04-28-2021 0 3	0	3
	Find results that are not in a transaction The data is MFA attempts in O365. I have an alert that fires whenever someone denies an MFA push. The thing is, somet... by xtinas Engager in Splunk Search 04-28-2021 0 0	0	0
	Count by Day of Week I am on Day 2 with Splunk.I am trying to get the average number of records by Day of the Week (Mon, Tue, Wed, etc) of... by Craig_Ph Loves-to-Learn Lots in Splunk Search 04-28-2021 0 1	0	1
	Using like() not working in where statement I have an alerts index which has a data.rule.name field containing the following values:COVID-19 linked Cyber Attacks... by bpna Explorer in Splunk Search 04-28-2021 0 2	0	2
	Query Performace Hello, I am building a query to be able to display a line graph of status (offline, online) over a period of 30days.... by dglass0215 Path Finder in Splunk Search 04-28-2021 0 5	0	5
	Extract all key value pairs JSON I have the following log example and Splunk correctly pulls the first few fields (non-nested) as well as the first va... by kwarre3036 Explorer in Splunk Search 04-28-2021 0 6	0	6
	Dealing with Datetime in Splunk Henny! Hello respected members of the prestigious forum of SplunkI have been working with datetimes in splunk and it is maki... by andres91302 Communicator in Splunk Search 04-28-2021 0 0	0	0
	Need help on how to alert if daily count exceed 30 days average Hi all, Need some advice here. I have some logs that has the URL and the HTTP response code. Sample here POST /a... by acesolar Engager in Splunk Search 04-28-2021 0 2	0	2
	values are missing pot lookup Not able to find the stats details for all M. tried fill null . it is not working index=UA sourcetype=apps appname="... by abdul Explorer in Splunk Search 04-28-2021 0 3	0	3
	Extract fields from drop down option and use in search I have a drop down in my dashboard which looks up a csv file having client information in one of the rows named domai... by thenormalone Path Finder in Splunk Search 04-28-2021 0 2	0	2
	how to calculate how much data each search-head-clustering is searching How to calculate how much data each search-head-clustering is searching by Vignesh-107 Path Finder in Splunk Search 04-28-2021 0 3	0	3