Splunk Search

Community Activity

	Regex multiple values from a string Hello,How can I extract multiple values from a string after each slash? For example below, I would like to extract f... by timyong80 Explorer in Splunk Search 05-04-2021 0 6	0	6
	Combine 2 Queries that use the same Lookup CSV but different column in Lookup Hello - I am looking for recommendations on combining 2 searches that use the same Lookup CSV but different columns i... by stevenulbrich Explorer in Splunk Search 05-04-2021 0 0	0	0
	Need help of review of 5 year old search to improve it. Hello - I have Splunk report that was generated 5 years ago. I was looking for advice. Can it be updated to work be... by stevenulbrich Explorer in Splunk Search 05-04-2021 0 3	0	3
	Is there a way to extract a part of a string using a lookup table? Hello friends,Thank you so much for your help in advance.I have a field named "ERROR_COLAB" in which a series of resp... by cindygibbs_08 Communicator in Splunk Search 05-04-2021 0 2	0	2
	extract ip username Hi, I am trying to extract the following [04 May 2021 13:13:59,786] [Nsh-Proxy-Thread-93] [INFO] [abc@abc.com:abc:10.... by dbashyam Explorer in Splunk Search 05-04-2021 0 3	0	3
	Extract specific fields from unstructured logs I have a list of unstructured logs like below for which I have to extract certain fields. Tried using "Extract fields... by Nidd Path Finder in Splunk Search 05-04-2021 0 2	0	2
	how to extract a value from a field name ? Hi,I have a table like that : testtotalproductA_xxxxproductA_zzzzproductB_xxxxproductB_zzzz1220.230.360.440.55 What I... by mah Builder in Splunk Search 05-04-2021 0 4	0	4
	Multivalue fields to Columns and values of a single event Hello,I'm trying to show this event as a table: 2021-05-04 11:28:56.722, TIME="2021-05-04 11:28:56.722", ID="0a7a270... by Matioski7 Explorer in Splunk Search 05-04-2021 0 4	0	4
	How to compare 5 different fields and get the count of their occurrence Hi Team,I would like to compare below 5 different columns and get one more column as a count.category code text cou... by aaa2324 Explorer in Splunk Search 05-04-2021 0 3	0	3
	Alert setup using lookup and WhiteList I am trying to get an alert to recognize a lookup file with a whitelist for external devices. Some devices I don't c... by bz New Member in Splunk Search 05-04-2021 0 0	0	0
	List Codes that are not in the lookup table Hi,I have a list of accounting codes in a lookup table. I use that to identify applications under that accounting cod... by aquinojason Path Finder in Splunk Search 05-04-2021 0 2	0	2
	Help on REGEX match ignoring non-mandatory string at its end Hello,i searched few hours how to extract the RULE_NAME field from my Firewall logs without success.RULE_NAME is at t... by Flo-Paris Explorer in Splunk Search 05-04-2021 0 3	0	3
	how to calculate the data received per day? Greetings!!Dear all!Hope you are well. I need your support on how to calculate the size of events we received per day... by pacifikn Communicator in Splunk Search 05-04-2021 0 4	0	4
	How to remove the dynamic date and time from the incoming raw data and get the count How to compare the incoming data with dynamic date and time with the lookup table, examplei have incoming data in bel... by aaa2324 Explorer in Splunk Search 05-03-2021 0 3	0	3
	Splunk dashboard Hi TeamI have the required data in one of the fields but the logs are not in order how can i extract the required dat... by Nith1 Path Finder in Splunk Search 05-03-2021 0 1	0	1
	Outlier Dip Trough Detection I am working on time series data and would like to detect these type of trough's in the graphs. The y axis is netwo... by pjohnson1 Path Finder in Splunk Search 05-03-2021 0 4	0	4
	Find average time duration in hh:mm I am trying to find the average time duration in hh:mm from the data in one column. Below is the search query which g... by ajmanish New Member in Splunk Search 05-03-2021 0 1	0	1
	Search shows zero results when searching a field defined by search time extraction index=environment sourcetype=infinity_thermostat < shows all the extracted fields and values under "Interesting Field... by nortonjco Explorer in Splunk Search 05-03-2021 0 2	0	2
	Case statement with a regex? I'm trying to use a case statement and assign part of a field for each case statement. For example case(len(field)=5,... by klim Path Finder in Splunk Search 05-03-2021 0 2	0	2
	inputs.conf entry to get linux operating system name and version Greetings -I do have the TA for nix.I spend a couple of hours scouring all my resources and looking at the TA_nix wh... by jcorcoran508 Path Finder in Splunk Search 05-03-2021 0 1	0	1
	Why is my Fast mode search submitted via Python SDK being executed in Verbose mode? I have submitted the following query via Python SDK: earliest=-1d@d latest=@d \| eval size_B=len(_raw) \| eval mytime=... by sl4dy Explorer in Splunk Search 05-03-2021 0 4	0	4
	Replacing commas with another character for part of _raw Within _raw we have this segment - SQL_TEXT="grant create database link to aaa01, bbb02, yyy03, xxx04", We would like... by danielbb Motivator in Splunk Search 05-03-2021 0 4	0	4
	I keep getting an error when trying to run a search. Not sure if this causes Splunk to timeout or if it is my syntax in my html file. The error I receive with this search causes me this error. Error in 'dbxquery' command: External search command exi... by bmendez0428 Explorer in Splunk Search 05-03-2021 0 2	0	2
	Lookup instead of join Currently I am using below query to run my search to get the common event in tc and email,\|inputlookup tc \| search ty... by Janani_Krish Path Finder in Splunk Search 05-03-2021 0 17	0	17
	backup/export regex saved in extracted field Hi,Is there any way to backup/export regex saved in extracted fields as we want to use new instance as a search head ... by sh_tavousi Explorer in Splunk Search 05-03-2021 0 1	0	1