Splunk Search

Community Activity

Two sets subtraction I have a two saved searches A and B. Each gives an output like below:A: hosthost1host2hos... by pitmod Explorer in Splunk Search 04-22-2021 0 1	0	1
mvexpand memory issue Hi,I have very large dataset that appears as multivalued as below: \| makeresults \| eval data1="Windows_7,Unknown,Wi... by mbasharat Builder in Splunk Search 04-22-2021 0 27	0	27
how to extract the data from json to a table show i'm trying to extract data from json and show into my dashboard but failed { "timestamp":"2021-04-22T09:14:38.727Z... by brightgong New Member in Splunk Search 04-22-2021 0 1	0	1
Subsearch with different index Hi,I am using 2 indexes (index1 and index2). I want to pull a field from index1 (URL and rename it to url_1), and the... by Godspeed_74 Loves-to-Learn Lots in Splunk Search 04-22-2021 0 1	0	1
Map, Join or ... ?? Hello community,I tried to find an answer to my problem, but it seems im incapable of finding it, so i will be postin... by un1claudiu Engager in Splunk Search 04-22-2021 0 0	0	0
how to count records in a row? Hello guys, I am new with a splunk and i need some help (also a splunk search language documentation with example).My... by Pikta Explorer in Splunk Search 04-21-2021 0 7	0	7
search on subsearch using data from main search results hello Splunkers!I've got an issue with this query, in "main search" I got data src, can I use "src" to get data on my... by taufiqkpi Loves-to-Learn in Splunk Search 04-21-2021 0 4	0	4
How do i search two seperate indexes and then output values from fields returned from each index? Hi,I am trying to search across two seperate indexes and then display fields returned from both indexes on a single l... by ezmo1982 Path Finder in Splunk Search 04-21-2021 0 6	0	6
Using a subsearch in a lookup I've got two searches I'm trying to join into one. \| localop \| ldapsearch domain=my_domain search="(&(objectCategory... by jwhughes58 Contributor in Splunk Search 04-21-2021 0 4	0	4
Reading a xml file when file is split in to two We are having a issue. Sometimes our input XML file is splint in to two.In the above image you can see, both are same... by sasireka Loves-to-Learn Lots in Splunk Search 04-21-2021 0 1	0	1
Identifying user based on IP Address/ Hostname We need to add users to our (unauthenticated) internal proxy logs. Currently the proxy logs only identity the init... by jonaclough Path Finder in Splunk Search 04-21-2021 0 4	0	4
Merge cells together when having one same Value Hello TogetherI have a little difficulty with the merging of cells. The idea is that if the results for the value Job... by lslschr Engager in Splunk Search 04-21-2021 0 2	0	2
Field Extraction : regex works fine with search using "rex" command but not with Field extraction Hello,I'm trying to analyze WatchGuard firewall logs received by Splunk using syslog on udp 514 port.I was able to fi... by Flo-Paris Explorer in Splunk Search 04-21-2021 0 4	0	4
Issue with regex and 'positive lookbehind' Hi,I'm kind of new on the Splunk world and I'm trying to create new extraction field. Here are two examples of my log... by Emp Explorer in Splunk Search 04-21-2021 0 8	0	8
field extraction Hi ,I need help in the below, There is a description column, which has likeDescriptionprocess_1_details : name : msmg... by chuck_life09 Path Finder in Splunk Search 04-21-2021 0 1	0	1
how to perform a search that has the result of another search as input Hi,i can't do a search on Splunk where the values are the result of another search.I search:index = summary \| searc... by antonio147 Communicator in Splunk Search 04-21-2021 0 17	0	17
overall sum and aggregate sum command:search....\| eval effort=exact(21+31+61+1103+7306+7505+15105+15106+15122)\| table tag,effort,16910,21,31,61,110... by yuming1127 Path Finder in Splunk Search 04-21-2021 0 4	0	4
How to use a rex field in another search I am trying the following query. However, activityId is not being passed to the second query and I am not having any ... by irvindominguezs Explorer in Splunk Search 04-20-2021 0 3	0	3
How to define a source type I have a requirement to add new data format to splunk . Below is the sample data . If i want to setup a new sourcetyp... by ethanthomas Path Finder in Splunk Search 04-20-2021 0 3	0	3
How to prevent values from appearing twice in a single cell of a table Hello Everyone I hope you are safe and sound,I'm extracting values from events that come in a Json format and after t... by andres91302 Communicator in Splunk Search 04-20-2021 1 4	1	4
Combine 2 searches to get Success and Failure Rate Hi, I am working on a requirement where I have write an alert based on the failure rate percentage of a service. Let'... by shashank_24 Path Finder in Splunk Search 04-20-2021 0 5	0	5
Table Field Actions - Workflow actions Hello,I wanted to change the actions or add a new action for the context menu of a field inside a log row. My first i... by shinobu Explorer in Splunk Search 04-20-2021 1 1	1	1
Create a Timechart to compare values from computation using multisearch and after stats Hello guys I am trying to create a timechart in my dashboard where I can show the percentage of people that enter my... by andres91302 Communicator in Splunk Search 04-20-2021 0 0	0	0
Sub Search for Spath or rex commands Hello,I am trying to use sub search to extract fields from my JSON logs. I tried with spath and also with Rex comman... by rakeshr18 Observer in Splunk Search 04-20-2021 0 2	0	2
. by Kksplunker Loves-to-Learn in Splunk Search 04-20-2021 0 5	0	5