Splunk Search

Community Activity

Reading a xml file when file is split in to two We are having a issue. Sometimes our input XML file is splint in to two.In the above image you can see, both are same... by sasireka Loves-to-Learn Lots in Splunk Search 04-21-2021 0 1	0	1
Identifying user based on IP Address/ Hostname We need to add users to our (unauthenticated) internal proxy logs. Currently the proxy logs only identity the init... by jonaclough Path Finder in Splunk Search 04-21-2021 0 4	0	4
Merge cells together when having one same Value Hello TogetherI have a little difficulty with the merging of cells. The idea is that if the results for the value Job... by lslschr Engager in Splunk Search 04-21-2021 0 2	0	2
Field Extraction : regex works fine with search using "rex" command but not with Field extraction Hello,I'm trying to analyze WatchGuard firewall logs received by Splunk using syslog on udp 514 port.I was able to fi... by Flo-Paris Explorer in Splunk Search 04-21-2021 0 4	0	4
Issue with regex and 'positive lookbehind' Hi,I'm kind of new on the Splunk world and I'm trying to create new extraction field. Here are two examples of my log... by Emp Explorer in Splunk Search 04-21-2021 0 8	0	8
field extraction Hi ,I need help in the below, There is a description column, which has likeDescriptionprocess_1_details : name : msmg... by chuck_life09 Path Finder in Splunk Search 04-21-2021 0 1	0	1
how to perform a search that has the result of another search as input Hi,i can't do a search on Splunk where the values are the result of another search.I search:index = summary \| searc... by antonio147 Communicator in Splunk Search 04-21-2021 0 17	0	17
overall sum and aggregate sum command:search....\| eval effort=exact(21+31+61+1103+7306+7505+15105+15106+15122)\| table tag,effort,16910,21,31,61,110... by yuming1127 Path Finder in Splunk Search 04-21-2021 0 4	0	4
How to use a rex field in another search I am trying the following query. However, activityId is not being passed to the second query and I am not having any ... by irvindominguezs Explorer in Splunk Search 04-20-2021 0 3	0	3
How to define a source type I have a requirement to add new data format to splunk . Below is the sample data . If i want to setup a new sourcetyp... by ethanthomas Path Finder in Splunk Search 04-20-2021 0 3	0	3
How to prevent values from appearing twice in a single cell of a table Hello Everyone I hope you are safe and sound,I'm extracting values from events that come in a Json format and after t... by andres91302 Communicator in Splunk Search 04-20-2021 1 4	1	4
Combine 2 searches to get Success and Failure Rate Hi, I am working on a requirement where I have write an alert based on the failure rate percentage of a service. Let'... by shashank_24 Path Finder in Splunk Search 04-20-2021 0 5	0	5
Table Field Actions - Workflow actions Hello,I wanted to change the actions or add a new action for the context menu of a field inside a log row. My first i... by shinobu Explorer in Splunk Search 04-20-2021 1 1	1	1
Create a Timechart to compare values from computation using multisearch and after stats Hello guys I am trying to create a timechart in my dashboard where I can show the percentage of people that enter my... by andres91302 Communicator in Splunk Search 04-20-2021 0 0	0	0
Sub Search for Spath or rex commands Hello,I am trying to use sub search to extract fields from my JSON logs. I tried with spath and also with Rex comman... by rakeshr18 Observer in Splunk Search 04-20-2021 0 2	0	2
. by Kksplunker Loves-to-Learn in Splunk Search 04-20-2021 0 5	0	5
How can I Find what system or host a user is currently logged in to? Hi,I am very new to Splunk.I searched for this but, could not find a match..Is it possible to find what system or hos... by TGel Observer in Splunk Search 04-20-2021 0 3	0	3
Subsearch Join with a where clause <= comparison to field from main search I have a problem I'm trying to solve in a subsearch query.The problem I'm trying to solve, is to monitor when two sep... by kfancy New Member in Splunk Search 04-20-2021 0 2	0	2
searching issue Hi Guys,We have this query which will give the output as a table with 3 columns in it by name Servername, ServerIP an... by roopeshetty Path Finder in Splunk Search 04-20-2021 0 4	0	4
Search w/Inputlookup Subsearch Not Working Hello Experts,I am new to Splunk and trying to get a search query with subsearch to work. Here is what I have so far:... by Kevin_S Explorer in Splunk Search 04-20-2021 0 4	0	4
how to get data as per _time when count is 0 index=dummy <mySearchCondition>\| search response_code1!=200\| stats countwhen i search for this query i get output as ... by Learner Path Finder in Splunk Search 04-20-2021 0 1	0	1
Adding field to event without altering existing field I have an index that have a field called ISSUER_NAME, but now we have a new set of events (different log structure) t... by phamxuantung Communicator in Splunk Search 04-20-2021 0 1	0	1
Different type of parcing in a single index The requirement is, there is a single index . Data in three different format and there is an InputType coming in the ... by ethanthomas Path Finder in Splunk Search 04-19-2021 0 3	0	3
Trying to create and populate a ProcessingTime field from 2 time fileds I have a log that that has multiple utc times listed. The logs are ingested into Splunk and I have created a field ex... by kesrich Explorer in Splunk Search 04-19-2021 0 3	0	3
Create Timechart from multisearch Hello everyone!I'm trying to create a time chart of a variable that I have to compute as a global percentage between ... by andres91302 Communicator in Splunk Search 04-19-2021 0 4	0	4