Splunk Search

Community Activity

How to remove results of one query from a second query I'm currently trying to find workstations that haven't been logged into by a human over a period of time.My first que... by pgawron2 Loves-to-Learn in Splunk Search 04-16-2021 0 9	0	9
How to visualise single series stats sum by filed and it total I am getting statistics like below (only 3 categories) Category Amount cat1 20 cat2 30 cat3 40 and add... by dyapasrikanth Path Finder in Splunk Search 04-15-2021 0 3	0	3
Splunk Panel cell clicking not working with cell enabled on drilldown Good Evening All,I am looking for a solution to a splunk panel when I try to click on any cell value it should open e... by REACHGPRAVEEN Explorer in Splunk Search 04-15-2021 0 1	0	1
Pulling new fields out of nested JSON data Looking at the example field below (part of a JSON event), I'm trying to figure out how at search time to pair up the... by joemiller Path Finder in Splunk Search 04-15-2021 0 5	0	5
Query Duo security for disabled, non-authenicated user I don't know how to query my duo servers to find out how any users many are set to disabled and some users might have... by totalnet32 New Member in Splunk Search 04-15-2021 0 0	0	0
Two timecharts for different time frames (today/yesterday) on one graph Hi all,I'm trying to create a chart containing two timecharts for different time frames (e.g. today/yesterday). How c... by dab55 Engager in Splunk Search 04-15-2021 0 3	0	3
Splunk query Hi All,I'm new to Splunk and want to execute a splunk query without using CLI or GUI.Options like ETL tool or a shell... by Chandu53000 Observer in Splunk Search 04-15-2021 0 1	0	1
Split results from chart Hello,I am using the chart command in order to display data using a line chart:\| chart values("torque") as variable o... by nadeige1 Engager in Splunk Search 04-15-2021 1 2	1	2
I have field DivionsID with data of Exe.123, how to trim this to just 123 ? I have field DivionsID with data of Exe.123, how to trim this to just 123 ? by sumandevops Engager in Splunk Search 04-15-2021 0 7	0	7
Changes to user or group privileges Hi all.This rule has been driving me crazy for a while now, and the teams working on it too.Just looking for a way to... by logginz85 Explorer in Splunk Search 04-15-2021 0 0	0	0
How to use output of a 1st query as input in second query. I have a 1st query by taking input from the dashboard and where I got id as a result from that. And I want to use tha... by satyajit7 Explorer in Splunk Search 04-15-2021 0 7	0	7
help on date field sorting hithe field dv_sys_created_on is a field dateindex="tutu" sourcetype="toto" \| stats last(dv_sys_created_on) as Opene... by jip31 Motivator in Splunk Search 04-15-2021 0 2	0	2
rex to modify hostname field and where . is there remove it I have index=syslog where the hostname comes as fqdn and Ip addressi want rex to modify only hostname field only wher... by surekhasplunk Communicator in Splunk Search 04-15-2021 0 4	0	4
Search incorporating inputlookup I have a list of source ip addresses in a csv file loaded into Splunk as a lookup file. The file has a single field,... by balcv Contributor in Splunk Search 04-15-2021 0 6	0	6
iplocation when outputting in command stats Hello everyone,Someone may already be doing the output of grouped events with the definition of location by ip.How no... by nalia_v Loves-to-Learn Everything in Splunk Search 04-15-2021 0 1	0	1
Efficiently filter subsequent search statement using results from previous statement I am using Splunk Enterprise Version 8.0.5.1Consider an index with half a million events being generated every day.Th... by shanebough Loves-to-Learn Lots in Splunk Search 04-15-2021 0 14	0	14
Outlier detection Hi! I have a data set consisting of a csv-file with three columns with numerical data.I have performed my own impleme... by Nils New Member in Splunk Search 04-15-2021 0 0	0	0
Calculating Splunk License Usage Based on a condition Hi Team,I am aware that we can able to pull the license usage stats in splunk for index, host and sourcetype for a da... by anandhalagaras1 Contributor in Splunk Search 04-15-2021 0 2	0	2
Need SPL advise for stats I have following data:I am trying to generate SPL which provides me following:Essentially change_complete will be new... by k31453 Explorer in Splunk Search 04-15-2021 0 1	0	1
How to filter ipv6 addresses and keep only ipv4? Hi,We have a lookup file with some ip addresses. It could be in IPv4 or IPv6 format. There is also could be one or mu... by woodentree Communicator in Splunk Search 04-14-2021 0 2	0	2
extra data from particular filed and show in chart I have logs like {"message": "Submitted amount category1: 213, category2: 543.56, category3: 4343.00", "specialCustom... by dyapasrikanth Path Finder in Splunk Search 04-14-2021 0 3	0	3
Get the context of an error Hi Splunk Community!I'm trying to get the context of an error.Here is a snippet of the logs: 2021-03-21 11:36:43,045... by pfs Engager in Splunk Search 04-14-2021 0 8	0	8
Remove everything after .com in website Is there a simple way to remove everything after website.comCurrently I have several urls imported into splunk, some ... by N5535 Loves-to-Learn Everything in Splunk Search 04-14-2021 0 3	0	3
Specify a day w/ a Token Just looking for a simple way to do this. I have an input token of how many days to look back where I want to just sp... by clintla Contributor in Splunk Search 04-14-2021 0 2	0	2
Splunk and Azure SQL audit via Event Hub I'm not sure how to even troubleshoot this.A few weeks ago, we started a dropoff in events into splunk. We are send... by zippo706 Explorer in Splunk Search 04-14-2021 0 1	0	1