Splunk Search

Community Activity

How to execute conditional DNS lookup in a search? The problem I am trying to solve is the following: if src_hostfield is missing, null or empty, add it to events by pe... by asieira Path Finder in Splunk Search 04-13-2021 0 2	0	2
Combining 2 Queries Using Same Field I have two queries. One gets the total number of events using the message field: index=my_index sourcetype=my_sourcet... by PaintItParker Explorer in Splunk Search 04-13-2021 0 2	0	2
Text input field Hi,In my dashboard i have set of inputs and when i submit the values gets stored in a lookup file. 2 dropdowns , 1 mu... by chuck_life09 Path Finder in Splunk Search 04-13-2021 0 1	0	1
Multiselect input Hi,In my dashboard i have set of inputs and when i submit the values gets stored in a lookup file. 2 dropdowns , 1 mu... by chuck_life09 Path Finder in Splunk Search 04-13-2021 0 3	0	3
group search results by hour of day Hi splunk community,I feel like this is a very basic question but I couldn't get it to work.I want to search my index... by gerbert Path Finder in Splunk Search 04-13-2021 0 2	0	2
Correlation of two searches Good day Community,I would like to know what is the best approach to filters events based on previous query. My preci... by Habanero Explorer in Splunk Search 04-12-2021 0 4	0	4
Don't execute rest of commands if there is no events from base search? HiOur client have the next (kind of query) runs as a schedule. It can found events or not, based on current situation... by isoutamo SplunkTrust in Splunk Search 04-12-2021 0 3	0	3
Jump multiple links at the same time Hello everyone,I am now editing the pie chart section of the dashboard, I want to add a list of URLs to let click imp... by yaoyed Engager in Splunk Search 04-12-2021 0 0	0	0
SPL for Wrong Written Searches Hi,I have a problem about wrong written searches. In our system, there are so many users. Every user will be able to ... by onur Explorer in Splunk Search 04-12-2021 0 1	0	1
AND OR Boolean Operators Hello, I have a small dilema around AND OR boolean operators. I dont want null time logs for event=timeOut, but at th... by MeMilo09 Path Finder in Splunk Search 04-12-2021 0 2	0	2
Replace String Values Hello,I need to remove the values found (string) from another field.Ex. FIELD1 - abcmailingxyzLIST - mailing, ...Usin... by genesiusj Builder in Splunk Search 04-12-2021 0 7	0	7
Heavy Forwarder Selective forwarding Hey all. I need help to selective forward (on a HF) from a log file that is being monitored by a UF. I only need to f... by Adevill Loves-to-Learn Lots in Splunk Search 04-12-2021 0 13	0	13
What is the best method to search for different time ranges for 4 different sourcetypes using earliest? I'm creating a query using 4 sourcetypes and want to search across different timerange for them. For example:\| multis... by Avantika07 Observer in Splunk Search 04-12-2021 0 4	0	4
eval used with stats command returns 1/0 instead of true/false According to the splunk doc , eval can be used within aggregate functions with stats command like: index=main sourcet... by splunkuser1948 Engager in Splunk Search 04-12-2021 0 2	0	2
not able to merge 2 queries to get the desired result I have 2 queries1st is \| rest /services/data/indexes\| fields title\| dedup title\| table titlethis query is giving me a... by vinitpathri Path Finder in Splunk Search 04-12-2021 0 4	0	4
Find stats from 2 events We have 2 eventsOTP generated through SMS with UUID=123123OTP generated through EMAIL with UUID=432432OTP Verified f... by dyapasrikanth Path Finder in Splunk Search 04-11-2021 0 3	0	3
Notable event index is empty. Hello everyone.I am trying to deploy ESS, but I having some trouble with the notable events.I can not see results at ... by gl_splunkuser Path Finder in Splunk Search 04-11-2021 0 2	0	2
Return the Count of events divided by 2 I'm pretty new at this so I apologize if the question seems stupid.I have a printer that sends syslogs to Splunk, and... by ibanez450 Explorer in Splunk Search 04-11-2021 0 3	0	3
on Simple XML with colorPalette to select the color by comparing 2 fields numbers Is there a way to get field's background color by compare with 2 fields numbers? for example:If "POST IPTV CALLS"'s v... by jenniferhao Explorer in Splunk Search 04-11-2021 0 12	0	12
How to know which value from lookup table matched the log I have a lookup table that has a list of values in it similar to:idvalue1test_value12test_value2 I can search for all... by hFHUT2 Engager in Splunk Search 04-11-2021 0 3	0	3
Usage of Wildcard in middle of search string Hi,I read from splunk docs that we should avoid using wildcards `*` in the middle of a string.Now, does this apply to... by splunkuser1948 Engager in Splunk Search 04-10-2021 0 1	0	1
How do I check if my Splunk environment is set for Search Head pooling? How do I check if my Splunk environment is set for Search Head pooling? We have SH clustering all set up and am prepa... by SamHTexas Builder in Splunk Search 04-10-2021 0 1	0	1
Make Paloalto search faster Hi There I am new to splunk and trying to figure out a way to make the below search faster : index=pan_logs sourcetyp... by lubanamanjinder New Member in Splunk Search 04-10-2021 0 1	0	1
How to switch the CMDB lookups in splunk to the KV store ? We currently have lookups and want to move to KV store. What and how can we do that by srampally Path Finder in Splunk Search 04-10-2021 1 4	1	4
Index Time Fields Extraction on Summary Index Hey I’m trying to extract fields in index time on my summary index, in order to use ‘tstats’ command. I used ‘coll... by omerl Path Finder in Splunk Search 04-10-2021 0 5	0	5