Splunk Search

Discussions

Thread Info

Need to mask the data twice in a single field

Can you please help me in masking the data. Raw Data: -> "login": "44337754-004613081080P"I want the number to be m...

by Path Finder in

Working regex elsewhere does not work in Splunk

As seen in the first example, the expression I've constructed will capture the field values I want. However in the se...

by Path Finder in

Question about geostats

Hello, I am new to SPL language. I have been working on 'geostats' recently and not quite sure what 'translatetoxy' ...

by Engager in

Uploading data to Splunk Cloud instance but unable to search it in Search & Reporting

I'm attempting to follow along with a Splunk Fundamentals training which requires me to upload a few files (csv, linu...

by New Member in

issue in regex

Hi , i want to ignore some comment line and last comment store value in field. for example , I have lo...

by Loves-to-Learn in

rex for raw text that have "" in

Hello, I'm have a raw data that contain the following: ....OrgnlTxRef:"04172D1xxxx","TxSts":"ACSC","StsRsnInt":...

by Communicator in

Regular expression to extract http status

I have http statuses that come in from 2 different indexes, with almost the same event but the event from one indexer...

by Path Finder in

How do I make a rolling weekly percentage?

I'm new to splunk, but I need to figure out how to count the number of error codes of a certain type over a rolling 7...

by New Member in

Disk Space Monitoring in Splunk ITSI and CPU & memory corelation

Question, we are trying to monitor disk space usage in Splunk ITSI. We are trying to use templates as much as possi...

by Explorer in

Splunk CLI search ignores limits

I notice, by testing, that Splunk CLI searches do not appear to be subject to Splunk's limits. This behavior is use...

by Path Finder in

Search is executed after changing dropdown value but token is not in search

Hi guys, I have a dashboard where a user inputs data using dropdowns and text inputs. If he inputs all data and ...

by Path Finder in

help on where clause

hi why my where condition doesnt works please? `boot` | fields host Name Path DegradationTime | stats max...

by Motivator in

Compare two lookups, different fields against ES Annotations output

Hi all,First of all, I realize this is achievable using Security Essentials, however we have a lot of manually create...

by Path Finder in

Cannot see full field list in Add Auto-Extracted Field window for a dataset in a datamodel

I'm new to data models and have a very newbie question. We are using SplunkCloud and when I try to add an auto-extrac...

by Path Finder in

Request for Assistance

Hi Community, I'm new to this world. I saw some very helpful people helping out new starters so I gathered courage ...

by Explorer in

collect command/sourcetypes and \ character

Came across an interesting behaviour with collect today depending on whether you specify a sourcetype or not. If you ...

by SplunkTrust in

Delete specific entries from KV Store

Hello all, I am working on getting specific entries deleted once the search runs and holds true. Below is the...

by Explorer in

Help on "where not" clause wich doesn't works and conditional formating issue

Hello I use the search below `wire` | fields AP_NAME USERNAME LAST_SEEN | eval USERNAME=upper(USERNAME) | ev...

by Motivator in

Search that combines last 7 days and year-to-date

My current search below pulls findings for current day and year-to-date starting 2/1/2021. I need help with a way to...

by New Member in

Splunk cloud logs delay

I have an implementation with Splunk cloud, as you know with this implementation in the cloud it would be the search ...

by Builder in

dynamic eval statement from a template contained in the event data

i have application logs which contain a message template in a json field (@mt) to convert other json fields into a hu...

by Explorer in

How to properly handle backslashes in data

We use the HttpEventListener to input data into splunk. Our data is pipe ('|') delimited and we have setup field extr...

by Path Finder in

Finding Timings Between Multiple Events

Hello, I am trying to find the timings between multiple calls under the same extracted field of InterchangeId. When...

by Explorer in

Insert results of subsearch as single column in table

Here is what I need to generate: So far I have this search to generate everything but the right-...

by Path Finder in

Outer Join in Splunk

All, I've been trying to find a solution for this for a few days. We have multiple tools sending data in on their ...

by Engager in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Need to mask the data twice in a single field

Working regex elsewhere does not work in Splunk

Question about geostats

Uploading data to Splunk Cloud instance but unable to search it in Search & Reporting

issue in regex

rex for raw text that have "" in

Regular expression to extract http status

How do I make a rolling weekly percentage?

Disk Space Monitoring in Splunk ITSI and CPU & memory corelation

Splunk CLI search ignores limits

Search is executed after changing dropdown value but token is not in search

help on where clause

Compare two lookups, different fields against ES Annotations output

Cannot see full field list in Add Auto-Extracted Field window for a dataset in a datamodel

Request for Assistance

collect command/sourcetypes and \ character

Delete specific entries from KV Store

Help on "where not" clause wich doesn't works and conditional formating issue

Search that combines last 7 days and year-to-date

Splunk cloud logs delay

dynamic eval statement from a template contained in the event data

How to properly handle backslashes in data

Finding Timings Between Multiple Events

Insert results of subsearch as single column in table

Outer Join in Splunk

What’s New in Splunk Enterprise 9.4: Tools for Digital Resilience

Get Schooled with Splunk Education: Explore Our Latest Courses

Splunk AI Assistant for SPL | Key Use Cases to Unlock the Power of SPL

ES8 + Mission Control Usage rest API

Search for triggered save searches and their actio...

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Using Machine Learning Toolkit to detect auth abus...