Splunk Search

Community Activity

help on a stats command with a filter token helloI use the search below which works fine `fiability` \| fields host Logfile SourceName ProductName SITE DEPARTME... by jip31 Motivator in Splunk Search 04-09-2021 0 5	0	5
Extract JSON Data Need help to find a way to search JSON strings where an attributes is empty.Ex: get all JSON data where 'tags' is em... by mchennam Engager in Splunk Search 04-09-2021 0 3	0	3
How can I use lookup csv from another Index? How can I use lookup csv from another Index? I have access to both index.Thanks. by arusoft Communicator in Splunk Search 04-09-2021 0 8	0	8
Writing records to KVStore - Strange Behavior HelloAm attempting to identify the name of the SQL Server and the SQL Agent process name based on a CMDB lookup and s... by prashantsreeniv Observer in Splunk Search 04-09-2021 0 1	0	1
Need help with a search/subsearch not providing the expected results Hello there! I need help with a search that is not providing the expected results. Let me share the details and backg... by pablobarquin Explorer in Splunk Search 04-09-2021 0 5	0	5
makemv delim carriage return problem... I've got a bit of a weird situation and I don't have the Splunk technical know-how to fix it myself, so I thought I'd... by TorbinIT Path Finder in Splunk Search 04-09-2021 0 1	0	1
returning values that dont exist I have two queries. I have enabled the installed software script in splunk so I can determine where software is not i... by johnrbhancock Engager in Splunk Search 04-09-2021 0 2	0	2
McAfee logs ingested not parsing correctly - lot of junk. Please advise McAfee data ingested into Splunk not parsing correctly. How do I fix it? I am getting a lot of junk. Please advise ho... by SamHTexas Builder in Splunk Search 04-09-2021 0 2	0	2
Sankey being covered up by stats table? Hello all, We are successfully creating a Sankey Visualization of our data, however when we try to expand how many ro... by epsidata New Member in Splunk Search 04-09-2021 0 0	0	0
Exclude results from lookup table in search I have a lookup table with Scheduled Tasks called scheduled_tasks, and Columns Command, Arguments. I need to do a sea... by Dalador Path Finder in Splunk Search 04-09-2021 0 4	0	4
How to convert Hex to Ascii in Splunk? I have a hex value that i need to convert to ascii. is there a way to do this in splunk? string-value=0x4c617374206... by danielrusso1 Path Finder in Splunk Search 04-09-2021 4 16	4	16
A query to get the xml files which has the specified tags I have displayed two sample xml files below. I have to check whether a xml file has <customer-job-id> and <submissio... by sasireka Loves-to-Learn Lots in Splunk Search 04-09-2021 0 1	0	1
Counting total and only specific values in one table (802.1x log example) Hi Everybody:I need a little help with statistics: I use this search to list all Calling_Station_IDs. In the example ... by Ida_2017 Explorer in Splunk Search 04-09-2021 0 1	0	1
Amend "Reports" view in Search App to include other columns Hi, a user wants to see the description of a report as well as the title. I know he could click the drop down arrow b... by shazbot79 Path Finder in Splunk Search 04-09-2021 0 1	0	1
in timechart, how do you display average by field, but also show a total average Hi, I have events from various projects, and each event has an eventDuration field. I'm trying to visualize the foll... by pcheng Explorer in Splunk Search 04-09-2021 0 16	0	16
To check if service of endpoint starts back once stopped Hi Folks, I am working on creating an alert for endpoint where we have to check if its service came up after it got s... by DawoodKhanUlex Engager in Splunk Search 04-09-2021 0 1	0	1
what is colour code of boolean while using endswith? Hi all, endswith=(notificationType="TestCompleted" OR notificationType="TestCancelled" OR notificationType="TestRejec... by Learner Path Finder in Splunk Search 04-09-2021 0 1	0	1
How to return all results if field is not exist? Hi, i use regex to extract fields My query is \| rex field=_raw "(?P<Command>((?<=\bCommand>).*(?=<)))" \| rex field=_r... by Dalador Path Finder in Splunk Search 04-09-2021 0 3	0	3
Combining two different events with same values from different source types index=a0_payservutil_generic_app_audit_prd sourcetype="npp:pom:stdout" eventCode="fundsReservationManualInterventionN... by gvjyothi45 New Member in Splunk Search 04-09-2021 0 1	0	1
How to make a query to search filed by taking output from the the 1st query I have a requirement like, I have to create a dashboard and there will be a input filed called as account Id and afte... by satyajit7 Explorer in Splunk Search 04-09-2021 0 1	0	1
How do I find the versions of all my UFs & HFs and dates of install on Splunk Enterprise? How do I find the versions of all my UFs & HFs and dates of install on Splunk Enterprise? by SamHTexas Builder in Splunk Search 04-08-2021 0 1	0	1
strptime using 2020-03-08T02:00:21is 1 hour off The following query returns a result that is one hour off.\| makeresults\| eval timestr="2020-03-08T02:00:21"\| eval uni... by paulerlong Explorer in Splunk Search 04-08-2021 0 4	0	4
Splunk sort class not working with subsearch With the below query I'm trying to sort dateTime by descending order but the sorting is not working, could someone pl... by Ranjeeth New Member in Splunk Search 04-08-2021 0 1	0	1
How to split stats command results into rows I have proxy logs, in which I am interested in 4 fields: the ip address of the user's computer, the category of the s... by ipoluda Explorer in Splunk Search 04-08-2021 0 1	0	1
How to hide X axis scale in a bar chart Hi,I am unable to hide the X-axis scale in the bar chart. See below screenshot,I am plotting the chart using below qu... by ashutoshwalke Explorer in Splunk Search 04-08-2021 0 4	0	4