Splunk Search

Start a Conversation

Discussions

Start a Conversation

Thread Info

How to fix Error when adding trusted domain lists to Splunk?

Hi all, I have created a dashboard incorporating few external domains I am receiving the error message like the d...

by Path Finder in

How to create alternative for subsearch?

I have a search with a subsearch. I run into the limitations of the maximum results (50.000) Now Ia m trying to fi...

by Path Finder in

Why does Splunk change date format from 2022-12-04 to 2022/12/04 when exporting to .csv?

Hi All, I am unsure if this question has been answered already - I couldn't see it. I have a time field in Sp...

by Explorer in

How to to update hour of a timestamp variable?

Hi, I'm looking for a way to change the hour of a time variable Exemple : myTime="2022-11-20 05:23:42" an...

by Path Finder in

How to search and sort based on dynamic value?

Hi, I am new to splunk and have a requirement where i have to search the logs which are on 100 servers and i have ...

by Explorer in

How to filter out event from outbound mail log having "Attachment" field contains file extension ".txt,.html,.jpg,.png"?

Looking for Splunk query to filter out event if "Attachment" field having extension .txt or .html or .jpg or .png ...

by Loves-to-Learn Everything in

BotS - Error in 'lookup' command: Could not find all of the specified destination fields in the lookup table

Hi, I am doing Boss of the SOC v1 and I stuck on question, where I need to use lookup. I imported .csv file ad her...

by Explorer in

How to convert epoch time to a desired time zone?

Hi from below events how to convert epoch time to a desired time zone want to convert LAST_START="1670326641", ...

by Path Finder in

Why doesn't search return result when I list a field of a lookup?

I was trying to join a group of documents with a list of users that I had in a lookup, and the search return me resul...

by Engager in

How to calculate session times from large data set?

I'm analysing VPN connection logs to produce a report of the count of staff working from home for longer than 6 hours...

by Path Finder in

How to find the ips hitting the index waf?

To find the ips hitting the index waf by client ip, if the hitting ips present in lookup table 2 have to be exclude...

by Path Finder in

How to hide submit button in Dashboard Studio?

Hi, In the old XML dashboards we used to have the "x" to close the submit buttons of inputs: Whereas in...

by Engager in

How to make a table from search history, where time presets were queried by all_time or long diaposone?

Hello, Splunk lovers!I have some questions What i want: 1. i want to make a table from search history, where ti...

by Explorer in

How to achieve row count until data changes in column?

I have a table with 3 columns: _time, type and action| makeresults count=10| eval type = "typeA"| eval action = if((r...

by Explorer in

How to represent interface wise success and error bar chart on a single dashboard?

I want to represent interface wise (DFOINTERFACE) success and failure success log below, where completed successf...

by Explorer in

How to make a dashboard of the last three month of avg cpu load?

i want to make a dashboard of last 3 month of avg cpu load and max cpu load For example:dec= 320dec=10dec=40dec=90...

by Path Finder in

How to log file aggregator on centralized log server?

Hi I have 3 servers that generate log file daily with size about 12GB (12*3=36GB) How can I gather these files ...

by Motivator in

Need help on Splunk search for if else condition

hi All, can someone help on the splunk search eval condition based on below scenario using fields Actualstartt...

by Path Finder in

How to create a table?

HI, I want to make the log below in the form of the table below. What should I do with the spl? [log ex] ...

by Explorer in

How to convert time format?

Hello Splunk Lovers! i have date format 202211131614220000 and i want convert this format to readble for Splunk i ...

by Explorer in

Get Updates on the Splunk Community!

Splunk Search

Discussions

How to fix Error when adding trusted domain lists to Splunk?

How to create alternative for subsearch?

Why does Splunk change date format from 2022-12-04 to 2022/12/04 when exporting to .csv?

How to to update hour of a timestamp variable?

How to search and sort based on dynamic value?

How to filter out event from outbound mail log having "Attachment" field contains file extension ".txt,.html,.jpg,.png"?

BotS - Error in 'lookup' command: Could not find all of the specified destination fields in the lookup table

How to convert epoch time to a desired time zone?

Why doesn't search return result when I list a field of a lookup?

How to calculate session times from large data set?

How to find the ips hitting the index waf?

How to hide submit button in Dashboard Studio?

How to make a table from search history, where time presets were queried by all_time or long diaposone?

How to achieve row count until data changes in column?

How to represent interface wise success and error bar chart on a single dashboard?

How to make a dashboard of the last three month of avg cpu load?

How to log file aggregator on centralized log server?

Need help on Splunk search for if else condition

How to create a table?

How to convert time format?

Unify Your SecOps with Splunk Mission Control

Data Preparation Made Easy: SPL2 for Edge Processor

Introducing Edge Processor: Next Gen Data Transformation

Filter logs with different and same fields

Compare past 30 days vs today.

lookup file works for me but no on else.

Running multiple query based on condition

compare today hourly stats and previous week same ...