Splunk Search

Community Activity

	Adding increments of time to an event Hi Splunkers,I have gotten help on this type of problem and it has been very useful. However, I still stuck, but almo... by Mary666 Communicator in Splunk Search 03-21-2021 0 10	0	10
	How to calculate duration for repeated event by unique string Hi,I am new to Splunk, just started for few days. Below is the events that I have searched and sorted, I would like ... by nraf Loves-to-Learn in Splunk Search 03-21-2021 0 3	0	3
	Can I use data from other rows and set them to a different row who have the same key? Hi everyone, I would like to ask if it's possible to use data from another row, to be set as the value of a different... by yoshilog Explorer in Splunk Search 03-21-2021 0 2	0	2
	Isolate date by adding greater than or equal to Hi,So my search window is from Feb 19 - Feb 23. I would like to have isolate Feb 19 - to have my events start on this... by luna Explorer in Splunk Search 03-20-2021 0 0	0	0
	Where is Indexer specific props.Conf files saved? Is there individual indexer specific conf files present specially for Props.conf file ? In Linux , how can we identi... by ethanthomas Path Finder in Splunk Search 03-20-2021 0 2	0	2
	Setting up earliest and latest time with relative date and fixed time I am trying to define a query where I have to use the earliest time as 2 days ago at 22:20:45 and latest time 1 day a... by AruBhende Explorer in Splunk Search 03-20-2021 0 1	0	1
	Are the App Data Input fields extractable? I have an app that configures data inputs with columns for "Name" and "Destination". Once there is data in the sourc... by dglass0215 Path Finder in Splunk Search 03-20-2021 0 1	0	1
	Issues with the schedule PDF generation While doing the schedule and export option of PDF generation , the graph format is getting truncated . However , the ... by ethanthomas Path Finder in Splunk Search 03-19-2021 0 0	0	0
	Need to change the value of field using sed I want to replace the values of alertnateId and displayName to "****", I tried with below sed command but its not cha... by Vignesh-107 Path Finder in Splunk Search 03-19-2021 0 2	0	2
	If there are multiple results in field2, for one value of field2 within a time interval So what I'm attempting to do, is I have a list of user, IP, city, state, country, time. I want to alert if I see a u... by jkw117 Observer in Splunk Search 03-19-2021 0 1	0	1
	Calculate active Sprint Hi,How to create a query to show Active Sprint(JIRA) with Start and end date in my splunk dashboard.I dont have field... by Nith1 Path Finder in Splunk Search 03-19-2021 0 1	0	1
	How do I get more context around my search result while searching in splunk? Suppose my log indexed in splunk looks like: 1 ... 50 abracadabra ... Now, I do a search for abracadabra. splunk w... by kimberlytrayson Path Finder in Splunk Search 03-19-2021 0 6	0	6
	Show data from current week and breakdown weekly for the whole year for some fields Hi,I am a newbie to splunk so apologies if I didn't follow any right etiquettes while creating this issue.I am trying... by sumitdhameja1 Loves-to-Learn Everything in Splunk Search 03-19-2021 0 0	0	0
	Only Listing Transactions with Multiple Events I am interested in only listing transactions of a given source entity that contain multiple events. Is there a quick... by epw0rrell Path Finder in Splunk Search 03-19-2021 0 4	0	4
	help on sourcetype customization for log parsing helloI need to parse the kind of logs below Microsoft Windows [version 10.0.18363.1198] (c) 2019 Microsoft Corporati... by jip31 Motivator in Splunk Search 03-19-2021 0 5	0	5
	outputcsv sequence Hi all,I have a scedulated serach every 30 minutes, which extracts a file in csvsearch \| outputcsv MyFileI need to pu... by simo Path Finder in Splunk Search 03-19-2021 0 3	0	3
	Transaction startswith option I'm using the transaction with startswith to match multiple strings. I want any event that contains either of the str... by madan New Member in Splunk Search 03-19-2021 0 1	0	1
	How to determine working duration of user on Change or Authentication datamodel? Hello,Right now I am struggling to identify the working hours of user by Application based on Change or Authenticatio... by abhishekkalokhe Explorer in Splunk Search 03-19-2021 0 2	0	2
	Help in field extraction/transformation I have a JSON log entry with key-value pairs within the field component. I'm trying to transform the field into sub-... by timgren Path Finder in Splunk Search 03-19-2021 0 2	0	2
	Splunk not reading the whole json file to get exact count of the fields Hi,I am new to Splunk tool, based on requirement from clients I am trying to create a dashboard for monitoring purpos... by shalinibisht Explorer in Splunk Search 03-19-2021 0 0	0	0
	Regex retrieval to create data for an entire row Hi everyone, I just want to ask about this particular case that I am rather unsure if it's possible to execute in sp... by yoshilog Explorer in Splunk Search 03-19-2021 0 0	0	0
	Help with CSV - Special Case Hello Splunkers! We have a situation here and need your help and experience. We are looking for best practice to work... by Muwafi Path Finder in Splunk Search 03-18-2021 0 2	0	2
	Detect spikes in log activity I am trying to create an alert if Splunk detect anomalies in my log creation rate.For example, my application normall... by yk010123 Path Finder in Splunk Search 03-18-2021 0 0	0	0
	Time Modifier to an earlier day of the week Hi There,I have a query that restricts events that were delivered and my search window is from 01/20/21 through 01/23... by luna Explorer in Splunk Search 03-18-2021 0 1	0	1
	Find records between dates entered in text boxes Good Evening,I have, what appears to be, a unique situation. I have tried every means that I could find even vaguely... by sarge338 Path Finder in Splunk Search 03-18-2021 0 3	0	3