Splunk Search

Community Activity

	How do I get a complete list of users logging into Splunk Enterprise & ES How do I get a complete list of users logging into Splunk Enterprise & ES. Please share SPL strings used. How to prep... by SamHTexas Builder in Splunk Search 03-24-2021 0 3	0	3
	Time taken for a lookup vs Time taken for a KVstore Hi,I have a lookup file which takes some time to load (Look up has 19Lakhs data) - This lookup is used in a dashboard... by VijaySrrie Builder in Splunk Search 03-24-2021 0 1	0	1
	resolving username from uid in a splunk query Greetings-I'm putting together a dashboard query that shows uid's and systems as a result. I would like to resolve th... by mullica1 Engager in Splunk Search 03-24-2021 0 6	0	6
	trigger an alert if a process is taking more than the expected time Hi Splunkers,I have the below logs and trying to create an alert if a process run is taking more than the expected ti... by kranthimutyala Path Finder in Splunk Search 03-24-2021 0 1	0	1
	Search for more than 1 url hit on a src_ip Hi I have this search here where I want to limit the results to only events that have more than 1 url hit on an src_i... by fdevera Path Finder in Splunk Search 03-24-2021 0 3	0	3
	pass time filters from lookup to saved search or macro or search Hi team,I am trying to send earliest and latest time values from lookup to saved search but i am not able to get resu... by vinothn Path Finder in Splunk Search 03-24-2021 0 1	0	1
	How to create a new lookup from my local machine to clustered environment using curl command? i have to upload the .csv file that gets generated on my local machine through a script to SH clustered environment u... by vn_g Path Finder in Splunk Search 03-24-2021 0 8	0	8
	Append color values to field value I have a query result . i want to append the three colors based on values and the table is dynamic based on the tim... by Vignesh-107 Path Finder in Splunk Search 03-24-2021 0 1	0	1
	Join two events and publish the fields Hi Everyone, I have two events like below on the same index though. I captured all fields through rex command but una... by rbachu1 Explorer in Splunk Search 03-24-2021 0 5	0	5
	Consolidating data from different indexes into one table I have 4 applications integrated with each other - their names let's say A, B, C, D respectively. All these applicat... by jonthree Explorer in Splunk Search 03-23-2021 0 2	0	2
	Statistics data in GB, MB values Hi Ninjas, I'm trying to make a table that should list date, domains, action_types, action_type_usage_in_MB, Domain_u... by jeganl Engager in Splunk Search 03-23-2021 0 2	0	2
	Difference between outputs of same query as search and subsearch Noob here. Can anyone tell me why the following search:search sourcetype=srt \| table serialNumberwill give me a one-... by ebarnhill Engager in Splunk Search 03-23-2021 0 1	0	1
	Creating a correlation search between two different indexes (DHCP and Firewall Data) Hi all- we want to get a bit more elegant with correlation searching between two different indexes. There seems to b... by daryllj Path Finder in Splunk Search 03-23-2021 0 2	0	2
	Subtracting from multiple columns Hi all, I have a table like this_timefile1.txtfile2.txtfile3.txt*.txt1472160022147216002214721600001472160099...14721... by Rjbeckwith Explorer in Splunk Search 03-23-2021 0 2	0	2
	Read a lookup and for each field send a email. Hello everyone, I have a situation, I would like to read a lookup and for each field that match with a search criteri... by gl_splunkuser Path Finder in Splunk Search 03-23-2021 0 0	0	0
	how to track if a transaction is taking more time with non real time alert Hi Splunkers,we have a transaction which runs for every 4hours and usually take 5mins to complete.Im trying to set up... by kranthimutyala Path Finder in Splunk Search 03-23-2021 0 1	0	1
	Populating a new field with data based on existing field value I have a field with similar values:myFieldJCH CornJCH CarrotJCH AppleME/OrangeI would like to populate a new field de... by jason_hotchkiss Communicator in Splunk Search 03-23-2021 0 2	0	2
	scheduled searches Hi all,I have two scheduled searches, is there the possibility to launch the second one at the end of the first?can y... by simo Path Finder in Splunk Search 03-23-2021 0 3	0	3
	Display search result as a label text or non editable text on the dashboard I am trying to retrieve and display the user name of the logged in user as a label or a non-editable text on the dash... by sh254087 Communicator in Splunk Search 03-23-2021 0 1	0	1
	Transactions with conditional Endswidth or different ordering of events. I have a series of events that always start with EventTypeName = "Node Down" but there are three scenarios I'm trying... by ocallender Explorer in Splunk Search 03-23-2021 0 0	0	0
	Splunk Alert I am trying to create a Splunk alert where the log line is delimited with comma,I need to get the field 4 and check i... by sshanmua New Member in Splunk Search 03-23-2021 0 3	0	3
	Syslog Filteration We are receiving around 300gigs of syslog data everyday and we want to filter all the logs and index only what the ne... by novotxms Loves-to-Learn in Splunk Search 03-23-2021 0 3	0	3
	appendcols with proper info Hi, Following search query produces output in table below:index=_pods pod=* project=project_name state="Running"\| ev... by jugarugabi Path Finder in Splunk Search 03-23-2021 0 1	0	1
	Create custom table Is it possible to have particular result in custom column which will fetch values from existing search and will show ... by himanshuqb Loves-to-Learn in Splunk Search 03-23-2021 0 0	0	0
	Is there a way to only search * (asterisk)? Dear Experts , Please suggest an answer on a silly question If my log contains *(star) as a word/character . How w... by abhaybhagat08 New Member in Splunk Search 03-23-2021 0 4	0	4