Splunk Search

Community Activity

How to use the query that Field extractor generate to use in your search Hi, so I try to use Field Extractor (in Extract new fields) to extract some fields from raw logs to make a table. I h... by phamxuantung Communicator in Splunk Search 03-16-2021 0 1	0	1
Splunk Rex query to extract field after a particular exact word only So this is my sample data :10.3.31.252 - - 15/Mar/2021:14:06:28 +0000 "POST /usenames/rest/sessionscookie dest oamdas... by jonthree Explorer in Splunk Search 03-16-2021 0 3	0	3
Adding timerangepicker to Dashboard of Report Panels?? Hello Everyone,This may be an odd question, but I am wondering how (if possible) to add a useful timerangepicker to a... by sarge338 Path Finder in Splunk Search 03-16-2021 0 1	0	1
How to check if a host ever reported to Splunk How to check if a couple of hosts /VMs ever reported to Splunk? I have looked in Deployment server, no sign of them o... by SamHTexas Builder in Splunk Search 03-16-2021 0 3	0	3
Use Rex extracted field to do duration calculations I have a bunch of logs contains different table operation, and I want to check how much time each table operation cos... by last_dance Observer in Splunk Search 03-16-2021 0 2	0	2
[SUSE] Crash - Splunk SH is not able to perform a search against indexers. We are testing our upgrade from Splunk 7.3.1 to 8.1.2. Once we upgrade the SH regardless of the indexers' version 7.3... by sylim_splunk Splunk Employee in Splunk Search 03-16-2021 0 2	0	2
[8.0.6] Scheduler stops dispatching scheduled searches intermittently. Our Splunk SH cluster scheduler stopping, users complaining that alerts/scheduled reporting not running or processin... by sylim_splunk Splunk Employee in Splunk Search 03-16-2021 1 1	1	1
Based on key passed want to fetch value data from csv file I have one csv file with empid as key and name as value..sample Data looks like emp id is E101 value is John ..now ... by sandeepshelar4 Loves-to-Learn Lots in Splunk Search 03-16-2021 0 1	0	1
Export Windows Event LOG Hi,I need to import the security and application logs of many windows servers to splunk, but for security reasons I c... by robertocapizzo9 Loves-to-Learn in Splunk Search 03-16-2021 0 1	0	1
Truncate Timechart X Axis To Just Seconds So I have a timechart that I'm using to plot latencies. I am trying to just capture the seconds and miliseconds. I do... by woody1 Observer in Splunk Search 03-16-2021 0 2	0	2
Using regex to filter by file directory I have a field in splunk named commandline. I want to filter this field just by values containing "C:\"This appears ... by nwalker15 Engager in Splunk Search 03-16-2021 0 2	0	2
Compare search results to current data I have a search that looks at AD data to determine if a user was disabled more than 6 months ago. My intention was f... by sfefcu Path Finder in Splunk Search 03-16-2021 0 2	0	2
combine two tables into a multi series visualisation Hi Splunkers, I have the below tables generates from the below queries and i'm looking for a consolidated multi-serie... by splunk_ier Engager in Splunk Search 03-16-2021 0 0	0	0
How to calculate duration time after office hour within a month Im currently having trouble with query to get result of user activity duration after office hour within a month.i exp... by Splunkin Explorer in Splunk Search 03-16-2021 0 5	0	5
how to find percentage? Hi, @gcusello @dmarling I Have a doubt in calculating the percentage.First query:(index=71412-cli sourcetype=show_int... by priyastalin Explorer in Splunk Search 03-16-2021 0 5	0	5
Error lookup table Hello I am new to Splunk and I want to connect my salesfoce org to splunk app, but there is no data retrieved from th... by Oubayda Loves-to-Learn Lots in Splunk Search 03-16-2021 0 0	0	0
Increase Time on event TimeStamp for two different times Hey Splunksters,How can I go about getting to the next hour and 15 min - when min is 15 min past the hour for a times... by Mary666 Communicator in Splunk Search 03-15-2021 0 9	0	9
Basic Query help I just want to look for a hash signature in Splunk. Example: d09a773dab9a20e6b39176e9cf76ac6863fe388d69367407c317c716... by mnmn777 Observer in Splunk Search 03-15-2021 0 3	0	3
Compare data between two sourcetype I have two different sourcetypes src_a, src_b.src_a: This is a CSV uploaded from Server (has expected results for eac... by VandanaBansal Loves-to-Learn in Splunk Search 03-15-2021 0 4	0	4
Retrieve the name of the current search I would like to be able to retrieve the name of the current search to pass to a macro in the search.Saved Search name... by Scott_Kudelski Explorer in Splunk Search 03-15-2021 0 3	0	3
Track users web activity after arriving the landing page Greetings all,I'm currently working on a A/B testing dashboard to see which landing page is having more engagement. O... by Montalvolll Explorer in Splunk Search 03-15-2021 0 0	0	0
Import a matrix Q1: is there a way to import a matrix into Splunk? Q2: What SPL command gives me all values set to true and tells m... by youngsuh Contributor in Splunk Search 03-15-2021 0 3	0	3
How to perform "custom" inner join? Hi everyone, See if someone could give me a hand. My scenario is similar to this:Table 1IDID2Whatever rest columns...... by designer46 Explorer in Splunk Search 03-15-2021 0 4	0	4
Scheduled search for populating summary index ignores the last 30 seconds of events Hello,I recently faced an issue when populating a summary index. I scheduled a saved search to run every hour (with t... by Sharzi Explorer in Splunk Search 03-15-2021 0 3	0	3
tstat hourly time span without snapping to hour, relative to start of absolute time range instead Hello,I am trying to collect stats per hour using a data model for a absolute time range that starts 30 minutes past ... by akarollil Explorer in Splunk Search 03-15-2021 0 4	0	4