Splunk Search

Community Activity

compare two fields in json data and display data in the third field for the matched data Hi all,I have only started working on splunk recently and i am stuck at one query. So, I have JSON data like below: c... by nikitha15 Explorer in Splunk Search 03-15-2021 0 1	0	1
Reading from a specific log file Hi, I am very new to Splunk. I would like to know how to search just the latest log file from the below screenshot.... by rsmall13 Explorer in Splunk Search 03-15-2021 0 3	0	3
Real time alerts Hi, I'm looking to create a real-time alert, but I don't see the alert type option of 'real-time' as shown below. We... by rsmall13 Explorer in Splunk Search 03-15-2021 0 0	0	0
help on token which has to return empty values hello I use a scheduled search where I stats events like this :\| stats last(LastReboot) as "Last reboot date" by host... by jip31 Motivator in Splunk Search 03-15-2021 0 1	0	1
JSON - an array, many fields, mvzip and mvexpand issue Hi, am I doing this correct or is there another way to tabulate this JSON?I've seen many examples on the forums of pe... by JimboSlice Path Finder in Splunk Search 03-15-2021 1 8	1	8
Count field on specific value using streamstats Hi Splunkers, Anyone can help, I need to count field Flag where value is 0.I've tried using this command " streamstat... by bernanda Explorer in Splunk Search 03-15-2021 0 2	0	2
help on transpose command hello In the search below, I need to display anything if the Hostname is not foundActually, I have the fields display... by jip31 Motivator in Splunk Search 03-15-2021 0 2	0	2
How to get data through REST API into SPLUNK APP HiWe have to retrieve DATA through REST API and then display the data in the dashboard.After reading documents, the a... by emily12234 Explorer in Splunk Search 03-14-2021 0 1	0	1
How to join table of usertypes with user detail I have a table of users and their position level across an organization. How would i join the table of positions and ... by spammenot66 Contributor in Splunk Search 03-14-2021 0 3	0	3
Need Help Designing Total Outage Alerts Hi there,I'm having a really hard time creating an alert based of a search that detects the absence of events.I have ... by hollybross1219 Path Finder in Splunk Search 03-14-2021 0 7	0	7
Alert on Duplicate IPs with detail I'm trying to produce an alert based on a user logged in w/ 2 ips within 10 minutes. I have a way to determine if t... by zippo706 Explorer in Splunk Search 03-14-2021 0 2	0	2
Python api for splunk to gather data Hi All,We need to write a python script to pull data for below query ,using script below but no output is showing.Pl... by swagatam1308 Engager in Splunk Search 03-14-2021 0 11	0	11
Sum and table results from same field into 2 groups Hi,I have a few fields and I am trying to get results on e.g. Field1 (Person) Field2(Sales) Field3 (Location). what... by davidoking Explorer in Splunk Search 03-14-2021 0 5	0	5
Is it possible to assign a entire lookup to a single field I have a lookup i want to assign it to a single field Example:This is my lookup table with valuesMessge 00100Messge 1... by Vignesh-107 Path Finder in Splunk Search 03-14-2021 0 2	0	2
How to Split Row value in single column to multiple row value? I want to split row into multiple row by spliting it under the same column.Example:-col1 col2 col3 col4A,... by abhishekpatel2 Explorer in Splunk Search 03-14-2021 0 6	0	6
Recursive query with unlimited depth Hello,I want to search for all src hosts that connect to a specific destination with or without intermediary hopes. I... by jg91 Path Finder in Splunk Search 03-13-2021 0 2	0	2
Splunk perfmon disk io search Hello all, Looking for some help with a perfmon search. index=perfmon host=myhost01s* sourcetype="PerfmonMk:LogicalDi... by tkerr1357 Path Finder in Splunk Search 03-13-2021 0 1	0	1
Edit Splunk table column values on the UI Hi,I have a panel in Splunk dashboard which is a table and has two columns.The first column is comment and second is ... by architkhanna Path Finder in Splunk Search 03-13-2021 0 3	0	3
Splunk dashboard single value trendinterval time as dynamic Hello, I' m currently working on how to make dashboard with our Server's VM Count logs.Our logs are being collected a... by splunkkid Path Finder in Splunk Search 03-13-2021 0 1	0	1
Use eval (or other) to make automatic calculation in xyseries Hi,I have an automatic process that daily writes some information in a CSV file [1]. Then I have a dashboard that pi... by goncalosilva123 Engager in Splunk Search 03-13-2021 0 6	0	6
how to display multiple field values from different searches in pie chart I have following query to display the results in pie chart. Problem here is I could not see the all the values in the... by sbollam Explorer in Splunk Search 03-13-2021 0 4	0	4
compare two field values for equality I have the output of a firewall config, i want to make sure that our naming standard is consistent with the actual fu... by EricPartington Communicator in Splunk Search 03-13-2021 0 9	0	9
Palo Alto Networks vendor_action query to list all I'd like to run an efficient search over an index to find all of the types of 'vendor_action' field present in the da... by splunkymcsnypr Engager in Splunk Search 03-13-2021 0 1	0	1
vendor_action Field Hi!I'm trying to find more information about the vendor_action field, however I've not managed to do so with much suc... by splunkymcsnypr Engager in Splunk Search 03-13-2021 0 1	0	1
Splunk query to check variation in processing time and volume in 5 minutes each (in last 10 minutes) Hi, Can anyone help, As I want to get an alert if : The volume gets drop or if processing time gets increased of a sp... by sahil237888 Path Finder in Splunk Search 03-13-2021 0 1	0	1