Splunk Search

Community Activity

Need Help Designing Total Outage Alerts Hi there,I'm having a really hard time creating an alert based of a search that detects the absence of events.I have ... by hollybross1219 Path Finder in Splunk Search 03-14-2021 0 7	0	7
Alert on Duplicate IPs with detail I'm trying to produce an alert based on a user logged in w/ 2 ips within 10 minutes. I have a way to determine if t... by zippo706 Explorer in Splunk Search 03-14-2021 0 2	0	2
Python api for splunk to gather data Hi All,We need to write a python script to pull data for below query ,using script below but no output is showing.Pl... by swagatam1308 Engager in Splunk Search 03-14-2021 0 11	0	11
Sum and table results from same field into 2 groups Hi,I have a few fields and I am trying to get results on e.g. Field1 (Person) Field2(Sales) Field3 (Location). what... by davidoking Explorer in Splunk Search 03-14-2021 0 5	0	5
Is it possible to assign a entire lookup to a single field I have a lookup i want to assign it to a single field Example:This is my lookup table with valuesMessge 00100Messge 1... by Vignesh-107 Path Finder in Splunk Search 03-14-2021 0 2	0	2
How to Split Row value in single column to multiple row value? I want to split row into multiple row by spliting it under the same column.Example:-col1 col2 col3 col4A,... by abhishekpatel2 Explorer in Splunk Search 03-14-2021 0 6	0	6
Recursive query with unlimited depth Hello,I want to search for all src hosts that connect to a specific destination with or without intermediary hopes. I... by jg91 Path Finder in Splunk Search 03-13-2021 0 2	0	2
Splunk perfmon disk io search Hello all, Looking for some help with a perfmon search. index=perfmon host=myhost01s* sourcetype="PerfmonMk:LogicalDi... by tkerr1357 Path Finder in Splunk Search 03-13-2021 0 1	0	1
Edit Splunk table column values on the UI Hi,I have a panel in Splunk dashboard which is a table and has two columns.The first column is comment and second is ... by architkhanna Path Finder in Splunk Search 03-13-2021 0 3	0	3
Splunk dashboard single value trendinterval time as dynamic Hello, I' m currently working on how to make dashboard with our Server's VM Count logs.Our logs are being collected a... by splunkkid Path Finder in Splunk Search 03-13-2021 0 1	0	1
Use eval (or other) to make automatic calculation in xyseries Hi,I have an automatic process that daily writes some information in a CSV file [1]. Then I have a dashboard that pi... by goncalosilva123 Engager in Splunk Search 03-13-2021 0 6	0	6
how to display multiple field values from different searches in pie chart I have following query to display the results in pie chart. Problem here is I could not see the all the values in the... by sbollam Explorer in Splunk Search 03-13-2021 0 4	0	4
compare two field values for equality I have the output of a firewall config, i want to make sure that our naming standard is consistent with the actual fu... by EricPartington Communicator in Splunk Search 03-13-2021 0 9	0	9
Palo Alto Networks vendor_action query to list all I'd like to run an efficient search over an index to find all of the types of 'vendor_action' field present in the da... by splunkymcsnypr Engager in Splunk Search 03-13-2021 0 1	0	1
vendor_action Field Hi!I'm trying to find more information about the vendor_action field, however I've not managed to do so with much suc... by splunkymcsnypr Engager in Splunk Search 03-13-2021 0 1	0	1
Splunk query to check variation in processing time and volume in 5 minutes each (in last 10 minutes) Hi, Can anyone help, As I want to get an alert if : The volume gets drop or if processing time gets increased of a sp... by sahil237888 Path Finder in Splunk Search 03-13-2021 0 1	0	1
Splunk query to filter logs In my search result i am getting AD & Login locations.Now I want to filter result, if both AD and Login locations are... by alexspunkshell Contributor in Splunk Search 03-12-2021 0 3	0	3
Eval Usage data to percentage as 1d span base, and table today, 1month ago, 3months ago, 6months ago Hello, I'm trying to make time based table to check trend right away.The data is currently accumulated on daily basis... by splunkkid Path Finder in Splunk Search 03-12-2021 0 2	0	2
How do I extract the dirname from the filepath hello How can I get the dirname from the filepath. I am looking something like thisAnkits-MacBook-Pro:~ akotak$ dirn... by kotak86 Explorer in Splunk Search 03-12-2021 0 1	0	1
Display the different color based on status value and Client Wise. run the below query and got the outputindex=xxx sc_status=201 OR sc_status=200\| stats count(eval(sc_status)) as "Tota... by sachdeva_2007 Explorer in Splunk Search 03-12-2021 0 1	0	1
search auto-finalized after time limit: 60 seconds / limits.conf Hello, Unfortunately, my complete query does not go through because of the following error:The search auto-finalized ... by exchanger Path Finder in Splunk Search 03-12-2021 1 1	1	1
How to compare output of a search to a lookup file? So I've got a lookup table full of hostnames that I want to compare to a search that returns only the active hosts so... by jtelep New Member in Splunk Search 03-12-2021 0 8	0	8
a little search assistance Hello all, I need some assistance using the search below to produce a timechart of the number of events per day for t... by tkerr1357 Path Finder in Splunk Search 03-12-2021 0 3	0	3
Splunk Table with data from multiple points in time I have a datasource that drops data into Splunk every 10 minutes that contains data about my team's workflow.The data... by TedWhite Engager in Splunk Search 03-12-2021 0 2	0	2
A value remains for a length of time I am looking for a search that returns an events(s) when the searched value remains for a set length of time. Using W... by troyhochsprung New Member in Splunk Search 03-12-2021 0 3	0	3