Splunk Search

Community Activity

How to pull latest scan data with full EST date/time? Currently we are having issues with our scan data comming in to out indexer, so we have to use CSV's for scan data .... by UMDTERPS Communicator in Splunk Search 03-04-2021 0 7	0	7
Unique users by application over time periods in a timechart table As a example, I have a search that calculates "Unique Users per Application" and this can be constrained to a particu... by nickstone Path Finder in Splunk Search 03-04-2021 0 5	0	5
How to Add time in the Dashboard Hello,I have a query (e.g. "....... " \| stats count, avg(...)) and after that I get as resultOwnColumn Count AVGXYZ ... by exchanger Path Finder in Splunk Search 03-04-2021 0 1	0	1
How to write VPN DHCP pool stats by AnonymousPerson New Member in Splunk Search 03-04-2021 0 1	0	1
Using sub search result to add to main search Hi, I have a main search that look like this index=main RESPONSE_CODE="0" earliest =-4mon@mon latest=mon@mon \|stats c... by phamxuantung Communicator in Splunk Search 03-04-2021 0 6	0	6
how to excluse a result from a search hiin the search below I need to excluse the results when instance=_total index="perfmon-fr" \| fields %_User_Time hos... by jip31 Motivator in Splunk Search 03-04-2021 0 1	0	1
ML Users hitting Limits Our ML team use the API to export large numbers of events for model training.They are hitting limits: [searchresults]... by jonaclough Path Finder in Splunk Search 03-04-2021 0 0	0	0
How to convert tabular data to distinct count How to convert tabular data to distinct countHi,I have a splunk query\| stats count by operation (under field operatio... by VijaySrrie Builder in Splunk Search 03-04-2021 0 5	0	5
Nested stats and json keys grouping Hi ,I have a json structure like this : { "zip": 67452, "location": "NY", "author": { "book1": { "pr... by mkiran18 Loves-to-Learn in Splunk Search 03-04-2021 0 4	0	4
how to read comment line Hi ,I have data where i want to read comment line and store value in field.for example , I have log where first 4... by pragycho Loves-to-Learn in Splunk Search 03-04-2021 0 2	0	2
How to round stats average to 2 decimal places? Hello, I have this: stats count by opentime \| stats avg(count) and I want the average to be in 2dp. Anyone have an... by markthompson Builder in Splunk Search 03-03-2021 5 11	5	11
Getting Syslog logs into Splunk last version Hi, I'm new in Splunk and I'm trying to collect Syslog log to indexers. I have read in Splunk documentation that Splu... by porbea01 New Member in Splunk Search 03-03-2021 0 8	0	8
Extract field from another dynamic field I have a field from the search query called source which has a pattern of "text:text:text:dynamicText:dynamicText:dyn... by thenormalone Path Finder in Splunk Search 03-03-2021 0 3	0	3
calculates the availability of a service with active server and passive server Hello,@rnowitzki @renjith_nair could you help me on the following question please:I index every day at 6 p.m. splunk ... by wcastillocruz Path Finder in Splunk Search 03-03-2021 0 8	0	8
Can we get a query to fetch the savedsearches/dashboards which are running with timerange more than 24 hours Can we get a query to fetch the savedsearches/dashboards which are running with timerange more than 24 hours In oour ... by Naga Engager in Splunk Search 03-03-2021 0 1	0	1
Filter records from Table based on a column value as a number Here is my Splunk Query:index=test "Entry Done for Id=" \| rex field=_raw Id=(?<Id>.*?)# \| rex field=_raw UserID=(?<Us... by nits Explorer in Splunk Search 03-03-2021 0 1	0	1
Add transactions with a sub-search Hello,@scelikokCould you help me on the following search please?I have a main search which groups me together all the... by wcastillocruz Path Finder in Splunk Search 03-03-2021 0 0	0	0
How to get average count of one field by day as a line chart I have events that contain a userId field and I would like to make a line chart to visualize the average count per da... by vmvd Explorer in Splunk Search 03-03-2021 0 3	0	3
How to handle \n in regex In some of the events, I have '\n' in the events :message: org.springframework.jdbc.UncategorizedSQLException: Calla... by ppatkar Path Finder in Splunk Search 03-03-2021 0 1	0	1
Adding column based on values from other columns I have this code that shows me the start and end times of runs of a program:index=index1 source=source1 \| transaction... by Soogbad Engager in Splunk Search 03-03-2021 0 3	0	3
How to filter IIS logs with regular expression? i do like to filter out Status code and Time Taken and other as fields#Fields: date time s-ip cs-method cs-uri-stem c... by sachdeva_2007 Explorer in Splunk Search 03-03-2021 0 8	0	8
How to transpose a table by id? Hi All,I have a table similar to the followingidtime12021-03-03 13:52:53.15812021-03-03 13:52:53.00112021-03-03 13:52... by simo Path Finder in Splunk Search 03-03-2021 0 2	0	2
How to index only the data payload from json so that it will be recognized as a standard access_combined_wcookie sourcetype? I have my apache access logs going to cloudwatchlogs in aws. I used to use the aws addon TA for splunk to collect the... by hnelsonit Explorer in Splunk Search 03-03-2021 0 7	0	7
regex exclude nth word in the event I want to ignore the actual file name in my exception events so I can group the exceptions .For example, regex on bel... by ppatkar Path Finder in Splunk Search 03-03-2021 1 4	1	4
Free space counter for C D and E drive in table format for multiple Windows server Below are the event count in splunk. I am trying to create "% Free Space" for all three drive (C:,  E).03/02/2021 23... by ravir_jbp Explorer in Splunk Search 03-03-2021 0 7	0	7