Splunk Search

Community Activity

Add a comment to a search? I'm working on a really large search right now (on the order of 35 lines long). Is there a good way to insert a comme... by Jason Motivator in Splunk Search 02-23-2021 13 37	13	37
Code to prepare a Comparison Result table. Hi All,Need help in a Splunk code. Below is the data am having and a sample Table how the output looks like.Input dat... by jerinvarghese Communicator in Splunk Search 02-23-2021 0 4	0	4
Trigger an alert after comparing two search results I have two search conditions that I need to trigger alerts from. I have a hundred hosts on a HA cluster. Sometimes ho... by NatSec Explorer in Splunk Search 02-23-2021 0 2	0	2
how to create hyperlink for a plain text that directs to search query on splunk dashboard Hi ,Please help on this @niketnthe below 2 rows as single panelsearch by employeeid(hyperlink)search by app(hyperlink... by REACHGPRAVEEN Explorer in Splunk Search 02-23-2021 0 3	0	3
Extract Field Issue, but when using in a search. My goal is to match whatever is after "Commit Description:" up until but not including the " after TASK0123456. I don... by kgs Loves-to-Learn in Splunk Search 02-23-2021 0 2	0	2
Get the exception and Error in Splunk query I am trying to build a splunk query to get the error summary from a log. I want to capture all the events where ther... by bhartiya008 Explorer in Splunk Search 02-23-2021 0 7	0	7
Cascading replication of large bundles Hello everyoneI found a wierd bug in the cascading replication process. The shcluster captain says when he tries to r... by eylonronen Explorer in Splunk Search 02-23-2021 0 0	0	0
Field renaming of some but not all fields While on a mission to eradicate 'join', I was showing someone how to replace a join statement with stats.However, the... by bowesmana SplunkTrust in Splunk Search 02-23-2021 0 2	0	2
How to get an epoch time for $client_time.latest$ Hi,I have a dashboard with a dropdown form allowing users to select the time period they wish to analyse.I am looking... by trapper_dave Engager in Splunk Search 02-23-2021 0 3	0	3
Extract Field with Backslash and Quotes I'm trying to extract this field that has colon, backslash and quotes around it and its not yielding any result.Field... by ank15july96 Engager in Splunk Search 02-22-2021 0 5	0	5
Using two lookup tables in one query I am trying to create an alert that will utilize a search with data from two lookups. Basically, I want to:Take/retur... by bp32795 New Member in Splunk Search 02-22-2021 0 1	0	1
Memory usage I need a query to find Memory usage more than 90 percent by hostnameis it a good idea to do in splunk vs app dynamics by Murlivelage New Member in Splunk Search 02-22-2021 0 1	0	1
How to combine two queries into one? I have two query that is exact same except the use of the lookup for each search. The one query includes data from a ... by dwibedi03 Explorer in Splunk Search 02-22-2021 0 2	0	2
REST API: DBX: Specify time range Need to run a dbxquery command via the REST API, and having trouble defining the search's time range in that context.... by mxanareckless Path Finder in Splunk Search 02-22-2021 0 3	0	3
dnsrequest url or query help Hi Splunk community,I am trying to determine the impact of removing Adobe Flash from our environment.I have done basi... by tod_s New Member in Splunk Search 02-22-2021 0 3	0	3
foreach and subsearch values I am using a table of results a \| b \| c \| search \| d \| e ======================================... by splunk_new1 Explorer in Splunk Search 02-22-2021 0 2	0	2
Bandwidth usage from Firewall I'm looking to create a bandwidth chart showing the bandwidth traffic our firewall over a time period and converting ... by jparrenas26 Engager in Splunk Search 02-22-2021 0 6	0	6
Disable default sorting behavior Context: existing Splunk installation I'm working with is not very robust when handling search requests due to sheer ... by avshabanov New Member in Splunk Search 02-22-2021 0 1	0	1
Removing Single Fields From a List of Maps Hi,I have an event json similar to:{"stages":[{"duration":12,"status":"Success","children":[{"test":"integration","re... by steeleverint Engager in Splunk Search 02-22-2021 0 2	0	2
Proper execution of subsearch help So here is my existing query as it runs nowsourcetype=snort[search sourcetype=snort \|top limit=20 src\| table src]\| st... by kelie Path Finder in Splunk Search 02-22-2021 0 4	0	4
Multiple Timecharts by a field in single search I wanted to create multiple timecharts in a single search. The scenario i am stuck in is something like this :index =... by nagpalga Engager in Splunk Search 02-22-2021 1 5	1	5
Cataloging Report Notification Actions I am looking to catalog which reports/alerts utilize which notification actions. I have a search currently that keys ... by deaseec Engager in Splunk Search 02-22-2021 0 2	0	2
event firing before the user ever makes a change to the form input? Hi all, hope all is well!I'm unsetting a token in the <change> block of a <query>. However, I'm finding that the <uns... by tonymaibox New Member in Splunk Search 02-22-2021 0 2	0	2
How to enable the Lookup Updater in canary app By upgrading to splunk v8.0.5, I can no longer use the lookup updater that was previously possible with Sideview Admi... by saeko18 New Member in Splunk Search 02-22-2021 0 0	0	0
Splunk split events to extract text I have multiple events in Splunk like below :Exception:100 : *** Error 3006 Logons are disabled., Job=ABCException:XY... by ppatkar Path Finder in Splunk Search 02-22-2021 0 4	0	4