Splunk Search

Community Activity

searching in splunk indexes Hello everyone! How can we solve the problem of searching for secrets in all or some splunk indexes so that splunk is... by user487596 Explorer in Splunk Search 09-02-2024 0 5	0	5
Why is the map command a risky command? Other than poor speed and performance, is there a reason why the map command is considered dangerous?The official doc... by munang Path Finder in Splunk Search 09-02-2024 1 2	1	2
regx Hi , I want to extract this line from an event.RAISE-ALARM:acProxyConnectionLost: [KOREASBC1] Proxy Set Alarm Proxy S... by Siddharthnegi Contributor in Splunk Search 09-02-2024 0 5	0	5
Skipped search Hi All,I am able to see only 4 status, why am I not able to see status=skipped and status = continued by VijaySrrie Builder in Splunk Search 09-02-2024 0 1	0	1
Create static fields after matching the field value I want to create one static field by looking status value = Issuehostm_nnamestatusAcpuOkBdiskOkCmemoryIssueDnetwokOkE... by RSS_STT Explorer in Splunk Search 09-02-2024 0 7	0	7
Splunk Query I would like to calculate the success rate of the Toup transaction via Channel( APP Or Web) in 4 API calls( E.g 4 Lev... by dinesh001kumar Engager in Splunk Search 09-02-2024 0 9	0	9
Field extraction using regex Hi All,Can anbody help us with the Regex expression to extract the feild of Channel: values will be either APP or We... by dinesh001kumar Engager in Splunk Search 09-01-2024 0 4	0	4
Group Events with pattern Hi Splunk Experts,I've been trying to group "WARN" logs, but they have a pattern (Dynamic/ Argument values) in them. ... by Thulasinathan_M Contributor in Splunk Search 09-01-2024 0 2	0	2
alternative to join that works with wildcards in lookups I am trying to use a lookup of "known good" filenames that are within FTP transfer logs, to add extra data to files ... by thx Explorer in Splunk Search 08-30-2024 0 2	0	2
Deriving a date based upon past # of months Hi All,I have a somewhat unusual requirement (at least to me) that I'm trying to figure out how to accomplish. In the... by bcanfiel83 Engager in Splunk Search 08-30-2024 0 2	0	2
Reference Manual for Custom User Interface "Manager XML" When defining a custom modular input in an app, it is possible to design a custom user interface for setting up the p... by guldendraak Explorer in Splunk Search 08-30-2024 1 1	1	1
Need solution with custom time field I am working Service now logs in Splunk. The tickets data has one field called "sys_created" this field gives the tic... by vijaynela New Member in Splunk Search 08-30-2024 0 1	0	1
Missing Data in the Dashboard Tile Hi All We have created a dashboard to monitor CCTV and it was working fine. However suddenly data stopped populating.... by jaibalaraman Path Finder in Splunk Search 08-30-2024 0 5	0	5
How to get searches with time range as All Time? Hello All, I need to search for SPLs having time range as All time. I used the below SPL:- index=_audit action=searc... by Taruchit Contributor in Splunk Search 08-30-2024 0 2	0	2
Use time and field from subsearch as search criteria in main search I have a subsearch[search index="june_analytics_logs_prod" (message=* new_state: Diagnostic, old_state: Home*)\|spath ... by nkavouris Path Finder in Splunk Search 08-29-2024 0 2	0	2
How to compare the field values from last 48 hours with field values from today Hi Splunkers, I'm trying to compare the policy names from Today with policy names from past 48 hours to see if there ... by shashank9 Explorer in Splunk Search 08-29-2024 0 5	0	5
Unknow command (__f!=v) in search log at job inspector Hello,I've create a search which contains (...(CallerCountry="CN")).When I take a look in the search log in the job i... by manuelostertag Path Finder in Splunk Search 08-29-2024 1 1	1	1
fileSizeGB AND fileCount thresholds Wondering if there are any industry best practices and/or recommendation for setting fileSizeGB AND fileCount thresh... by DDowns New Member in Splunk Search 08-29-2024 0 1	0	1
Table using regex Below is my raw log [08/28/2024 08:14:50] Current Device Info ... *************************************************... by VRP136 Engager in Splunk Search 08-29-2024 0 5	0	5
Adding asterisk to host list I'm working on a dashboard in which the user enters a list of hosts. The issue I'm running into is they must add an ... by jwhughes58 Contributor in Splunk Search 08-29-2024 0 3	0	3
Regex for string between to delimeters Hello,Thank you for your help on this in advance, I just need to create a field in Splunk Search that contains the v... by mninansplunk Path Finder in Splunk Search 08-29-2024 0 1	0	1
Forage Task Guide The task guide for the Forage job sim states this: For example, to add “Count by category” to your dashboard, type ou... by MatthewWolf New Member in Splunk Search 08-29-2024 0 1	0	1
Need a help with splunk query HI Team,When i am trying to exclude one field by inserting condition sessionId!=X its not working . even though I use... by jagan_vannala Observer in Splunk Search 08-29-2024 0 6	0	6
Extra data I have never been one to understand regex, however I need to extract everything after the first entry (#172...) into ... by btheneghan New Member in Splunk Search 08-28-2024 0 2	0	2
Handling nulls in a string I've got this searchindex=my_index data_type=my_sourcetype earliest=-15m latest=now \| eval domain_id=if(isnull(domain... by jwhughes58 Contributor in Splunk Search 08-28-2024 0 6	0	6