Splunk Search

Community Activity

Sort issue Hey all, I am having a file that has the following stuff:#9#10#4#1..#6For everything that is not #9 or #10, I already... by jugarugabi Path Finder in Splunk Search 02-06-2021 0 2	0	2
How to find events that match except with the fields reversed. I am trying to figure out how to display all of the reverse matches in a list by each event. This would include showi... by zaludma Engager in Splunk Search 02-05-2021 0 3	0	3
SPL2 for onpremise I stumbled upon the documentation for SPL2 for splunk cloud. Are there any plans for SPL2 for Splunk On-premise? htt... by aa70627 Communicator in Splunk Search 02-05-2021 0 1	0	1
Average of Seconds and Milliseconds using extracted values I am trying to put together and average duration (calculated and logged by product) as well as count. however the log... by tjsnow Explorer in Splunk Search 02-05-2021 0 3	0	3
How to automatically rerun failed alerts Hi, I have 14 alerts that cover all the infrastructure, my company uses. I get my data from a data bus every 60 minu... by codedtech Path Finder in Splunk Search 02-05-2021 0 1	0	1
Regex help hey all looking for some help pulling some digits via regex. I am looking to pull the numbers directly after Actual v... by tkerr1357 Path Finder in Splunk Search 02-05-2021 0 3	0	3
# of events in the result and stats count by Hello all,We are new to Splunk , learning and working SLO/SLIs defined for the application. We are confused in the b... by bojjas Observer in Splunk Search 02-05-2021 0 1	0	1
How to prevent results from an input file being excluded after performing a lookup against another input Hi,I have the following search:\| inputlookup ldap_assets.csv\| lookup existing_assets dns output ip bunit category cit... by ezmo1982 Path Finder in Splunk Search 02-05-2021 0 4	0	4
epoch time subraction gives negative values Subtracting two timestamps results in negative values. Using epoch time to find the differences between two timestamp... by kishen2017 Path Finder in Splunk Search 02-05-2021 0 5	0	5
How to combine multiple search raw strings in a single query Hi, I need to do search with multiple raw strings within a single query. When I search these strings separately, I ... by rkishoreqa Communicator in Splunk Search 02-05-2021 0 2	0	2
evaluate multiple fields Hello,I have 2 fields I want to filter they are: name, "short name"I want to pull all the events that contains: name=... by xyz123 Explorer in Splunk Search 02-05-2021 0 4	0	4
How to generate Previous Event Time into Current Event by matching a particular field value. Current Output :Disconnected_timeDisconnected_Session_Namecount2021-02-02T02:04:29.000RDP-Tcp#10122021-02-02T02:15:55... by vn_g Path Finder in Splunk Search 02-05-2021 0 10	0	10
Remove square brackets from timestamp Hi, hoping someone can help with this as its been a while since I used Splunk and I can't seem to figure this out!I'm... by jbesant Explorer in Splunk Search 02-05-2021 0 4	0	4
How to display a popup when i open the dashboard HiI would like to open a popup " please fait à few seconds" when i open my dashboardHow to do this please? by jip31 Motivator in Splunk Search 02-05-2021 0 1	0	1
Replace and add digit Hello, I have the following situation - in the original files I have the following information in the field:ServerNam... by jugarugabi Path Finder in Splunk Search 02-04-2021 0 2	0	2
Speeding up a Search against lookup table searching large index Have a small lookup table with 135 dest_ip and a search that is searching that lookup table against a 40 TB index (... by okretzer Engager in Splunk Search 02-04-2021 0 3	0	3
Combine Multiple Fields Hello, I'm relatively new to Splunk. I have multiple fields with different naming schemes that have different or ide... by JaysonD123 Explorer in Splunk Search 02-04-2021 1 1	1	1
Using result of one search for another Hi all! I am relatively new to splunk and I am trying to use the results of one search for another search,So...index=... by splunk_new1 Explorer in Splunk Search 02-04-2021 0 3	0	3
Search Marcro - Sending Results to Macro Variable. Hi, I'm having the hardest time trying to figure out how to pass an event field into a variable argument to be used i... by chrisboy68 Contributor in Splunk Search 02-04-2021 0 3	0	3
Percentage calculation by timechart We have a request to get values from particular field based on % of bin count. (1) index=ABC \| timechart span=1d cou... by vikram_m Path Finder in Splunk Search 02-04-2021 1 7	1	7
Match Substring in Multivalue field and return only the matched substring values ReconnectedTimeReconnectedDetails2021-02-02T16:46:19.0002021-02-02T08:54:48.000\|viceusr\|0xA310B\|BEK-329999910922\|11.1... by vn_g Path Finder in Splunk Search 02-04-2021 0 3	0	3
Extract value from field Hello everyone,I have multiple fields and i want to extract an ID from it. (That's the only value that changes in it)... by CesarCrt Path Finder in Splunk Search 02-04-2021 0 5	0	5
How to tell if event is within X seconds (both forwards/backwards) of another event Using 'delta' I am able to figure this out, but in one time direction. Now I need the other time direction.In the cu... by duckware Explorer in Splunk Search 02-04-2021 0 2	0	2
Pass field into a subsearch from stats command Hi, i have datanamebinarykeynumberSteve110012345Steve10013246Steve 12347Charles 23456 I am trying to count the whethe... by ssaenger Communicator in Splunk Search 02-04-2021 0 14	0	14
Multiple Stats Multiple Indexes I have 3 data sets that I need to combine with 1 data set not having a field to perform a compare. I initially start... by willadams Contributor in Splunk Search 02-03-2021 0 6	0	6