Splunk Search

Community Activity

Comparing 2 results and showing difference My scenario is that I am trying to alert in the event where a user has been provided to an application but that same ... by willadams Contributor in Splunk Search 02-19-2021 0 2	0	2
How to exclude the results from subsearch I have one query which looks like:Query1:index=test "TestRequest" \| dedup _time \| rex field=_raw "Price\":(?<price>.... by nits Explorer in Splunk Search 02-18-2021 0 4	0	4
parse and index json fields from string message Hello,I have log in the format "2021-02-18T16:17:12,189Z [main] INFO logname -streamstart-k1:V1,K2:V2,K3:V3,streamsto... by vashodha Loves-to-Learn Lots in Splunk Search 02-18-2021 0 4	0	4
Extract a string Hi everyone, I have the below string.isadhakdahdj asdh, hosadhao activity=Follow Up, entryName=Initial Outreach, asas... by rbachu1 Explorer in Splunk Search 02-18-2021 0 2	0	2
Compare 2 queries in a dashboard hello All, I have created a dashboard with two panels. The first panel runs a search (query below) for time-window-1 ... by Joe20 Explorer in Splunk Search 02-18-2021 0 1	0	1
Splunk field extraction Hello All, I am new to splunk and I have a question regarding the splunk field extraction. Consider the following ex... by Joe20 Explorer in Splunk Search 02-18-2021 0 2	0	2
How to convert seconds to [h]:mm:ss? Hi Guys! I have an error duration in seconds, how can I convert it to [h]:mm:ss? I used the below query but the if ... by auaave Communicator in Splunk Search 02-18-2021 1 6	1	6
Using bar dashboard with drilldowns > link to search > custome (with $click.value$ variable) I am trying to use the Drilldown on Click > Link to Search > custom :LOGRC_TYPE=F8 \| eval FUNC_TRAN =AFI_LOG03FUN+"-... by aneyraba New Member in Splunk Search 02-18-2021 0 0	0	0
Passing dynamic parameters in search running from cli Hi, Is there was to dynamically pass a value like below in Splunk for running a search from cli.I am trying to write ... by bsrikanthreddy5 Path Finder in Splunk Search 02-18-2021 0 2	0	2
Extracting XML value with <> using regex I need to create a regex to match the fieldname for first match and fieldvalue for the second match. Issue happens w... by michaelrosello Path Finder in Splunk Search 02-18-2021 0 11	0	11
How to check the total consumption out of the 500MB provided by free splunk? Hi, In my production environment, I have two Asterisk Servers installed where one of them caters to 95% of the data w... by hishamjan Explorer in Splunk Search 02-18-2021 0 6	0	6
more regex help :/ Hey All,I am trying to pull the username from the following event which is everything after the Rightnetworks\ in the... by tkerr1357 Path Finder in Splunk Search 02-18-2021 0 4	0	4
How to disable 'Export Results' for specific users or roles? Hi Splunkers, I was wondering if there is an option to disable Export Results option for specific users or roles. Ba... by Murali2888 Communicator in Splunk Search 02-18-2021 2 7	2	7
Listing detail of an individual without using stats and BY Hi,I have a dataset about transactions, each event is a transaction detail about response code(success or not), their... by phamxuantung Communicator in Splunk Search 02-18-2021 0 1	0	1
rex for dynamic parttern Hi, I have a raw log with structure like this: TIME\|FROM\|TO\|URL\|ERROR\|STATUS\|ALERT Example:Wed Jan 6 15:10:01 2021\|De... by phamxuantung Communicator in Splunk Search 02-18-2021 0 5	0	5
how to extract one value from log Hi,i have log like this[Information] WebService Call CheckVehicle : country=111111, licensePlate=12DUMMYAnd i would l... by ivana27 Path Finder in Splunk Search 02-18-2021 0 9	0	9
How to sort the count by ajees_basha Explorer in Splunk Search 02-17-2021 0 1	0	1
Search 1hr using IPs from 24hr How would I take a 24 hour search such as: index=* \| iplocation src_ip \| stats count by src_ip, Country, dest_ip, des... by mztopp Explorer in Splunk Search 02-17-2021 0 4	0	4
convert table data to comma separated key value pair output I am pretty new to splunk and i have a query which uses TABLE command to filter output on certain fields. The output ... by aniket New Member in Splunk Search 02-17-2021 0 2	0	2
Using stats to join data instead of transaction I have two sources that have a common field (user) and am currently using transaction to join the user_a with the sou... by Kupo Engager in Splunk Search 02-17-2021 0 2	0	2
Comparing two fields in different format from two different sources Hi Everyone,I am trying to use a lookup table and an index to get an output as a comparison of two fields from two d... by amsagg Observer in Splunk Search 02-17-2021 0 2	0	2
Add an inputlookup from a csv to an existing search Good MorningAs I am new to Splunk, sometimes I need to try things that are beyond my comprehension at this time. Thi... by Hudond Path Finder in Splunk Search 02-17-2021 0 2	0	2
How to extract some fields from a part json part text log in Splunk I am fairly new to splunk and still learning. I have a splunk event which is a mix of some texts and json in between.... by bhartiya007 Loves-to-Learn Lots in Splunk Search 02-17-2021 0 11	0	11
Fields are not showing I have raw event like : time action severity host , etc., But when I checked interesting filed action filed is not sh... by sasankganta Path Finder in Splunk Search 02-17-2021 0 11	0	11
How do I combine multiple lookups into one lookup? Lets say I have 3 lookups >>> a-list.csv, b-list.csv, c-list.csv and the lists only have 1 column header = NameAlice ... by Glasses Builder in Splunk Search 02-17-2021 2 3	2	3