Splunk Search

Community Activity

Find values for specific distinct counts Hello all!I was hoping to take a distinct count and show either the count, or if the count is 1, show the value that ... by mztopp Explorer in Splunk Search 02-11-2021 0 2	0	2
way to run mulitple fields against a lookup, with OR statement I am trying to run two fields against one column using a lookup. This SPL does not work, but conveys what I am trying... by spicy Path Finder in Splunk Search 02-11-2021 0 2	0	2
Duplicate Entries in Table While using the table for bro conn data, I am getting duplicate data; however, if I use mvdedup, I get all the desire... by geekf Path Finder in Splunk Search 02-11-2021 0 2	0	2
Multivalue fields difference on multiple records Hello folks,I am having a hard time getting the difference between two fields of the same record, where the search qu... by Viorel Explorer in Splunk Search 02-11-2021 0 5	0	5
Merging TWO Timecharts overlay-One on Top of One Another I have the following search. index=ko_autosys sourcetype=autosys_applog_scheduler_events host="usatlb98" OR host="us... by zd00191 Communicator in Splunk Search 02-10-2021 0 4	0	4
Exclude statusCodes that are Not Three Digits I'm trying to pick up the status codes for a given api, 4XX and 5XX. I've typically done this with something like th... by rick4039 Explorer in Splunk Search 02-10-2021 0 2	0	2
Trouble With Ticker Not Populating Hello,This is a follow up post to my recent post on "Trouble with Hidden Panel Passing Value". I am having an issue w... by strehb18 Path Finder in Splunk Search 02-10-2021 0 0	0	0
how to find the earliest and latest event in an index? I simply looking for the fist event in an index and the last... to determine how long it took to index x data. any ... by hiddenkirby Contributor in Splunk Search 02-10-2021 2 12	2	12
Combining different searches into one search with different sources to produce one table view? HelloI wanted to request some assistance with the topic of combining different searches from the same index and same ... by Hudond Path Finder in Splunk Search 02-10-2021 0 3	0	3
Create Search using REST/JSON I can successfully create a search job with the help of the docs using a Curl command:curl -u "userName" -k https://h... by Tops_NI Engager in Splunk Search 02-10-2021 0 1	0	1
Panels take time to change Hi All,I am trying to display panel-One when selected One from the dropdown option, and panel-Two when selected Two f... by NS Explorer in Splunk Search 02-09-2021 0 5	0	5
Is there a setting to increase the "results per page" value when you show source? When I go to show source on an event, the maximum number of results I can display is 1000 (the "Results per page" dro... by Jeremiah Motivator in Splunk Search 02-09-2021 0 3	0	3
Need to create trellis view Hi,I have the below table:File_System Disk_Usage\logs 41\opt ... by Mrig342 Contributor in Splunk Search 02-09-2021 0 1	0	1
Splunk search bug on all data index but work well on few data Hi all, I'm creating couple of events with command : \| streamstats window=2 list(PI_Event_Status) as status list(PI_E... by cros Engager in Splunk Search 02-09-2021 0 2	0	2
How to extract value using rex? Hello,please, can you tell me how transform and extract value Timeout from next log:[Error] POS Card Validation - Res... by ivana27 Path Finder in Splunk Search 02-09-2021 0 5	0	5
Query to find devices are Commissioning and Decommissioning Need Query which we can track to find which Log sources are Commissioning and Decommissioning in SPlunk and generate ... by sahildb Engager in Splunk Search 02-09-2021 0 5	0	5
Extract distinct values from an response array that has partial text using RegEx I have an array that would be presented in an API response which is being logged in Splunk and the array format is li... by balamurugandha7 Observer in Splunk Search 02-09-2021 0 5	0	5
Splunk TA for Symantec Brightmail Anyone have TA for Symantec brightmail. by laklubinsplunk New Member in Splunk Search 02-09-2021 0 11	0	11
help for retrieving events during the week only hiI use this search in order to retrieve events between 9h and 17hNow I also want to catch the events only between th... by jip31 Motivator in Splunk Search 02-09-2021 0 3	0	3
How to have field populate once Hello Splunk Community, I have encountered a easy, yet tricky situation. I was told chart command works just like sta... by Mary666 Communicator in Splunk Search 02-09-2021 0 3	0	3
csv file exclude Hi,I will create an alert that tracks Windows (event id = 4726 - A user account was deleted) events.I have a user lis... by sfurkan Explorer in Splunk Search 02-09-2021 0 3	0	3
Retrieve result from list I have a field in log like:"policies":["Test1"]for which I am not able to search through the keyword when I have the ... by Nidd Path Finder in Splunk Search 02-09-2021 0 4	0	4
How to extract only unique email ID's from a detailed log Hi Team, Here is a sample log: 2016-07-11 16:19:52,689 [9] INFO AdidasCoach.EmailProcessorConsumer.EmailProcessorC... by vasuit1242 New Member in Splunk Search 02-08-2021 0 12	0	12
Require help with rex query Hi,I have the below type of logs:log1: Mon Feb 8 02:57:36 EST 2021 41% /logslog2: Mon Feb 8 02:57:36 EST 2021 73% /op... by Mrig342 Contributor in Splunk Search 02-08-2021 0 2	0	2
Finding difficulty in extracting count of browser type from user agent Hi I need help in determining the browser that appear in our logs. I believe the simple way to use the app TA - UA pa... by jaibalaraman Path Finder in Splunk Search 02-08-2021 0 10	0	10