Splunk Search

Community Activity

How do you use IF / Else statement to pull different fields including JSON elements? Hello Community,2 part question: First, how to use an IF / ELSE statement, secondly, how to specify the JSON elements... by ShoeBuster Observer in Splunk Search 02-16-2021 0 2	0	2
eval isnull Hi! Anyone know why i'm still getting NULL in my timechart? The lookup "existing" has two columns "ticket\|host_mess... by subtrakt Contributor in Splunk Search 02-16-2021 2 5	2	5
Error: has exceeded configured match_limit Hi all,please can you help to solve this error by modifying rex line. Here is my error:Error in 'rex' command: regex=... by ivana27 Path Finder in Splunk Search 02-16-2021 0 7	0	7
How to stop loading for entire splunk dashboard? Hello All, I have and seen many others loading wrong splunk dashboard.Knowing that splunk dashboards at times contain... by Pathik Path Finder in Splunk Search 02-16-2021 0 0	0	0
List of Serverclass and apps in deployment server SPlunk SPL query to list unique serverclass and Apps present in deployment server. by shinde0509 Explorer in Splunk Search 02-16-2021 0 2	0	2
How to show percentages calculated by totals Hi Splunkers,please help. I have search where i want to show percentages by host of how many errors (mentioned below)... by ivana27 Path Finder in Splunk Search 02-16-2021 0 2	0	2
grouping events based on start and end Hi Alli have a below data DateOrginaldatejobidprocess_nameMessge_text14-02-2020 T11:30:0014-02-2020 T11:25:00a1234tes... by venky1544 Builder in Splunk Search 02-16-2021 0 2	0	2
Using Join to fields with another values I have lookup with possible sources and i'm comparing them with the real log events to check if any of them don't sen... by Astorn Loves-to-Learn in Splunk Search 02-16-2021 0 8	0	8
How to fill null value of multi value fields with other value in search output Hello Community, I need to fill null value of multi-field values with any value , i.e 0 or Not found. Here's the sa... by sharif_ahmmad Explorer in Splunk Search 02-15-2021 0 20	0	20
Search a Datamodel using field values from a lookup csv file I have a lookup: test.csv that has a list of 10 IP's (src_ip). I want to be able to search a datamodel that looks fo... by mztopp Explorer in Splunk Search 02-15-2021 0 1	0	1
Current Splunk Host and IP How do I confirm the host name & IP address of a host I am logged in in Splunk GUI? by SamHTexas Builder in Splunk Search 02-15-2021 0 1	0	1
How to build a search with queries depending on each other? I have a scenario where typical HTTP requests are logged in Splunk.Every request has an unique identifier which is sa... by moguai Explorer in Splunk Search 02-15-2021 0 4	0	4
Use token just if is defined Hello,I need to create a dashboard panel (table) doing a query that uses the following filtering condition:account_na... by maaneeel Explorer in Splunk Search 02-15-2021 0 4	0	4
How to do multi join in a single query i am trying to write a single query like below, Id is the common field in all the queries.query1 + join[query 2], que... by ajee_villa Observer in Splunk Search 02-15-2021 0 1	0	1
How to extract an integer value after colon and display results using timechart? NOTICE: <script>: [3473090307\|3167225225](SENDER[10.65.197.2:5073]): Current Active Inbound Calls: NOTICE: <script>: ... by hishamjan Explorer in Splunk Search 02-15-2021 0 7	0	7
How do you reset a dashboard field after hitting the submit button? I have a dashboard form that uses free text inputs to write into a CSV file. How do I get the fields to reset after I... by mrtolu6 Path Finder in Splunk Search 02-15-2021 0 4	0	4
Get data from the last 2 business days I'm setting an alert that will run everdy business day at 9AM and triggers only if the sum of a field is 0 for 2 cons... by younesboumaaz Engager in Splunk Search 02-15-2021 0 3	0	3
Compare two lists of values, not on the same row I have a query which runs once a day and which produces a list of all countries a user has visited over the last 30 d... by Tim00 Explorer in Splunk Search 02-15-2021 0 10	0	10
Aggregate results with count Hi there,Got some pain with aggregating results from 2 queries, which seemed simple at first glance...Query 1: source... by sweiland Path Finder in Splunk Search 02-15-2021 0 6	0	6
splunk search I have an event value like this 2021-02-15 18:07:33,936, where the last value after comma(936) means the response t... by foysal0124 Explorer in Splunk Search 02-15-2021 0 5	0	5
Timechart how to keep latest value I'm getting in my splunk database a set of data coming from 8 sensorsThose 8 sensor work in a consecutive sequenceTha... by d_rech67 New Member in Splunk Search 02-14-2021 0 2	0	2
SPL on configuration files Hi , I would like to know if we can use SPL commands on configuration files to filter incoming data ?Cause using Rege... by jadengoho Builder in Splunk Search 02-14-2021 0 3	0	3
How to bring 2 different numerical fields under one column name I have to bring 2 different numerical fields in one column name .I am fetching the fields from a view .Example :I hav... by dtccsundar Path Finder in Splunk Search 02-13-2021 0 1	0	1
How can i retrieve the SID of a saved search by curl? How can i retrieve the SID of a saved search by curl? by Robertoing Explorer in Splunk Search 02-13-2021 0 3	0	3
Combining the results from 2 indexes in splunk query I have one index idx1 and other index idx2 and a common column "A" on which matching needs to be done.I'm facing diff... by abhinav_aashish Explorer in Splunk Search 02-13-2021 0 3	0	3