Splunk Search

Community Activity

Can splunk do this? search command -> mvexpand -> with more than one multi value field I have a data set that could have more than one multi-value field "MV-Field". Each value of each MV-field corresponds... by lpolo Motivator in Splunk Search 02-08-2021 2 12	2	12
Dashboard with /var/log/sudo.log, /var/log/secure and /var/log/audit/audit.log Events Hello, I am working on dashboard for our Linux admins. They require being able to view all events from /var/log/sudo.... by genesiusj Builder in Splunk Search 02-08-2021 0 8	0	8
List of host from Syslog-ng server. Hi Team I could see my license limit has reached for my syslog-ng. Can you please let me know how can I get a list of... by arjit Path Finder in Splunk Search 02-08-2021 0 2	0	2
how to group similar messages into one message and get count of them Example: errormessages total user a not found. 7 user b not found. ... by REACHGPRAVEEN Explorer in Splunk Search 02-08-2021 0 4	0	4
Reconciliation from 3 different sourcetypes Hi All,I have an issue while trying to reconcile events from 3 different source types, the events from each sourcetyp... by ashrafsj Path Finder in Splunk Search 02-08-2021 0 7	0	7
Join Two Events- Showing log on and log off activity and duration I have a project that I am working on that will display when a user logs onto a server and logs out then calculates t... by Becherer Explorer in Splunk Search 02-08-2021 0 5	0	5
How to create a time chart with row data? I have search that runs every day that populates a CSV that looks like this (I have more sources, but wanted to keep ... by UMDTERPS Communicator in Splunk Search 02-08-2021 0 2	0	2
How do we extract multiple events from xml response from REST API call Hello Spunkers,I am trying to ingest the data using REST APIs and as a response i do see xml response in below format... by sunilbhogayta New Member in Splunk Search 02-08-2021 0 1	0	1
Left join - find missing data from second index Hello, I am quite new to Splunk and this is my first post. Hoping that I can get some help from this awesome communit... by mattiasrs Explorer in Splunk Search 02-08-2021 0 7	0	7
Bubble Chart How do I display the below as a bubble chart? When I click the bubble chart for my search query its not working prope... by supreme_coder Engager in Splunk Search 02-08-2021 0 1	0	1
Understanding how to append to a lookup following an example Currently going over the Splunk App for Windows Infrastructure and found a saved search that updates a lookup table t... by ricotries Communicator in Splunk Search 02-08-2021 0 2	0	2
How to find the perple who leave in the next day We have a game and login log. I want to anyalize the people that login today and don't login tommorow, which is to an... by Minghao Explorer in Splunk Search 02-08-2021 0 4	0	4
Using Rex to pull out a file path , file name and extension from verbose message field Hi all, I'm new to splunk searches and would appreciate some help to find out how to pull out the file path, file nam... by ViperV Explorer in Splunk Search 02-08-2021 0 6	0	6
Adding lookups to App? Ok not sure if in the right section. So I have been using Zeek for Splunk and TA_suricata and we are getting a lot o... by ddecker03 Loves-to-Learn Everything in Splunk Search 02-07-2021 0 3	0	3
How to put 2 different time fraims in dashboard Dears,please can you help?I have dashboard with several panels including graphs and reports. I would like create 2 pa... by ivana27 Path Finder in Splunk Search 02-07-2021 0 1	0	1
Split results that are in same row Currently I am running into an issue where if there is a person logs onto a server multiple times, it combines. Any i... by Becherer Explorer in Splunk Search 02-07-2021 0 2	0	2
Concurrent Active VPN Sessions on a Timechart I'm struggling to find a working solution to show cumulative active VPN sessions on a timechart with 20m data points.... by stepheneardley Path Finder in Splunk Search 02-07-2021 0 11	0	11
Splunk Statics Table - How to get the max of column and use it to evaluate each row Splunk Statics Table - How to get the max of column and use it to evaluate each rowHello, looking for advice and reco... by stevenulbrich Explorer in Splunk Search 02-06-2021 0 3	0	3
Show triggered events from last 5 minutes from a 2 hour moving average Good day,We are looking at a solution to alert us on abnormal traffic spike. We have leverage the standard deviation,... by Habanero Explorer in Splunk Search 02-06-2021 0 4	0	4
Sort issue Hey all, I am having a file that has the following stuff:#9#10#4#1..#6For everything that is not #9 or #10, I already... by jugarugabi Path Finder in Splunk Search 02-06-2021 0 2	0	2
How to find events that match except with the fields reversed. I am trying to figure out how to display all of the reverse matches in a list by each event. This would include showi... by zaludma Engager in Splunk Search 02-05-2021 0 3	0	3
SPL2 for onpremise I stumbled upon the documentation for SPL2 for splunk cloud. Are there any plans for SPL2 for Splunk On-premise? htt... by aa70627 Communicator in Splunk Search 02-05-2021 0 1	0	1
Average of Seconds and Milliseconds using extracted values I am trying to put together and average duration (calculated and logged by product) as well as count. however the log... by tjsnow Explorer in Splunk Search 02-05-2021 0 3	0	3
How to automatically rerun failed alerts Hi, I have 14 alerts that cover all the infrastructure, my company uses. I get my data from a data bus every 60 minu... by codedtech Path Finder in Splunk Search 02-05-2021 0 1	0	1
Regex help hey all looking for some help pulling some digits via regex. I am looking to pull the numbers directly after Actual v... by tkerr1357 Path Finder in Splunk Search 02-05-2021 0 3	0	3