Splunk Search

Community Activity

SPL on configuration files Hi , I would like to know if we can use SPL commands on configuration files to filter incoming data ?Cause using Rege... by jadengoho Builder in Splunk Search 02-14-2021 0 3	0	3
How to bring 2 different numerical fields under one column name I have to bring 2 different numerical fields in one column name .I am fetching the fields from a view .Example :I hav... by dtccsundar Path Finder in Splunk Search 02-13-2021 0 1	0	1
How can i retrieve the SID of a saved search by curl? How can i retrieve the SID of a saved search by curl? by Robertoing Explorer in Splunk Search 02-13-2021 0 3	0	3
Combining the results from 2 indexes in splunk query I have one index idx1 and other index idx2 and a common column "A" on which matching needs to be done.I'm facing diff... by abhinav_aashish Explorer in Splunk Search 02-13-2021 0 3	0	3
Filter events using Distinct Count instead of dedup Hello All, May I request you to help me with the query below I have two fields "customertripid & success"Customertri... by beriwalnishant Path Finder in Splunk Search 02-13-2021 0 8	0	8
Issues with lookup matching on field values Hi,I have scan dataset. It has a field name TEXT. This field contains the data for test results. I am provided a data... by mbasharat Builder in Splunk Search 02-12-2021 0 3	0	3
stats count for a text value associated with a number Hi everyone,I am stuck in a situation where in my app logs there are two important values(one is a number and other i... by lazyturtle_ Explorer in Splunk Search 02-12-2021 0 8	0	8
Stats Average after timechart incorrect I want to get a per second average over a period of time. I am running into an issue getting an average of these valu... by aohls Contributor in Splunk Search 02-12-2021 0 1	0	1
[Service Now Logs] How to hide from the search Events with the same number whose final state is "Closed" Hi Splunkers!First time posting here, but I could really need some help. I've been meddling with Splunk for a while, ... by JLC Observer in Splunk Search 02-12-2021 0 6	0	6
Finding Events Between Other Events I might be confusing myself by making this harder than it is...Say I have a log where the events are:LOGINACTION (1)A... by DLThurston Observer in Splunk Search 02-12-2021 0 3	0	3
Eliminating "duplicate" rows I am trying to construct an alert for someone when there is a duplex-mismatch on our network switches. When it happen... by _smp_ Builder in Splunk Search 02-12-2021 0 2	0	2
Input lookup and matadata truncates the logs Hi All,Can you please help me with my problem? I would like to check all the hosts in the CSV file which are for some... by diirn Explorer in Splunk Search 02-12-2021 0 4	0	4
Need the output of list of usernames and timestamp of the event in the splunk string Need the output of list of usernames and timestamp of the event in the splunk string for below event. We have list ... by ravir_jbp Explorer in Splunk Search 02-12-2021 0 1	0	1
combine events from index and inputlookup Hello,I would like some helpI am trying to combine 2 events from my index and 2 event coming from a lookup file, into... by hvdtol Path Finder in Splunk Search 02-12-2021 0 3	0	3
Filtering search results I'm a new user of Splunk 6.5.7. I have a search but only want results for 288 specific customerIDs. This would be a ... by Poacher Engager in Splunk Search 02-12-2021 0 2	0	2
Split Multiple data in column with mutliple delimiter Hello ! I am sorry if the issue has already been addressed. Several topics talk about it but I haven't been able to a... by bcouavoux Explorer in Splunk Search 02-12-2021 0 7	0	7
Eval based on multivalue field and _time I have a set of results with _time, many single value fields, and a multivalue field which contains a large set of ep... by adamsmith47 Communicator in Splunk Search 02-11-2021 0 1	0	1
Get source logs from pod Hello,I'm really a newbie with Splunk and just started to use it.First, can someone recommend me good tutorials about... by jocteau New Member in Splunk Search 02-11-2021 0 3	0	3
How can I avoid browser freeze when searched records are long with no newlines When I do some searches I get records which are very long and have no newlines. The browser (Firefox in my case) effe... by petenetwork Explorer in Splunk Search 02-11-2021 0 2	0	2
Why is my newly created field extraction not showing up in the fields sidebar? I've seen similar questions to mine asked, but none of the advice has solved my issue. I created a new field extract... by martywalser Explorer in Splunk Search 02-11-2021 1 11	1	11
Need Help with query Trying build a time chart for Top 10 CPU consuming Processes for a Linux host for a given timeframe. index=os host=x... by omprakash9998 Path Finder in Splunk Search 02-11-2021 0 1	0	1
I'm trying to search between 2 indexes that correlates field value to return back certain fields. I'm trying to search between 2 indexes that correlates field value to return back certain fields.For example index a ... by payton_tayvion Path Finder in Splunk Search 02-11-2021 0 1	0	1
Why search can return 200 result but stats count by host shows 0 result I used query index=testindex _raw=* and successfully returned 200+ result.However, when I added stats index=testindex... by mind1n Engager in Splunk Search 02-11-2021 0 2	0	2
Find values for specific distinct counts Hello all!I was hoping to take a distinct count and show either the count, or if the count is 1, show the value that ... by mztopp Explorer in Splunk Search 02-11-2021 0 2	0	2
way to run mulitple fields against a lookup, with OR statement I am trying to run two fields against one column using a lookup. This SPL does not work, but conveys what I am trying... by spicy Path Finder in Splunk Search 02-11-2021 0 2	0	2