Splunk Search

Community Activity

	Join Two Events- Showing log on and log off activity and duration I have a project that I am working on that will display when a user logs onto a server and logs out then calculates t... by Becherer Explorer in Splunk Search 02-08-2021 0 5	0	5
	How to create a time chart with row data? I have search that runs every day that populates a CSV that looks like this (I have more sources, but wanted to keep ... by UMDTERPS Communicator in Splunk Search 02-08-2021 0 2	0	2
	How do we extract multiple events from xml response from REST API call Hello Spunkers,I am trying to ingest the data using REST APIs and as a response i do see xml response in below format... by sunilbhogayta New Member in Splunk Search 02-08-2021 0 1	0	1
	Left join - find missing data from second index Hello, I am quite new to Splunk and this is my first post. Hoping that I can get some help from this awesome communit... by mattiasrs Explorer in Splunk Search 02-08-2021 0 7	0	7
	Bubble Chart How do I display the below as a bubble chart? When I click the bubble chart for my search query its not working prope... by supreme_coder Engager in Splunk Search 02-08-2021 0 1	0	1
	Understanding how to append to a lookup following an example Currently going over the Splunk App for Windows Infrastructure and found a saved search that updates a lookup table t... by ricotries Communicator in Splunk Search 02-08-2021 0 2	0	2
	How to find the perple who leave in the next day We have a game and login log. I want to anyalize the people that login today and don't login tommorow, which is to an... by Minghao Explorer in Splunk Search 02-08-2021 0 4	0	4
	Using Rex to pull out a file path , file name and extension from verbose message field Hi all, I'm new to splunk searches and would appreciate some help to find out how to pull out the file path, file nam... by ViperV Explorer in Splunk Search 02-08-2021 0 6	0	6
	Adding lookups to App? Ok not sure if in the right section. So I have been using Zeek for Splunk and TA_suricata and we are getting a lot o... by ddecker03 Loves-to-Learn Everything in Splunk Search 02-07-2021 0 3	0	3
	How to put 2 different time fraims in dashboard Dears,please can you help?I have dashboard with several panels including graphs and reports. I would like create 2 pa... by ivana27 Path Finder in Splunk Search 02-07-2021 0 1	0	1
	Split results that are in same row Currently I am running into an issue where if there is a person logs onto a server multiple times, it combines. Any i... by Becherer Explorer in Splunk Search 02-07-2021 0 2	0	2
	Concurrent Active VPN Sessions on a Timechart I'm struggling to find a working solution to show cumulative active VPN sessions on a timechart with 20m data points.... by stepheneardley Path Finder in Splunk Search 02-07-2021 0 11	0	11
	Splunk Statics Table - How to get the max of column and use it to evaluate each row Splunk Statics Table - How to get the max of column and use it to evaluate each rowHello, looking for advice and reco... by stevenulbrich Explorer in Splunk Search 02-06-2021 0 3	0	3
	Show triggered events from last 5 minutes from a 2 hour moving average Good day,We are looking at a solution to alert us on abnormal traffic spike. We have leverage the standard deviation,... by Habanero Explorer in Splunk Search 02-06-2021 0 4	0	4
	Sort issue Hey all, I am having a file that has the following stuff:#9#10#4#1..#6For everything that is not #9 or #10, I already... by jugarugabi Path Finder in Splunk Search 02-06-2021 0 2	0	2
	How to find events that match except with the fields reversed. I am trying to figure out how to display all of the reverse matches in a list by each event. This would include showi... by zaludma Engager in Splunk Search 02-05-2021 0 3	0	3
	SPL2 for onpremise I stumbled upon the documentation for SPL2 for splunk cloud. Are there any plans for SPL2 for Splunk On-premise? htt... by aa70627 Communicator in Splunk Search 02-05-2021 0 1	0	1
	Average of Seconds and Milliseconds using extracted values I am trying to put together and average duration (calculated and logged by product) as well as count. however the log... by tjsnow Explorer in Splunk Search 02-05-2021 0 3	0	3
	How to automatically rerun failed alerts Hi, I have 14 alerts that cover all the infrastructure, my company uses. I get my data from a data bus every 60 minu... by codedtech Path Finder in Splunk Search 02-05-2021 0 1	0	1
	Regex help hey all looking for some help pulling some digits via regex. I am looking to pull the numbers directly after Actual v... by tkerr1357 Path Finder in Splunk Search 02-05-2021 0 3	0	3
	# of events in the result and stats count by Hello all,We are new to Splunk , learning and working SLO/SLIs defined for the application. We are confused in the b... by bojjas Observer in Splunk Search 02-05-2021 0 1	0	1
	How to prevent results from an input file being excluded after performing a lookup against another input Hi,I have the following search:\| inputlookup ldap_assets.csv\| lookup existing_assets dns output ip bunit category cit... by ezmo1982 Path Finder in Splunk Search 02-05-2021 0 4	0	4
	epoch time subraction gives negative values Subtracting two timestamps results in negative values. Using epoch time to find the differences between two timestamp... by kishen2017 Path Finder in Splunk Search 02-05-2021 0 5	0	5
	How to combine multiple search raw strings in a single query Hi, I need to do search with multiple raw strings within a single query. When I search these strings separately, I ... by rkishoreqa Communicator in Splunk Search 02-05-2021 0 2	0	2
	evaluate multiple fields Hello,I have 2 fields I want to filter they are: name, "short name"I want to pull all the events that contains: name=... by xyz123 Explorer in Splunk Search 02-05-2021 0 4	0	4