Splunk Search

Community Activity

How to get Start and End time from failed condition Hi Splunk,We have data like this: ( how to get the result like on the table StartError EndError and SumCall ?) I have... by bernanda Explorer in Splunk Search 01-27-2021 0 4	0	4
Bitbucket and Splunk integration I want to view bitbucket files changed , owners who changed bitbucket files in Splunk. Can someone please share the s... by VS0909 Communicator in Splunk Search 01-27-2021 0 0	0	0
Comparing sum results between several days I am trying to average the sum of power consumption readings between 2 days and compare that sum to a 3rd day. If the... by KaitoKozo Explorer in Splunk Search 01-27-2021 0 2	0	2
How to regex specific word string? Hello,Ignoring commas and spaces, how do I grab just the name string from the below log? Below regex kept returning t... by limalbert Path Finder in Splunk Search 01-27-2021 0 4	0	4
Can I change _time based on time within data that is ingested Hi , I have a report that is ingested in splunk. Due to the report format not correctly ingested by splunk, I had don... by janesh22 Explorer in Splunk Search 01-27-2021 0 4	0	4
Extracting field with spath from JSON sourcetype overwrites field in other None-JSON sourcetype Hi,looked through documentation and Splunk answers but did not find reason/root cause for the following obervation:We... by flle Path Finder in Splunk Search 01-27-2021 0 1	0	1
Splunk alert for peak errors only Hi, I am working on a query to write an alert where i need to monitor few pages for 500 Errors. Now currently there ... by shashank_24 Path Finder in Splunk Search 01-27-2021 0 1	0	1
How to compare two json objects for equality? I have a table where the x axis labels are a json object of parameters that were passed into a test. The y axis are a... by rmullin Loves-to-Learn Lots in Splunk Search 01-27-2021 0 1	0	1
PII in Email Hi, How can I find PII data in our email dashboard. Thank youPersonally Identifiable Information DetectedDetects pe... by rclifford New Member in Splunk Search 01-27-2021 0 3	0	3
How to dedup multivalued fields? Some of the data coming in from one of our indexes is doing the following( It appears data is repeating for each fiel... by UMDTERPS Communicator in Splunk Search 01-27-2021 0 11	0	11
Calculate the average of 99th percentile Hi, I am working on a query where I need to calculate the average of 99th percentile values over a 5 minute period of... by shashank_24 Path Finder in Splunk Search 01-27-2021 0 2	0	2
earliest and latest information in custom python search command I was not able to find in the doc a way to get earliest and latest information from the datetimepicker to use in my g... by sbsbb Builder in Splunk Search 01-27-2021 1 2	1	2
How do i use eval to calculate two fields? What I am trying to accomplish with the command is to find the events with the EventCode "4624" and Logon_Type "10" o... by FYPTEST Engager in Splunk Search 01-27-2021 0 2	0	2
Search for instances of 'test' but not 'testn' I would like to see instances with the source 'test*' - that is everything that starts with 'test' but eliminate 'tes... by here2infinity Explorer in Splunk Search 01-27-2021 0 3	0	3
Subtring from url field and then group using the url I have a field "BackendURL" which contains different url's. for eg : http://abc.com/emp?name=jim&no=101 http://abc.... by arunprasadlv Explorer in Splunk Search 01-27-2021 0 7	0	7
inputlookup excluding index I am trying to write a query that will ignore events in certain indexes (these indexes change over time). I have a ... by jmo1 Path Finder in Splunk Search 01-27-2021 0 2	0	2
Get a list of ID by date and compare with lookup file and get result not in search Hi everyoneI have a lookupfile that contains a name and an ID Brokers.csv Name ID Broker1 101 Broker2 ... by mzn1979 Explorer in Splunk Search 01-27-2021 0 2	0	2
Using field values from a lookup to modify other field values Hey everyone,above you can see an example of what I can expect in my work environment..My goal is to modify the value... by FelixLeh Contributor in Splunk Search 01-27-2021 0 2	0	2
How to display date values based on picker and sort it based on the value being pick Hi - i'm working on a simple dashboard where user will pick a certain date in a multipicker. Once date is being picke... by Dylan_Kyle Loves-to-Learn Lots in Splunk Search 01-27-2021 0 1	0	1
How to create a trigger alert with condition that relies on an other alert? Hello splunkers, I don't now if my title makes sense but here is the situation : I have an alert called buy signal an... by mcayrol Explorer in Splunk Search 01-26-2021 0 2	0	2
help on where not condition which works randomly hiAs you can see at the end of my search, I use a where conditionBut sometimes, even if the condition is true ('Geolo... by jip31 Motivator in Splunk Search 01-26-2021 0 16	0	16
Geographical distance calculation in Splunk Cloud (replacing haversine) Hi all, We are currently migrating from Splunk on-premise to the Cloud. One of the apps we heavily use is haversine t... by rcornett New Member in Splunk Search 01-26-2021 0 3	0	3
Help with REGEX Hello, I need a regex to extract the GUID from non-standard UPN results that show up in this format: ex095838d@mydoma... by fdevera Path Finder in Splunk Search 01-26-2021 0 2	0	2
How to create a search with 2 columns in lookup? I would like to do a search using 2 columns in a lookup table where the row is AND'd. Something like Col1Col2A1B2C3D... by ejulien Engager in Splunk Search 01-26-2021 0 2	0	2
Splunk add-on for AWS: In a generic S3 input, can a key-prefix contain a wildcard? Trying to use a key-prefix when setting up a Generic S3 input that utilizes a wildcard in the path, but it doesn't lo... by travislelledeep Explorer in Splunk Search 01-26-2021 1 3	1	3