Splunk Search

Community Activity

Randomizing text? I'm looking to obscure data by randomizing text. Does anyone have a simple way to do this against a field in Splunk?... by the_wolverine Champion in Splunk Search 01-20-2021 0 4	0	4
Chart # of instances for a process, w/ sum of RAM and avg CPU of all those instances Really stumped on this. We would like to count the number of instances of each process run on a server, and present t... by mxanareckless Path Finder in Splunk Search 01-20-2021 0 0	0	0
Calculate percentage increase/reduction Hello,I have calculated my Total Escalations per Quarter using stats count and I would like to include another field ... by superisk Explorer in Splunk Search 01-20-2021 0 2	0	2
Extracting string from field in lookup Hi, I have a few fields in lookup from which I am trying to extract strings. I read that rex is what I should be usi... by Rgk_Trail Explorer in Splunk Search 01-20-2021 0 2	0	2
Different data format into same source type Recently we changed the data logging process at source and it changed the event format of the Site minder log source ... by arrangineni Path Finder in Splunk Search 01-20-2021 0 1	0	1
Chart including no results I'm trying to create a chart showing activity from May through until now, knowing that the activity ceased some month... by jacqu3sy Path Finder in Splunk Search 01-20-2021 0 2	0	2
how to prevent users from creating knowledge objects in custom app Hello Splunkerswe are trying to restrict users (non admins) from creating knowledge objects (dashboards and reports) ... by AzmathShaik Path Finder in Splunk Search 01-20-2021 0 4	0	4
Need help in 2 stats operator Hi All,need help in using 2 stats operation in one program.My program: index=opennms "uei.opennms.org/nodes/nodeUp" O... by jerinvarghese Communicator in Splunk Search 01-20-2021 0 3	0	3
Alternative command for bin command Hello ALLI want the alternative search for the following search command\|bin span=1W _time aligntime=latest which giv... by renuka Path Finder in Splunk Search 01-20-2021 0 1	0	1
Sparkline column - correct but shrinked VS wrong but stretched HelloIn the search as below: index=_audit action=alert_fired ss_app=app_name \| eval alert_severity = case (severity=... by altink Builder in Splunk Search 01-20-2021 0 1	0	1
Get Currently logged in Users Hi, I am building a dashboard for my application being monitored in Splunk. As part of this i am getting the timestam... by ajebakumar Loves-to-Learn in Splunk Search 01-20-2021 0 1	0	1
Looking for exclusion query I am having index (server_patching) which contain the details like changeNo, patching date etc of server which are pa... by ChetanArgekar Explorer in Splunk Search 01-20-2021 0 1	0	1
How to create couple of values in order to compare both field value Hi, Here is my raw data : ID, Version, Date, Status 10874381,1,2020-01-15T08:36:00Z,New 10874381,1,2020-01-15T08:46:0... by cros Engager in Splunk Search 01-20-2021 0 1	0	1
ldapfilter does not return all attributes I'm trying to use Splunk to return a list of records that have been modified in our LDAP since a particular datetime... by paulalbert Engager in Splunk Search 01-20-2021 0 1	0	1
How do I create a histogram to show distribution of hosts having particular range of uptime? I have a search like this: index=my_index search=my_search \| stats count as no_of_hosts by uptime It gives me uptime... by asingh4177 Engager in Splunk Search 01-20-2021 0 4	0	4
Can Add-on Debug Refresh be run from a cluster Hi @MuS Sorry for the direct contact, I hope it's ok to ask you a question about "Add-on Debug Refresh".I have used i... by robertlynch2020 Influencer in Splunk Search 01-19-2021 0 1	0	1
Time range not substitued by earliest/latest On our search head cluster we are running into the following issue. When searching using the time picker everything w... by MattibergB Path Finder in Splunk Search 01-19-2021 0 4	0	4
Regular Expression in Search I currently have a search looking for specific attack_id values. For example: ("attack_id=3040" OR "attack_id=3057"... by balcv Contributor in Splunk Search 01-19-2021 2 11	2	11
How can we add original fields after using stats count? Hi,We have a use-case where responses(host_addr) returned from DNS queries are passed through AbuseIPDB API to check ... by att35 Builder in Splunk Search 01-19-2021 0 2	0	2
how to get specific item in a nested json array I have a field named "test" which has the following json. If I do:\| fields test{}.data{}{}.metric, test{}.data{}{}.va... by swin88 Engager in Splunk Search 01-19-2021 0 2	0	2
How to add value based on matrix comparison Hi all, My data is logging of support ticket. i retrieved all the change state of each ticket with the transaction co... by cros Engager in Splunk Search 01-19-2021 0 4	0	4
Assistance with Map using Map to perform a search from a table of the original search TLDR: Goal is to perform an initial search which returns table of time user authenticated, then for each row in the ... by atljoer Loves-to-Learn in Splunk Search 01-19-2021 0 3	0	3
How to lower case the value present inside double quotes (String). Hi Splunker,I would like to lower the string/value present inside the double quotes and then use as it is.Values high... by tarunmalhotra79 Engager in Splunk Search 01-19-2021 0 1	0	1
Append more 50k or other soluction like a join Hello community. I am not able to perform a sub-search between 2 sourcetypes. The 'drm' sourcetype has 5 million even... by Michell_ctba Explorer in Splunk Search 01-19-2021 0 2	0	2
How to find events between date ranges I am trying to find the events that are taking place between March 1 2021 and September 1 2021. I was hoping someone ... by riveraj1 Observer in Splunk Search 01-19-2021 0 1	0	1