Splunk Search

Start a Conversation

Discussions

Start a Conversation

Thread Info

How to Extract specific word from application log

Here is the sample log and I need to check which modelId is having most of the error using rex and stats count ####...

by Path Finder in

Simple query to take results and list them as yes/no

Hello. I have a large data set that I'm working through that gives either a 5 digit number or a "-" if there is no...

by New Member in

Need to compare 2 float values , after converting a string type to a float

client_type = 'JDBC_DRIVER' , client_version = '3.9.2'The above is the exact value in the lookup. | rex field=clien...

by Explorer in

Failed Logon attempt Correlation

Hello, Our environment has this linux server that continually get's hit with Brute force attacks. I am trying to fi...

by Explorer in

Field appearing as null in table when too long

I am searching for queries that are running over a certain amount of time and displaying start/end time and query in ...

by Explorer in

Java SDK connect with certificates

Hey teamI wanted to use MTLS authentication to connect to Splunk API endpoint via Java SDK but can't seem to find a w...

by New Member in

Search to count the number of failed logins since last successful login

Hey everyone, I'm trying to write a search that will show the login events that occurred after the last successful lo...

by Observer in

how to find difference between two "stats count" used in two different saved search

So i have two saved search queries 1. sourcetype="x" "attempted" source="y" | stats count 2. sourcetype="x" "Failed" ...

by Explorer in

Running loop on a search that takes one Id at a time

Hi, I have a lookup file that contains multiple Id's, I have a search that takes one Id at a time and returns the r...

by Observer in

Utilizing dynamic filter with inputlookup subsearch

Hi, I am having a situation where a lookup table defines search filters that needs to be used as part of search que...

by Engager in

see all indexed data without limit

Hello, I know that there is a limitation in Splunk that shows only limit number of results. is it possible to sho...

by Communicator in

How to extract content from field using rex?

Dears, please help. I have log like this [Information] PosService AddInfo:[5006] - Stop customer And i want to...

by Explorer in

SPL querry help

I have a lookup table X which contains list of Servers, my indexer(myserveridx) contains list of server which are up ...

by Engager in

group keys having wildcard char like usermetadata_* by other unique field like id

Hi All, I have a requirement to group keys (key - value pair) having wildcard char like - usermetadata_* by other...

by Observer in

splunk crashing on lookup command

We have simple csv lookup like: network,descr 192.168.0.0/24,network_name Lookup description in transforms.con...

by Path Finder in

How to make alert which will trigger when certain log occured 5 times in 15 min?

Hello, please help. I have log (example) : [Information] Downtime start:08/01/2021 04:39:56.997 aaxService:NotAva...

by Explorer in

Transforming data for normal distribution

I am attempting to take traffic logs over an arbitrary period of time and use the number of accesses and the time of ...

by Explorer in

Plot a line chart to compare against 2 time ranges by a specific field

Hello Community, I am looking to Plot a line chart to compare against 2 time ranges by a specific field.This is for ...

by Path Finder in

Count Last event by id and version

Hi all, I'm trying to create a visualisation to show the percentage of ticket status (New, Comleted, Cancelled, et...

by Loves-to-Learn Lots in

Timechart sum search query

I am using the same timechart search query: 'search | timechart span=1d sum(xxx)" when I set the time range pic...

by Explorer in

Splunk Search

Discussions

How to Extract specific word from application log

Simple query to take results and list them as yes/no

Need to compare 2 float values , after converting a string type to a float

Failed Logon attempt Correlation

Field appearing as null in table when too long

Java SDK connect with certificates

Search to count the number of failed logins since last successful login

how to find difference between two "stats count" used in two different saved search

Running loop on a search that takes one Id at a time

Utilizing dynamic filter with inputlookup subsearch

see all indexed data without limit

How to extract content from field using rex?

SPL querry help

group keys having wildcard char like usermetadata_* by other unique field like id

splunk crashing on lookup command

How to make alert which will trigger when certain log occured 5 times in 15 min?

Transforming data for normal distribution

Plot a line chart to compare against 2 time ranges by a specific field

Count Last event by id and version

Timechart sum search query

Best of Community @.conf20
Humans That Splunk: Meet Abhishek...
Humans That Splunk: Meet Guiseppe...

Visit our Community Blog >

How to make a new list of values that are in one l...

Strategy to search entire estate for unique server...

Python SDK - mTLS support

help fixing cli search with sourcetype specified

Oracle 12c UNIFIED_AUDIT_TRAIL to syslog server