Splunk Search

Community Activity

	Parse JSON string with different structures We have Multiple apps that generate logs and there format is little different . Splunk currently just shows that fiel... by ashodha Engager in Splunk Search 01-15-2021 0 2	0	2
	Extract specific data from logs. Hello, I need help with extracting specific data from logs. I know this has been discussed few times before but if ... by aikn061 Explorer in Splunk Search 01-15-2021 0 3	0	3
	how to create a script command in a ksh Hello,I have some alerts that send an email with the events to me if triggered. I need to create a custom script for ... by riotto Path Finder in Splunk Search 01-15-2021 0 1	0	1
	eval a new field base on a search result hey ninjas, i have a search result like the following: error_code1 42 error_code2 55 error_code3 62 error_code4 ... by gfs2277 New Member in Splunk Search 01-15-2021 0 6	0	6
	Triggered Alerts Results Hello,I'm looking to get the triggered alert results with alert name and triggered time in one table. Being very simp... by abhi22 New Member in Splunk Search 01-15-2021 0 5	0	5
	How to check missing fields and not generating 100 percentage index="" sourcetype="" and I have field name with tag and it's generating 80% of events , how can I check why it's ... by sasankganta Path Finder in Splunk Search 01-15-2021 0 5	0	5
	How to display procedures that don't have events as failures? Hello good people of the splunk community. I'm fairly new to splunk so sorry if this is a newb question. I have a sea... by SteveChai427 Engager in Splunk Search 01-15-2021 0 4	0	4
	tstats not match with metrics.log Hi all,Why the count of "Event per day" in the "Indexing audit" dashboard is not match with \|tstats result? Eg.The n... by new2spl_unk Explorer in Splunk Search 01-15-2021 0 5	0	5
	How to alert when difference in count of two query is greater than some value I have a below query where i search two text field and see how many time each occurred and find the difference. ("SSO... by icenitesh Engager in Splunk Search 01-15-2021 0 5	0	5
	XML field extraction with spath eval FunctionalRef=spath(_raw,"n2:EvtMsg.Bd.BOEvt.Evt.DatElGrp{2}.DatEl.Val") -> I am getting two(2) values DHL546625... by 4uramana4u Explorer in Splunk Search 01-15-2021 0 3	0	3
	How to cut the value using REX command I have the field - DATE, for example:DATE: ^9F33006E0F848^00950108080008000^9F37008B1832B33^9F1E0163236353132303337^9... by Luninho Explorer in Splunk Search 01-15-2021 0 3	0	3
	extract string between backward slash and quote {\"reference_id\":\"REF1\",\"sub_reference_id\":\"sub_ref_1\"}required output : table of reference_id, sub_reference_... by pinalshah341 Loves-to-Learn in Splunk Search 01-15-2021 0 5	0	5
	Trying to do a Top command per hourly intervals Hi There,I have a search that shows the top 2 Id's that have the most payments processed in each country. I'm trying ... by Johnnerz Engager in Splunk Search 01-15-2021 0 1	0	1
	dynamically assigned maxspan in transactions HiI am searching for an option to dynamically assign value for MAXSPAN in a transaction. The value should come as a r... by boromir Path Finder in Splunk Search 01-15-2021 0 6	0	6
	SPL querry I have a lookup with server details and OS details(details are in the below table), and the index with CR no., Date, ... by srujana96 Explorer in Splunk Search 01-15-2021 0 1	0	1
	Identify missing events based Lookup list of values Hey TeamI have events which contains a field "job_code". index=default source=jobfeed I have a lookup (jobs.csv) whic... by rangarbus Path Finder in Splunk Search 01-14-2021 0 4	0	4
	Configuration initialization for Path took longer than expected\|warning WARN [Indexer] Configuration initialization for C:\Program Files\Splunk\var\run\searchpeers\Seachheadbundle took long... by jat_ashish Explorer in Splunk Search 01-14-2021 0 6	0	6
	A column from mstats becomes empty after join command Hi,I'm trying to create a dashboard which shows various stats for a list of servers. It will pull it's data from seve... by eddieddieddie Path Finder in Splunk Search 01-14-2021 0 5	0	5
	Set token from dropdown Hi,I have a dropdown with dynamic query<input type="dropdown" token="clientId" searchWhenChanged="true"><label>Integr... by smahuja Explorer in Splunk Search 01-14-2021 0 4	0	4
	Issue adding a symbol after a field value The following previous splunk thread works fine:https://community.splunk.com/t5/Archive/Insert-sign-for-each-result-i... by UMDTERPS Communicator in Splunk Search 01-14-2021 0 2	0	2
	Get multiple name/value from JSON file Hi everyone,I've been trying several day to create a query that can give me the list of name/value inside the JSON f... by abilis Explorer in Splunk Search 01-14-2021 0 4	0	4
	Splitting up data into multiple columns Hello i am using the following search host=XXX sourcetype=ZZZ http_status=500 OR http_status=502 "HighCostAPI"\| stats... by eb1929 Explorer in Splunk Search 01-14-2021 0 4	0	4
	Can I have a subsearch that returns a list of sources for the main search to use? Hello,I'm working on a splunk alert that monitors processes. If a process has been running for a long time I want to ... by schilds427 Explorer in Splunk Search 01-14-2021 0 2	0	2
	Extract values from field conditionally on other field value Hi Splunkers,Below is my issue:Having multiple xml files, I need to monitor all the files and extracted the values fr... by dhirendra761 Contributor in Splunk Search 01-14-2021 0 9	0	9
	Show multiple machines for lockouts Hi all,A past consultant of ours wrote the following correlation search to detect excessive user account lockouts:ind... by Ewong Explorer in Splunk Search 01-14-2021 0 3	0	3