Splunk Search

Community Activity

How to merge two field as sourcetype? Hi,I wanna merge two fields into sourcetype as below:props.conf[source::/path/to/folder/*]sourcetype = coalesce(field... by rendie Path Finder in Splunk Search 01-13-2021 0 2	0	2
How do I remove the chart on the top of the PDF? I'm running a report on Splunk 6.x and would like to remove the chart on the top of my PDF that is rendered? by rsimmons Splunk Employee in Splunk Search 01-13-2021 3 3	3	3
Need to get response time and tps in a single dashboard Hi Team,I would like to get response time and transaction per second in one graph timechart. Kindly help with the rig... by aaa2324 Explorer in Splunk Search 01-12-2021 0 2	0	2
IIS logs I am learning Splunk and playing with different log types. So far I have exported the CSV files and played around. I ... by cybermonk3y5 New Member in Splunk Search 01-12-2021 0 1	0	1
Python SDK - mTLS support Hi,I want to Authenticate a client(written in Python) to Authenticate against Splunk using mTLS.I can use splunklib.c... by ravitezu New Member in Splunk Search 01-12-2021 0 0	0	0
conditional search via based on total count Hello,Here is my search output. I want see , if Count of "Down" > "Up" criteria. Than I can understand, interface is... by corehan Explorer in Splunk Search 01-12-2021 0 3	0	3
Search peer intermittently reported down Quite often I saw this warning from dashboard panels.I have no cue what happened with following message. The search p... by phil_wong Explorer in Splunk Search 01-12-2021 0 2	0	2
Calculating Average and Standard Deviation of a Type of Log per Week returns wrong results if searching for all Types Hi all,I'm new here, so please let me know if I'm doing anything wrong. Otherwise, the below is my issue. Say for exa... by ulloa Engager in Splunk Search 01-12-2021 0 2	0	2
Oracle 12c UNIFIED_AUDIT_TRAIL to syslog server Dear community,I have to implement Oracle 12c audit and save/export audit data to a shared drive on the SYSLOG server... by paulopires16 Loves-to-Learn Lots in Splunk Search 01-12-2021 0 0	0	0
Concurrent Logins on multiple Linux servers HelloI am trying to find users who have logged into more than one system within the last 30 minutes. I want to return... by pstephens93 Explorer in Splunk Search 01-12-2021 0 5	0	5
Change time format I have a field called "Completed_On" in time format: 12/23/2020 14:16:51.I'd like to remove the hours, minutes, and s... by TheBravoSierra Path Finder in Splunk Search 01-12-2021 0 2	0	2
find the latest field only from multiple output I have a query like below :bla bla ...\| lookup mylookupfile.csv Hostname as Name output Status Creation_Date\| eval St... by surekhasplunk Communicator in Splunk Search 01-12-2021 0 1	0	1
Splunk Driver for docker only logs as source stdout I have a problem using the Splunk Logging Driver for Docker.The Java Application within the container produces messag... by mathias2021 New Member in Splunk Search 01-12-2021 0 0	0	0
Help Splunk query multiple values Hello,I would like to retreive multiple value into a single field.Below an example of log where I would like to extra... by chris95 Engager in Splunk Search 01-12-2021 0 2	0	2
How to get event _time from CIM data model? I checked CIM data models have inherited _time but I couldn't retrieve. Anyone can tell what's wrong? \| tstats summar... by phil_wong Explorer in Splunk Search 01-12-2021 0 3	0	3
Simple query to take results and list them as yes/no Hello. I have a large data set that I'm working through that gives either a 5 digit number or a "-" if there is no va... by mflippin New Member in Splunk Search 01-11-2021 0 1	0	1
Need to compare 2 float values , after converting a string type to a float client_type = 'JDBC_DRIVER' , client_version = '3.9.2'The above is the exact value in the lookup.\| rex field=clientty... by vn_g Path Finder in Splunk Search 01-11-2021 0 12	0	12
Failed Logon attempt Correlation Hello,Our environment has this linux server that continually get's hit with Brute force attacks. I am trying to figur... by pstephens93 Explorer in Splunk Search 01-11-2021 0 9	0	9
Field appearing as null in table when too long I am searching for queries that are running over a certain amount of time and displaying start/end time and query in ... by sk Explorer in Splunk Search 01-11-2021 0 7	0	7
Search to count the number of failed logins since last successful login Hey everyone, I'm trying to write a search that will show the login events that occurred after the last successful lo... by jds2726 Loves-to-Learn in Splunk Search 01-11-2021 0 3	0	3
how to find difference between two "stats count" used in two different saved search So i have two saved search queries 1. sourcetype="x" "attempted" source="y" \| stats count 2. sourcetype="x" "Failed... by snabi Explorer in Splunk Search 01-11-2021 0 3	0	3
Utilizing dynamic filter with inputlookup subsearch Hi,I am having a situation where a lookup table defines search filters that needs to be used as part of search query.... by harry1 Engager in Splunk Search 01-11-2021 0 2	0	2
How to extract content from field using rex? Dears,please help. I have log like this [Information] PosService AddInfo:[5006] - Stop customerAnd i want to show in ... by ivana27 Path Finder in Splunk Search 01-11-2021 0 2	0	2
SPL querry help I have a lookup table X which contains list of Servers, my indexer(myserveridx) contains list of server which are up ... by srujana96 Explorer in Splunk Search 01-11-2021 0 3	0	3
group keys having wildcard char like usermetadata_* by other unique field like id Hi All,I have a requirement to group keys (key - value pair) having wildcard char like - usermetadata_* by other un... by neha19oct97 Engager in Splunk Search 01-10-2021 0 1	0	1