Splunk Search

Community Activity

Create Multi-Value field based 4 fields So basically I have some network logs and by base search filters down to source IP, destination IP, destination port,... by jachockey012 Explorer in Splunk Search 01-07-2021 0 2	0	2
Replace a string with other 2 strings Hi ,I need to replace the string in a field value role_seu_458137407337_prd-sso-data-science-752-2205-compute-role" ... by hashsplunk Loves-to-Learn Lots in Splunk Search 01-07-2021 0 1	0	1
Error occured during do run "Custom search command example" I do exercise example about "Custom search command" step by step , but the following error occurred. What's the pro... by jkjeong New Member in Splunk Search 01-06-2021 0 2	0	2
How to retrieve data from splunk using SSIS ETL tool How can I retrieve data from Splunk dashboard or saved searches using SSIS.I am able to create the connection string ... by sumitkumarsk90 New Member in Splunk Search 01-06-2021 0 0	0	0
using bar charts Hello splunkers i want to create a visualization for my command to create a bar chart that contains the (src_ip/user... by moayadalghamdi Path Finder in Splunk Search 01-06-2021 0 4	0	4
Eliminate Specific results from search query Hi All,I want to eliminate TruestedLocation = Zscaler in my splunk search result.Below is my query and screenshot. Pl... by alexspunkshell Contributor in Splunk Search 01-06-2021 0 2	0	2
how to create drilldown for specific value from multivalue row Hi Team,I have a table where employee name are group by manager name and their project count.PFB structure of my tabl... by Khushboo Explorer in Splunk Search 01-06-2021 0 3	0	3
tstats search slow when using field from automatic lookup Hello, I'm seeing an issue where tstats search is slow due to an automatic lookup. I'm running the searches over rang... by tah7004 Path Finder in Splunk Search 01-06-2021 0 2	0	2
Compare data between indexed device data and Splunk App for Infrastructure I'm being asked to compare device Entities in SAI with database data I am indexing that contains devices on our netwo... by hoopydave Path Finder in Splunk Search 01-06-2021 0 0	0	0
splunk universal forwarder error [khush@1122]$ !531/dev/kt/splunk/splunkforwarder/bin/splunk startsplunkd 14116 was not running.Stopping splunk helper... by Khushboo Explorer in Splunk Search 01-06-2021 0 0	0	0
Timechart event result variations with time range picker I am using the same timechart search query:'search\| timechart span=1d sum(xxx)"when I set the time range picker to ye... by jamesboustead Explorer in Splunk Search 01-06-2021 0 2	0	2
How to calculate elapsed time only on working hours ? Hi all, I'm trying to calculate the time support team took to respond when a new ticket is created. For now i'm able ... by clementros Path Finder in Splunk Search 01-06-2021 0 0	0	0
Create a time series graph after a stats command Hi,I'm not able to create a timechart graph for the below search, it is coming up with no result.My current search is... by jamesboustead Explorer in Splunk Search 01-06-2021 0 4	0	4
retention period HiWhen i search in Splunk I only find logs in last 52 days I need to increase the retention period to be available a... by saeed Explorer in Splunk Search 01-05-2021 0 1	0	1
map visulization with lookup table Hello Splunkers ! i wanted to visualize data on map so i used this command and it worked:index=myFirewall \| stats cou... by moayadalghamdi Path Finder in Splunk Search 01-05-2021 0 3	0	3
how to search for search queries triggered from Phantom in splunk cloud Hello All,I am new to splunk and looking for suggestion on search queries. In our environment, we have phantom app in... by ravivarmagv1 Loves-to-Learn in Splunk Search 01-05-2021 0 0	0	0
How do I bring serial number in splunk Hi, I have four line result as follows: value1 value2 value3 value4 but I want the serial no. should be before eac... by abhayneilam Contributor in Splunk Search 01-05-2021 1 5	1	5
Split command take comma as a value when null value exists for a field Hi,I am trying to use Split command to separate and get few fields. However I am getting different fields value due t... by dchando Engager in Splunk Search 01-05-2021 0 4	0	4
Header Field and Values I have a Splunk event with the following lines logged from a .txt file.HeaderField1 \| HeaderField2 \| HeaderField3Head... by bartstk18 Loves-to-Learn Lots in Splunk Search 01-05-2021 0 4	0	4
extract json from string hi, I have a string int the following format:msg: Logging interaction event { eventId: '12dea8c0-dfb2-4988-9e97-314dd... by ashodha Engager in Splunk Search 01-05-2021 0 3	0	3
date and time conversion hi, I am looking to convert the following time to UTC format:8/26/20203:47PM-06:00 Ultimately i am looking to convert... by archanas Explorer in Splunk Search 01-05-2021 0 3	0	3
HTTP ResponseCode transformation Hi all,I have a use case to transform gzipped binary portion of HTTP ResponseCode into readable content. Is this some... by me74fhfd Path Finder in Splunk Search 01-05-2021 0 3	0	3
Help using regex to break a comma separated string I have a text string field in my events which contains one or many date/time stamps within the string. The string is... by mdurdel New Member in Splunk Search 01-05-2021 0 11	0	11
tstats timechart I am trying to do a time chart of available indexes in my environment , I already tried below query with no luck \| ... by kunalmao Communicator in Splunk Search 01-05-2021 0 3	0	3
Input Filter and the supporting panels I have a dropdown(say field A) as input to a dashboard.And this dropdown value is passed/used only in certain panels ... by prettysunshinez Explorer in Splunk Search 01-05-2021 0 4	0	4