Splunk Search

Community Activity

Find the most common individual characters in a field Hi longtime splunker, first time posterso my goal here is to find the most common and uncommon characters in a field ... by suspicious_link New Member in Splunk Search 01-13-2021 0 1	0	1
field value appears to be null I'm running a search (below) that has results that sometimes in certain fields will display in the gui as empty (null... by wtaylor149 Explorer in Splunk Search 01-13-2021 0 1	0	1
Splitting field then searching each result We are monitoring users who are deleting tables in our system. We have a field "user_query" which I want to parse by ... by sk Explorer in Splunk Search 01-13-2021 0 4	0	4
extract a value from raw field Hi ,There is a way to extract a value from field even there is no = between Key and Value? After extracting I want to... by alexanderschlau Explorer in Splunk Search 01-13-2021 0 4	0	4
Timecharts and how to avoid "no results found inspect" I'm trying to avoid "no results found. inspect" message when my query returns 0 value. I just want an empty chart to... by subtrakt Contributor in Splunk Search 01-13-2021 0 12	0	12
Start time and End Time of Multiple Autosys Job runs for the same Jobname. Hello Folks,I am having some Autosys Job that runs multiple times in a day, having status lifecycle of Starting, Run... by larry_merchant Explorer in Splunk Search 01-13-2021 0 1	0	1
timechart returning no results Helloim trying to count the number of events of each alert the alerts are saved in a lookup file which looks like thi... by sarit_s Communicator in Splunk Search 01-13-2021 0 8	0	8
How to merge two field as sourcetype? Hi,I wanna merge two fields into sourcetype as below:props.conf[source::/path/to/folder/*]sourcetype = coalesce(field... by rendie Path Finder in Splunk Search 01-13-2021 0 2	0	2
How do I remove the chart on the top of the PDF? I'm running a report on Splunk 6.x and would like to remove the chart on the top of my PDF that is rendered? by rsimmons Splunk Employee in Splunk Search 01-13-2021 3 3	3	3
Need to get response time and tps in a single dashboard Hi Team,I would like to get response time and transaction per second in one graph timechart. Kindly help with the rig... by aaa2324 Explorer in Splunk Search 01-12-2021 0 2	0	2
IIS logs I am learning Splunk and playing with different log types. So far I have exported the CSV files and played around. I ... by cybermonk3y5 New Member in Splunk Search 01-12-2021 0 1	0	1
Python SDK - mTLS support Hi,I want to Authenticate a client(written in Python) to Authenticate against Splunk using mTLS.I can use splunklib.c... by ravitezu New Member in Splunk Search 01-12-2021 0 0	0	0
conditional search via based on total count Hello,Here is my search output. I want see , if Count of "Down" > "Up" criteria. Than I can understand, interface is... by corehan Explorer in Splunk Search 01-12-2021 0 3	0	3
Search peer intermittently reported down Quite often I saw this warning from dashboard panels.I have no cue what happened with following message. The search p... by phil_wong Explorer in Splunk Search 01-12-2021 0 2	0	2
Calculating Average and Standard Deviation of a Type of Log per Week returns wrong results if searching for all Types Hi all,I'm new here, so please let me know if I'm doing anything wrong. Otherwise, the below is my issue. Say for exa... by ulloa Engager in Splunk Search 01-12-2021 0 2	0	2
Oracle 12c UNIFIED_AUDIT_TRAIL to syslog server Dear community,I have to implement Oracle 12c audit and save/export audit data to a shared drive on the SYSLOG server... by paulopires16 Loves-to-Learn Lots in Splunk Search 01-12-2021 0 0	0	0
Concurrent Logins on multiple Linux servers HelloI am trying to find users who have logged into more than one system within the last 30 minutes. I want to return... by pstephens93 Explorer in Splunk Search 01-12-2021 0 5	0	5
Change time format I have a field called "Completed_On" in time format: 12/23/2020 14:16:51.I'd like to remove the hours, minutes, and s... by TheBravoSierra Path Finder in Splunk Search 01-12-2021 0 2	0	2
find the latest field only from multiple output I have a query like below :bla bla ...\| lookup mylookupfile.csv Hostname as Name output Status Creation_Date\| eval St... by surekhasplunk Communicator in Splunk Search 01-12-2021 0 1	0	1
Splunk Driver for docker only logs as source stdout I have a problem using the Splunk Logging Driver for Docker.The Java Application within the container produces messag... by mathias2021 New Member in Splunk Search 01-12-2021 0 0	0	0
Help Splunk query multiple values Hello,I would like to retreive multiple value into a single field.Below an example of log where I would like to extra... by chris95 Engager in Splunk Search 01-12-2021 0 2	0	2
How to get event _time from CIM data model? I checked CIM data models have inherited _time but I couldn't retrieve. Anyone can tell what's wrong? \| tstats summar... by phil_wong Explorer in Splunk Search 01-12-2021 0 3	0	3
Simple query to take results and list them as yes/no Hello. I have a large data set that I'm working through that gives either a 5 digit number or a "-" if there is no va... by mflippin New Member in Splunk Search 01-11-2021 0 1	0	1
Need to compare 2 float values , after converting a string type to a float client_type = 'JDBC_DRIVER' , client_version = '3.9.2'The above is the exact value in the lookup.\| rex field=clientty... by vn_g Path Finder in Splunk Search 01-11-2021 0 12	0	12
Failed Logon attempt Correlation Hello,Our environment has this linux server that continually get's hit with Brute force attacks. I am trying to figur... by pstephens93 Explorer in Splunk Search 01-11-2021 0 9	0	9