Splunk Search

Community Activity

	Splunk Driver for docker only logs as source stdout I have a problem using the Splunk Logging Driver for Docker.The Java Application within the container produces messag... by mathias2021 New Member in Splunk Search 01-12-2021 0 0	0	0
	Help Splunk query multiple values Hello,I would like to retreive multiple value into a single field.Below an example of log where I would like to extra... by chris95 Engager in Splunk Search 01-12-2021 0 2	0	2
	How to get event _time from CIM data model? I checked CIM data models have inherited _time but I couldn't retrieve. Anyone can tell what's wrong? \| tstats summar... by phil_wong Explorer in Splunk Search 01-12-2021 0 3	0	3
	Simple query to take results and list them as yes/no Hello. I have a large data set that I'm working through that gives either a 5 digit number or a "-" if there is no va... by mflippin New Member in Splunk Search 01-11-2021 0 1	0	1
	Need to compare 2 float values , after converting a string type to a float client_type = 'JDBC_DRIVER' , client_version = '3.9.2'The above is the exact value in the lookup.\| rex field=clientty... by vn_g Path Finder in Splunk Search 01-11-2021 0 12	0	12
	Failed Logon attempt Correlation Hello,Our environment has this linux server that continually get's hit with Brute force attacks. I am trying to figur... by pstephens93 Explorer in Splunk Search 01-11-2021 0 9	0	9
	Field appearing as null in table when too long I am searching for queries that are running over a certain amount of time and displaying start/end time and query in ... by sk Explorer in Splunk Search 01-11-2021 0 7	0	7
	Search to count the number of failed logins since last successful login Hey everyone, I'm trying to write a search that will show the login events that occurred after the last successful lo... by jds2726 Loves-to-Learn in Splunk Search 01-11-2021 0 3	0	3
	how to find difference between two "stats count" used in two different saved search So i have two saved search queries 1. sourcetype="x" "attempted" source="y" \| stats count 2. sourcetype="x" "Failed... by snabi Explorer in Splunk Search 01-11-2021 0 3	0	3
	Utilizing dynamic filter with inputlookup subsearch Hi,I am having a situation where a lookup table defines search filters that needs to be used as part of search query.... by harry1 Engager in Splunk Search 01-11-2021 0 2	0	2
	How to extract content from field using rex? Dears,please help. I have log like this [Information] PosService AddInfo:[5006] - Stop customerAnd i want to show in ... by ivana27 Path Finder in Splunk Search 01-11-2021 0 2	0	2
	SPL querry help I have a lookup table X which contains list of Servers, my indexer(myserveridx) contains list of server which are up ... by srujana96 Explorer in Splunk Search 01-11-2021 0 3	0	3
	group keys having wildcard char like usermetadata_* by other unique field like id Hi All,I have a requirement to group keys (key - value pair) having wildcard char like - usermetadata_* by other un... by neha19oct97 Engager in Splunk Search 01-10-2021 0 1	0	1
	How to make alert which will trigger when certain log occured 5 times in 15 min? Hello,please help. I have log (example) :[Information] Downtime start:08/01/2021 04:39:56.997 aaxService:NotAvailable... by ivana27 Path Finder in Splunk Search 01-09-2021 0 3	0	3
	Transforming data for normal distribution I am attempting to take traffic logs over an arbitrary period of time and use the number of accesses and the time of ... by variableName Explorer in Splunk Search 01-08-2021 0 10	0	10
	Plot a line chart to compare against 2 time ranges by a specific field Hello Community, I am looking to Plot a line chart to compare against 2 time ranges by a specific field.This is for ... by splunker9999 Path Finder in Splunk Search 01-08-2021 0 2	0	2
	Count Last event by id and version Hi all, I'm trying to create a visualisation to show the percentage of ticket status (New, Comleted, Cancelled, etc.)... by cros Engager in Splunk Search 01-08-2021 0 1	0	1
	Single value visualization I understand as per docs single value timechart command is required to put sparkline and trendline. However If I am d... by orca Explorer in Splunk Search 01-07-2021 0 0	0	0
	Field values are case insensitive? index="win" host="abc" -- doesnt give resultsindex="win" host="ABC" -- gives resultsBut , it is not suppose to func... by vn_g Path Finder in Splunk Search 01-07-2021 0 5	0	5
	top reports values in both MB & KB: How to convert each to GB As you can see, top reports most values in megabytes, but a few are in kilobytes.I am working on a timechart that wil... by mxanareckless Path Finder in Splunk Search 01-07-2021 0 1	0	1
	How to compare only the time but not the date. Hi!,So my search query looks up an Excel Spreadsheet with a column called Time, that is populated with a time e.g. 10... by dl70 Loves-to-Learn in Splunk Search 01-07-2021 0 3	0	3
	Transforming results from json api to a table Hi there!I am kinda new to Splunk so I apologize if my wording is off, but I am trying to collect metrics from a weir... by willryals Engager in Splunk Search 01-07-2021 0 4	0	4
	radial gauge for displaying latest heap memory usage Hello, I have the following log 19:02:32.576 [hz.cache-server-2.HealthMonitor] INFO com.hazelcast.int.dia.HM - [X.X.X... by raghul725 Explorer in Splunk Search 01-07-2021 0 0	0	0
	Regex I want to exclude this event "values='{CARD}hfgjllanabbflvh=='} from the server. Please suggest me regex for this and... by uagraw01 Motivator in Splunk Search 01-07-2021 0 1	0	1
	Find the diff between two times Hi I am really struggling to find the difference between the 51= time and the 59= time below and add to a separate co... by luckyman80 Path Finder in Splunk Search 01-07-2021 0 4	0	4