Splunk Search

Community Activity

How to extract multiple hostname from one regex search in globalprotect logs? Hi everyone, I'm trying to create a simple list with all the devices found on the logs from globalprotect. The deal i... by briansarmiento Explorer in Splunk Search 12-02-2020 0 6	0	6
List of all indexes containing access logs Hello all, and thanks for the assistance ahead of time. How can I produce a list of all Splunk index names for indexe... by bl Engager in Splunk Search 12-02-2020 0 3	0	3
Extract multiple words in a filed Hi,I have some syslog logs and I need to extract the first words of a field values. The field value starts like this:... by marco_massari11 Communicator in Splunk Search 12-02-2020 0 3	0	3
Transaction command - Way to change from timestamp to a different field? Good morning all,I'm leveraging the transaction command in order to gather statistics around the duration of my reque... by Maycockk Explorer in Splunk Search 12-02-2020 0 3	0	3
Correlate different events with a common value Hi all, I'm a new Splunk user and I would like to have some help from you.I have two query:First query:index=osb sour... by Burton_snow82 Engager in Splunk Search 12-02-2020 0 4	0	4
search Hi, I have 2 different events. these 2 events can be identified by "Id". I am trying to display it in table in the b... by ashukp Loves-to-Learn Lots in Splunk Search 12-01-2020 0 4	0	4
Is there a workflow to populate field on page not in URL? I know through a workflow action I can add add a token value to a URL string. Is there any way to populate a value on... by aohls Contributor in Splunk Search 12-01-2020 0 0	0	0
when consulting for sourcetype it does not bring data I understand that I should obtain results if I also consult only specifying the sourcetype and the rest of the search... by splunkcol Builder in Splunk Search 12-01-2020 0 4	0	4
Best Way to Search based on a Token Value Hello,I am trying to find the best way to change my search based on a token value that I will pass through an input. ... by strehb18 Path Finder in Splunk Search 12-01-2020 0 2	0	2
This search has encountered a fatal error and has been marked as zombied. I'm trying to optimize this report to successfully run without errors. It will currently run for 3-5 hours and grow ... by jhampton_3rd Explorer in Splunk Search 12-01-2020 0 0	0	0
combining 2 rows in to a single row Hi,I was trying to add 2 rows in to a single row . After combining,I am getting results for 1st column .but not for 2... by shashidharh Explorer in Splunk Search 12-01-2020 0 0	0	0
Newbee question: Looking for start events without end events with the same key Our system logs an event when it receives a message (with a unique key)Some time later our system also logs an event ... by mpjjonker Explorer in Splunk Search 12-01-2020 0 1	0	1
Negate the field containing both the values in SPLUNK query Hi,I have written following query where a field consisting of 2 actions as below,Query:sourcetype="my_sourcetype" ses... by Janani_Krish Path Finder in Splunk Search 12-01-2020 0 1	0	1
Lookup file 3000 entries, need to divide into events, so I can isolate user flow of client ip events My search is \| inputlookup "edgarlog2.csv"The lookup file has no events attached to it, what is a way to add events f... by roderick001 Explorer in Splunk Search 12-01-2020 0 4	0	4
Help on xml formatting with css Hi I need to format background in <h1> tag and <p> tags in my xml <row> <panel> <html> <h1> ... by jip31 Motivator in Splunk Search 12-01-2020 0 17	0	17
How to remove automatic real-time searches that run when users visit the Home page and Search app? I would like to remove the realtime searches that get kicked off automatically when a user is on the following pages ... by cramasta Builder in Splunk Search 12-01-2020 10 14	10	14
Extract a specific field values from a table in Splunk Dear All,My question might seem naive and pardon me for that.I want to create an alert for data not being processed. ... by asing13 Path Finder in Splunk Search 12-01-2020 0 2	0	2
Same ip address in different host I want to catch from my index=ip the field value ip_address in common in one or more hosts.I want to get something li... by Anto Explorer in Splunk Search 12-01-2020 0 2	0	2
How to use search field as an input in another search query within same index. Hello Friends, I am trying to fetch value of "F5_device" from search and use as a input to another search to find th... by abhijeet Explorer in Splunk Search 12-01-2020 0 3	0	3
How to assign multiple values to the same checkbox Hey Splunkers,Currently, I have 3 checkboxes to filter data for the panel.eg: My checkbox names are : Critical, Major... by NS Explorer in Splunk Search 11-30-2020 0 1	0	1
How to get the Max out of row and field name of the max value Hi,I have below resultset in place.How do I get the Max by row and the Month when the Max happened. Something like be... by sangs8788 Communicator in Splunk Search 11-30-2020 0 2	0	2
Field extraction from checkpoint log with two hostname values Hi! im traying to extract a field named hostname from checkpoint logs, but i couldn't with the wizards:sample:time=16... by dieguiariel Path Finder in Splunk Search 11-30-2020 0 2	0	2
custom source column Hello,I am trying to create a table output of events in logilfe. Here is the query - index=myindex <my search> \| rex ... by runiyal Path Finder in Splunk Search 11-30-2020 1 10	1	10
CurrentSessionLength TotalLoginLength in VMware Horizon Agent logs Hello, guys,I`m collecting logs from VMware Horizon client and here are 2 fields, the meaning of which I don`t clearl... by user2020dy Path Finder in Splunk Search 11-30-2020 0 2	0	2
How to stats ratio based on two fields Hi team,I have a below sample raw events in splunk.2020-11-30 19:15:26,726 ratingEnabled="[performance]"2020-11-30 15... by cheriemilk Path Finder in Splunk Search 11-30-2020 0 1	0	1