Splunk Search

Community Activity

How to group values using wildcard index=**** Name=GOKI\|stats count by SK SO This is the result that I get now. SK SO COUNT ... by gokikrishnan198 New Member in Splunk Search 11-26-2020 0 3	0	3
Conditional Macros Hi,In view of this answer it is not possible to put a macro in a yew, but is it still valid?https://community.splunk.... by Micka108 Engager in Splunk Search 11-26-2020 0 1	0	1
How to search inside file contents of uploaded events? Hoping someone can help, reasonably new to Splunk. I have a number of Splunk events that are uploaded small text file... by Maycockk Explorer in Splunk Search 11-26-2020 0 2	0	2
count by wildcard in field value Hi,I've following issue: Ive a dataset containing data likeOrder number = 12345Description = "AB: jdkjsd"planned_date... by Toby_r Loves-to-Learn in Splunk Search 11-26-2020 0 1	0	1
How do you calculate the difference between two date/time with seconds. I am trying to calculate difference between two dates including seconds. But i am unable to find any logs.Please help... by alexspunkshell Contributor in Splunk Search 11-26-2020 0 4	0	4
How to pass a variable as the output column name in the lookup command? Hello,Having trouble understanding lookups. Any help would be appreciated.If I have a table with ID and User columns... by ddelmont Explorer in Splunk Search 11-25-2020 0 3	0	3
Need some help on rex command - User agent Hi I have created the below rex command based on user agent using regular expression " regex101.com". The below rex c... by jaibalaraman Path Finder in Splunk Search 11-25-2020 1 10	1	10
Seeking help to create a dashboard for Antivirus alerts in splunk Hi community,Need your help..! is there any possibility that we can create a dashboard for AV related issues or notab... by mputtam Path Finder in Splunk Search 11-25-2020 0 0	0	0
way to use case insensitive fields - Not Value Mydata is like below where the customerNumber can come like CustomerNumber or customernumber or CUSTOMERNUMBERAND iso... by Shariq Explorer in Splunk Search 11-25-2020 1 3	1	3
Extract IP address from event log Hi!Need help with this please.I have to extract the IP address from this:src=45.141.87.33:53402:X19value 53402 and va... by seba333 Engager in Splunk Search 11-25-2020 1 1	1	1
Correlate events across Sources Hey all! I've seen similar Splunk Help answers similar to mine but I'm having some issues with getting it to work ex... by TooManyQuestion Explorer in Splunk Search 11-25-2020 0 1	0	1
Alternatives to mvexpand for decreasing memory usage Hello! I have some JSON events that each look something like this:{ "id": 12345, "steps": [ { "stepName... by arosenwinkel Observer in Splunk Search 11-25-2020 0 5	0	5
Haversine Issue Hello, I am working with a GPX file and installed the haversine app to calculate the distance between lat/lon coordin... by genesiusj63 Explorer in Splunk Search 11-25-2020 0 0	0	0
Inputlookup command not working Hi all,I have been trying to use a search in order to compare two results. One is my lookup and one with an ldapsearc... by Sasquatchatmars Communicator in Splunk Search 11-25-2020 0 2	0	2
How to fetch relevant data from the different log lines based on a unique ID ? Hi There,I need to fetch some data based on a unique ID from the different log lines can you please help me with th... by 2chs Explorer in Splunk Search 11-25-2020 0 1	0	1
Missing seconds in Realtime query with 10ms span on python-sdk Hi, i'm trying to get Splunk realtime results using splunk's python-sdk.Everything works well, but in the results, th... by timoti Explorer in Splunk Search 11-25-2020 0 0	0	0
Rename the Values in the Json fields Hi,Could someone please help me with the rename of the string Values in the fields.I want to remove the spaces from t... by Supriya Path Finder in Splunk Search 11-24-2020 0 4	0	4
Help with searching command Hi Everyone! I'm having a stuff time trying to figure out a search command for this lab assignment. So I inputted in ... by drobles96 Engager in Splunk Search 11-24-2020 0 2	0	2
How do I create a time field? I have the EVENT_TIMESTAMP_UTC field with the values of - 2020-11-19 13:50:08.393085 2020-11-19 13:50:08.3517 2020-11... by danielbb Motivator in Splunk Search 11-24-2020 1 3	1	3
Unmatched regex re-routing How can i route this kind of data to there proper index.Data:transaction_1transaction_2transaction_01 transaction_02t... by jadengoho Builder in Splunk Search 11-24-2020 1 2	1	2
Search in an nested array object I have the following Json object:object{<!-- -->Id 123 , status : {<!-- -->Id : 123value: NotKnown}Id 456 , status : {<!-- -->Id : 456value: ... by coderworld7939 New Member in Splunk Search 11-24-2020 0 1	0	1
How do I search for correlating events from Source log? So we log API calls and response errors. However I'm having issues searching for the corrilating event from a log. E... by roderickjones Engager in Splunk Search 11-24-2020 1 1	1	1
main search \| where not IN [subsearch] not working HelloI have similar situation where I have 2 sources of data and in data I get filenames processed but filenaming con... by marshad Explorer in Splunk Search 11-24-2020 0 3	0	3
How can i change my dashboard from English language to Japanese ? Can i change my dashboard to appear in Japanese language, it tried changing en_US to ja-JP in URL that change the de... by yogeshpunia05 Explorer in Splunk Search 11-24-2020 0 2	0	2
Can't use "Where IN ([subsearch])" Hello, I'd like to match the result of my main search with a list of values extracted from a CSV. So at the end of m... by pleymort Explorer in Splunk Search 11-24-2020 0 5	0	5