Splunk Search

Community Activity

How to get the most recent event with search criteria I have the following resultset I want to get the most recent eventsResultset ACustom_IDEligibilityStart_dateEnd_DateU... by AshChakor Path Finder in Splunk Search 11-16-2020 0 3	0	3
How can I create duplicate events by duration hours? Hello experts, I am working on a stats of meetings. As the attached photo shows, this meeting lasts for 7 (duration_h... by Hanliamadeus Explorer in Splunk Search 11-16-2020 0 2	0	2
values mismatch i have issue where i am comparing values from 2 fields which will have same value always, but sometimes it differs. I... by akumar Loves-to-Learn Lots in Splunk Search 11-16-2020 0 6	0	6
Extract numerical value from text logs and get max occurrence of the number I want to extract a number from logs where the line of interest looks like,INFO 2020-11-16 12:11:47,161 [ThreadName-1... by vinayakolhapure Engager in Splunk Search 11-16-2020 0 2	0	2
Search for an adjacent IP address Hi.I have an alert that'll tell me if a host is down, and it runs for both Active and Standby hosts.The issue is that... by logginz85 Explorer in Splunk Search 11-16-2020 0 3	0	3
Compare search field to multiple lookup fields I have field src_ip in my data. My lookup fields: ip1, ip2, ip3, ip4, user What I want is to find matching pairs i... by user2020dy Path Finder in Splunk Search 11-16-2020 0 3	0	3
Comparing the Dates and retrieve the latest value We have a search that populates a csv file for tracking purposes of latest check-ins formatted as (%m/%d/%Y)Hostagent... by RonD Explorer in Splunk Search 11-16-2020 0 2	0	2
Issue in accessing Splunk web interface with Internet Explorer 11 I have setup Splunk server over LAN . I can access web interface on all machines in the LAN except 1 machine .Brows... by Yogesh New Member in Splunk Search 11-16-2020 0 1	0	1
Why am I not getting sessionKey while using custom search command I am having two apps, Main app and Add-On app. Add-On app contains one data collector script which works as splunk d... by pjvarjani Path Finder in Splunk Search 11-16-2020 4 6	4	6
compare data with one week back data Hello,I'm trying to compare latest data with seven days back data.I want to create column charts in dashboard , one c... by kirrusk Communicator in Splunk Search 11-16-2020 0 0	0	0
How to ignore the most recent X number of events from a search for each day with Timechart command HiIs there a search command that will ignore the most recent X number of events for each day whilst using a Timechart... by jboustead Explorer in Splunk Search 11-16-2020 0 1	0	1
How to extract values from nested json? I have the below json for which I want to extract all the values of FIELDNAME. "MY_DETAILS": [ { ... by arnabsen1234 New Member in Splunk Search 11-16-2020 0 5	0	5
How to convert my lookup field value to an executable formula when i use "foreach"? Hi, i'm using Splunk since two month and i love it. But i need help.I have a lot of sensors, sampling per minute. I h... by Muller Explorer in Splunk Search 11-16-2020 0 4	0	4
replace multivalue field values Hi guys,I'm trying to replace values in an irregular multivalue field.I don't want to use mvexpand because I need the... by mariobisio Explorer in Splunk Search 11-16-2020 0 3	0	3
Passing paramaters to subsearch I have a search that returns two fields, Username and Location, for a specific username. To extend this search, I wo... by balcv Contributor in Splunk Search 11-16-2020 0 1	0	1
How to exclude the rows by comparing the results ? I have a below table which shows status of package in each host. Normally 2 kinds of packages are there, one with 'bw... by georgear7 Communicator in Splunk Search 11-15-2020 0 3	0	3
How do I use eval with a multivalued field in a transaction? Hello,I am working with historical log data from a train system and I have two types of log files:log1: each row is a... by ahmed Explorer in Splunk Search 11-15-2020 0 3	0	3
Search Condition in index Hi,I want to search the index with the eventtype which has "service" or "window" in the valueindex=sdsf \| search even... by chuck_life09 Path Finder in Splunk Search 11-15-2020 0 3	0	3
help on jointure in appendcols subsearch HelloIn the search below, I need to do a jointure after the appendcols command like in the first part of the search ... by jip31 Motivator in Splunk Search 11-15-2020 0 1	0	1
How to sum two timecharts in another one. Hello,I tired to sum two timecharts in another one, using tokens.It's easy to sum counted value using stats, but I ha... by kryzew Explorer in Splunk Search 11-15-2020 0 1	0	1
Weird event number for differing time scope source="main" service="sales" operation="inquiryV3" port="8443" In these screenshots, there's no change in the ... by githubguthub Loves-to-Learn in Splunk Search 11-14-2020 0 5	0	5
How to search for strings in secondary search without _raw field available? index::my_index host::my_host source::my_source sourcetype::my_sourcetype field1="some value" \| stats list() AS ... by frbuser Path Finder in Splunk Search 11-14-2020 0 3	0	3
Previous month search based on now Hi everyone,I'm new to Splunk and trying to create a simple report, but I'm already having trouble.I would like to do... by antonio147 Communicator in Splunk Search 11-14-2020 0 5	0	5
Line Chart Overlay based on Time picker Hi Community,This is a continuation from another post (https://community.splunk.com/t5/Splunk-Search/Line-Chart-Overl... by ronaldtanhj Path Finder in Splunk Search 11-14-2020 0 20	0	20
Comparing value from two objects based on another field Hi Splunk experts, My events have a timeline that tells me how long certain operations took. What I'm trying to deter... by oleg1 Loves-to-Learn in Splunk Search 11-13-2020 0 1	0	1