Splunk Search

Community Activity

piechart I want to create two pie chart each based upon the value of index I am choosing. using below two queries 1. index = i... by avneet26 Engager in Splunk Search 11-12-2020 0 5	0	5
Consolidate data from 2 indexes We have 2 index1. Having user name and his machine details and everything about his login 2. User name and his actual... by vikram_m Path Finder in Splunk Search 11-12-2020 0 8	0	8
How to extract Specific field and segregate the bunched eventslogs I have logs coming from AWS,first, I need to get just a message (which is an event) from the log Second, in some logs... by john_snow Engager in Splunk Search 11-12-2020 1 3	1	3
Error and Warning Count by Hour or date or timestamp I have my spark logs in Splunk . I have got 2 Spark streaming jobs running .It will have different logs ( INFO, WARN... by satyajit2007 Explorer in Splunk Search 11-12-2020 0 2	0	2
How To Filter IP Field Using Subnet Value Stored In Variable Hello, I am trying to create a drill down dashboard. Basically I want to pass a subnet value (which is currently repr... by joemarty82 Explorer in Splunk Search 11-11-2020 0 1	0	1
Using index/sourcetype ? How to get the details about the dashboards/alerts/Reports/data models in splunk ? Hi All,We are performing an impact analysis on the application data which are already getting ingested into splunk,... by Hemnaath Motivator in Splunk Search 11-11-2020 0 2	0	2
How do I create a calculated field based on data from a different type of log file? Hello,I am working with historical log data from a train system and I have two different types of log files:log1: eac... by ahmed Explorer in Splunk Search 11-11-2020 0 6	0	6
How to add total and percentage column in timechart Using a simple example: count the number of events for each host name... \| timechart count BY host> ... \| timechart c... by jerrysplunk88 Explorer in Splunk Search 11-11-2020 0 2	0	2
Combined Search - Difference in two lists This always feels exceptionally difficult to me, i'm not sure what i'm missing.I have a list of machines, a simple CS... by splunk219783 Path Finder in Splunk Search 11-11-2020 0 3	0	3
How to pull latest event I have a search/dash board that will show data over the last 30 days, the search is as followed index=server EventCo... by eb1929 Explorer in Splunk Search 11-11-2020 0 1	0	1
Looking for a regex that extract key=values from same line Application log file display below at one of the line, looking for a regex that extract value of "0" / "1" / "2" or "... by YagneshShah1 New Member in Splunk Search 11-11-2020 0 4	0	4
Check to valid credit card number - mod10\|Luhn algorithm Hello everyone,I'm using the SPL to get credit card numbers on search time (I would like to maintain this on search t... by rafamss Contributor in Splunk Search 11-11-2020 0 2	0	2
help to use EXTRACT in props.conf I've been trying to extract fields from a log at search time with only the help of props.conf. in the spunk docu I re... by avoelk Communicator in Splunk Search 11-11-2020 0 1	0	1
Limit Max line in every row in a table (like in list) hey, i got a search like:index = a \| table timestamp, id , name, age, messagei want to display only the first 10 row... by dordavid Explorer in Splunk Search 11-11-2020 0 0	0	0
Splunk SAML authentication issue when combining SAML and scripted inputs together for Splunk Cloudgateway implementation Encountered an issue with Splunk SAML authentication in conjunction when using scripted inputs for leveraging splunk... by pv063910 Explorer in Splunk Search 11-11-2020 2 9	2	9
Get results per week for custom _time field Hello,I am running a search for last 7 days results, and i am using fixed_date field as _time field.fixed_date can ha... by utk123 Path Finder in Splunk Search 11-10-2020 0 2	0	2
Problem formatting string to json Hi, I have the following String that is logged by the application and I am wondering if there is a way to pretty prin... by trem124 New Member in Splunk Search 11-10-2020 0 1	0	1
Mapping a number against a certain number range in a look up Hi Everyone,So I'll try and make this as clear as possible, but it's quite hard to explain it in depth.What I'm tryin... by rvdbrugge Loves-to-Learn Everything in Splunk Search 11-10-2020 0 0	0	0
Field extraction and search issue Hi,I am dealing with an issue because data changed from my source. I was using a lookup as below to search only on th... by mbasharat Builder in Splunk Search 11-10-2020 0 4	0	4
Would a Splunk guru please explain what span=log2 does or why one might use it? I've seen the documentation, but it doesn't really explain what or how it might be used. I'm looking for a lightweig... by aulbrich Engager in Splunk Search 11-10-2020 0 2	0	2
How to group values HiI have a field name called report_name, it can have a number of status values associated with it, i.e. status=a or ... by becksyboy Contributor in Splunk Search 11-10-2020 0 2	0	2
Event count before and after a specified time I am looking to count the number of events that occur before and after a specified time (8am) each day to give a tabl... by jboustead Explorer in Splunk Search 11-10-2020 0 1	0	1
DNS Logs field extraction (flags) Hello Splunkers,I'm actually trying to extract the "flags" field in the DNS logs.Meanwhile, the TA provided by Splunk... by kvnpichon Path Finder in Splunk Search 11-10-2020 0 2	0	2
Search hosts, Windows updates Hello! I am new in Splunk Search. I am using this query to find all hosts to which a specific update was installed:s... by ivan123357 Explorer in Splunk Search 11-10-2020 0 6	0	6
How do you allow automatically match against lookup file multi-value field Hello experts - I'm scratching my head trying to figure out if there's something at the low level configuration side ... by splunker1981 Path Finder in Splunk Search 11-09-2020 0 1	0	1