Splunk Search

Community Activity

How to resolve high increase in forwarders reporting errors, including "Failed to checkpoint" for channel='security'? We discovered that in early April, around the 7th, we had a HUGE increase in forwarders reporting this error: ERROR E... by jcleary47 Path Finder in Splunk Search 11-09-2020 3 4	3	4
Blacklist lookup - search query I have a blacklist.csv file that looks like the following,namedescriptionvpnVPN was found.puttyPutty was found. I... by astackpole Path Finder in Splunk Search 11-09-2020 0 2	0	2
Time duration between two events from timestamp mentioned in the event. Hi there, I have a requirement where i need time duration between two events in ms.Events look like this Event A: Pro... by Fury Loves-to-Learn Lots in Splunk Search 11-09-2020 0 10	0	10
Javascript: How to cancel a search mid run? Hello, I am trying to write a simple SPA using JS on the Search Head. I have a page where objects are generated dyn... by bmacias84 Champion in Splunk Search 11-09-2020 0 2	0	2
Nested Search Question OK I have been reading most of the morning and I have to just be missing something very simple.To explain what I am t... by mmccaugh9472 Observer in Splunk Search 11-09-2020 0 4	0	4
UNIX time for the first day of the month of last month I am querying Nessus imported data and I would like to find old vulnerabilities still present today.More precisely, e... by jacortijo Explorer in Splunk Search 11-09-2020 0 3	0	3
queries that used datamodels HiThere is any option to get a list of acceleration data model and what rules / reports / queries) using each of the ... by havatz Explorer in Splunk Search 11-09-2020 0 1	0	1
resolve IP to name I want to be able to see the host name in search results rather than IP. In this case, the "host" I am looking for is... by gburtz New Member in Splunk Search 11-09-2020 0 1	0	1
Search query using REST in JSON format? Hello, I am trying to do a search query using JSON. It works if I use the normal form format, but not JSON.Working ... by locobiker Loves-to-Learn in Splunk Search 11-09-2020 0 0	0	0
Join multiple lookup table to get result in single table Hi,This is the case scenario:when I run this search query:index = "global" productIDI get the following result:{ "pro... by basics Explorer in Splunk Search 11-09-2020 0 3	0	3
Count of API calls over X time_taken, only if average time_taken is over a threshold Hi, I currently have a query that returns the a chart of API's whose calls average over a specific time limit (uniqu... by pzhou07920 Explorer in Splunk Search 11-09-2020 0 4	0	4
How do you calculate the growth of each Index on a monthly basis? We have a requirement to show the data growth of each index on a monthly basis. I tried with the below query from _in... by akarivaratharaj Communicator in Splunk Search 11-09-2020 0 10	0	10
timechart conditional result Hello, i have objects with names that all carry a unique and constant "Software-Signature" with them.This signature i... by light_of_sirius Explorer in Splunk Search 11-09-2020 0 2	0	2
Dashboard As Per below screenshot, i getting results the difference between last week host and this week host count. But i wa... by uagraw01 Motivator in Splunk Search 11-08-2020 0 2	0	2
Search result from different App Hi , Is it possible to get the search result from a specific app to my own application?Example:The result of the APP_... by jadengoho Builder in Splunk Search 11-08-2020 0 2	0	2
Extracting multiple values for single field I'm trying to extract multiple values for a single field. I've got the beginnings of the regex sorted to extract it, ... by ebs Communicator in Splunk Search 11-08-2020 0 3	0	3
Charting diff of events with running total I have some firewall session state logs which get sent to Splunk every minute. The session state events contain a uni... by rtadams89 Contributor in Splunk Search 11-08-2020 0 2	0	2
Top 10 stores for each state Hello folks;Completely new to SPLUNK.I am trying to get a table of the 10 stores for each State for the current week ... by Smiddy Loves-to-Learn Lots in Splunk Search 11-08-2020 0 0	0	0
Updating maximum value I have a data set with values in a specific moment in time. Each day can have multiple values (but in different event... by michaelbosch Observer in Splunk Search 11-08-2020 0 4	0	4
Lookup from multiple table Hello,my goal is to find and combine data from multiple source.Here:employee_lookup: the table for all employee datab... by basics Explorer in Splunk Search 11-08-2020 0 3	0	3
Splunk Keywords definations HI, I am new to Splunk and I am looking forward to learning more. I wanted to know where do I learn what keywords/cod... by basics Explorer in Splunk Search 11-08-2020 0 2	0	2
Query to find out users belong to a particular role Is there any query to find out users belong to a particular role . For example , if i have a role called "least_role"... by kteng2024 Path Finder in Splunk Search 11-07-2020 0 3	0	3
Splunk Education - Down for Maintenance Hello I see that Splunk education is down for maintenance and was wondering when the site would be back up? Kind rega... by fmohideen New Member in Splunk Search 11-06-2020 0 0	0	0
How to use eval with IF? eval A=if(source == "source_a.csv", "1" , "0") The result is 0 in every entry. What is wrong? I have two sources sou... by LH_SPLUNK Explorer in Splunk Search 11-06-2020 1 6	1	6
Run a generating command over a set of values I have a search that will return a number of search ids.index=_audit \| <various modifications>\| table search_idExampl... by burwell SplunkTrust in Splunk Search 11-06-2020 0 3	0	3