Splunk Search

Community Activity

Splunk SAML authentication issue when combining SAML and scripted inputs together for Splunk Cloudgateway implementation Encountered an issue with Splunk SAML authentication in conjunction when using scripted inputs for leveraging splunk... by pv063910 Explorer in Splunk Search 11-11-2020 2 9	2	9
Get results per week for custom _time field Hello,I am running a search for last 7 days results, and i am using fixed_date field as _time field.fixed_date can ha... by utk123 Path Finder in Splunk Search 11-10-2020 0 2	0	2
Problem formatting string to json Hi, I have the following String that is logged by the application and I am wondering if there is a way to pretty prin... by trem124 New Member in Splunk Search 11-10-2020 0 1	0	1
Mapping a number against a certain number range in a look up Hi Everyone,So I'll try and make this as clear as possible, but it's quite hard to explain it in depth.What I'm tryin... by rvdbrugge Loves-to-Learn Everything in Splunk Search 11-10-2020 0 0	0	0
Field extraction and search issue Hi,I am dealing with an issue because data changed from my source. I was using a lookup as below to search only on th... by mbasharat Builder in Splunk Search 11-10-2020 0 4	0	4
Would a Splunk guru please explain what span=log2 does or why one might use it? I've seen the documentation, but it doesn't really explain what or how it might be used. I'm looking for a lightweig... by aulbrich Engager in Splunk Search 11-10-2020 0 2	0	2
How to group values HiI have a field name called report_name, it can have a number of status values associated with it, i.e. status=a or ... by becksyboy Contributor in Splunk Search 11-10-2020 0 2	0	2
Event count before and after a specified time I am looking to count the number of events that occur before and after a specified time (8am) each day to give a tabl... by jboustead Explorer in Splunk Search 11-10-2020 0 1	0	1
DNS Logs field extraction (flags) Hello Splunkers,I'm actually trying to extract the "flags" field in the DNS logs.Meanwhile, the TA provided by Splunk... by kvnpichon Path Finder in Splunk Search 11-10-2020 0 2	0	2
Search hosts, Windows updates Hello! I am new in Splunk Search. I am using this query to find all hosts to which a specific update was installed:s... by ivan123357 Explorer in Splunk Search 11-10-2020 0 6	0	6
How do you allow automatically match against lookup file multi-value field Hello experts - I'm scratching my head trying to figure out if there's something at the low level configuration side ... by splunker1981 Path Finder in Splunk Search 11-09-2020 0 1	0	1
User agent - Difficult in extracting Field Hi I am trying to extract field from the user agent details like ( Operating system, Software, Software version, Soft... by jaibalaraman Path Finder in Splunk Search 11-09-2020 0 5	0	5
sourcetypes Is there a way to tell which method a sourcetype is using to get data into splunk? For example, suppose I look at the... by verifi81 Path Finder in Splunk Search 11-09-2020 0 2	0	2
Event-data within retention time is missing HiFor a given index with retention of 91 days configured, we find some hosts having events for the full 91 days.Some ... by ufotech Explorer in Splunk Search 11-09-2020 0 3	0	3
How to resolve high increase in forwarders reporting errors, including "Failed to checkpoint" for channel='security'? We discovered that in early April, around the 7th, we had a HUGE increase in forwarders reporting this error: ERROR E... by jcleary47 Path Finder in Splunk Search 11-09-2020 3 4	3	4
Blacklist lookup - search query I have a blacklist.csv file that looks like the following,namedescriptionvpnVPN was found.puttyPutty was found. I... by astackpole Path Finder in Splunk Search 11-09-2020 0 2	0	2
Time duration between two events from timestamp mentioned in the event. Hi there, I have a requirement where i need time duration between two events in ms.Events look like this Event A: Pro... by Fury Loves-to-Learn Lots in Splunk Search 11-09-2020 0 10	0	10
Javascript: How to cancel a search mid run? Hello, I am trying to write a simple SPA using JS on the Search Head. I have a page where objects are generated dyn... by bmacias84 Champion in Splunk Search 11-09-2020 0 2	0	2
Nested Search Question OK I have been reading most of the morning and I have to just be missing something very simple.To explain what I am t... by mmccaugh9472 Observer in Splunk Search 11-09-2020 0 4	0	4
UNIX time for the first day of the month of last month I am querying Nessus imported data and I would like to find old vulnerabilities still present today.More precisely, e... by jacortijo Explorer in Splunk Search 11-09-2020 0 3	0	3
queries that used datamodels HiThere is any option to get a list of acceleration data model and what rules / reports / queries) using each of the ... by havatz Explorer in Splunk Search 11-09-2020 0 1	0	1
resolve IP to name I want to be able to see the host name in search results rather than IP. In this case, the "host" I am looking for is... by gburtz New Member in Splunk Search 11-09-2020 0 1	0	1
Search query using REST in JSON format? Hello, I am trying to do a search query using JSON. It works if I use the normal form format, but not JSON.Working ... by locobiker Loves-to-Learn in Splunk Search 11-09-2020 0 0	0	0
Join multiple lookup table to get result in single table Hi,This is the case scenario:when I run this search query:index = "global" productIDI get the following result:{ "pro... by basics Explorer in Splunk Search 11-09-2020 0 3	0	3
Count of API calls over X time_taken, only if average time_taken is over a threshold Hi, I currently have a query that returns the a chart of API's whose calls average over a specific time limit (uniqu... by pzhou07920 Explorer in Splunk Search 11-09-2020 0 4	0	4