Splunk Search

Community Activity

How to get count 0 for the field value which is not matching with events Hi Splunkers, My requirement is below . I have lookup where 7 hosts defined . when my search is running for both tsta... by ssuluguri Path Finder in Splunk Search 08-07-2024 0 10	0	10
Splunk Citrix get-brokersession I have a powershell script running get-brokersession which then exports the results to a txt file. The file is then... by kmm2 Path Finder in Splunk Search 08-07-2024 0 8	0	8
SPL Time range is giving issue Hi Splunkers!I wish to get data in a specific time range using earliest and latest command .I have checked with time ... by chimpui New Member in Splunk Search 08-07-2024 0 4	0	4
Framing query with tstats command Hi, Can anyone please help me to frame the SPL script.I have to collect the list of devices reporting in splunk along... by RanjiRaje Explorer in Splunk Search 08-07-2024 0 7	0	7
Head for each value of a field Hi there.I'm relatively new to searching in Splunk so I can't sometimes get my head wrapped up around some Splunk con... by PickleRick SplunkTrust in Splunk Search 08-07-2024 0 5	0	5
"Corrupt csv header" : how to find the corrupted csv? I find on splunkd.log a lot of warnings as: "Corrupt csv header, contains empty value (col #3)" without any other det... by mekamundia Explorer in Splunk Search 08-06-2024 1 12	1	12
How to remove missing value timestamps for accurate delta calculation HI, I'm running a search for two different timeranges, for missing datapoint pair it's creating discrepancy with my c... by Bart Explorer in Splunk Search 08-06-2024 0 2	0	2
Hi Splunkers - Heat Map Index - Host Hello friends, I am trying to create a heat map where I can see the indexes on the left side and in each cell of the ... by JuanPerez New Member in Splunk Search 08-06-2024 0 2	0	2
Multiple Server New Field Can we create a new field which contains the group of multiple servers name and that field I can use directly in all ... by Chirag812 Explorer in Splunk Search 08-06-2024 0 2	0	2
Regex issue Hi Teami am trying to make below field regex which is coming in every single event. but its not allowing me to use sa... by cbiraris Path Finder in Splunk Search 08-06-2024 0 3	0	3
How to loop through times for same search Hi Splunk Experts,I'm not sure how easy it's using Splunk, I've a field (_time) with list of epoch_time values in it.... by Thulasinathan_M Contributor in Splunk Search 08-06-2024 0 2	0	2
How to extract the json based key value pair for defined match? below is my json file. I want to notify whenever there is a change in last property , "displayName": Included Update... by nb662x Observer in Splunk Search 08-06-2024 0 6	0	6
Fill field with first value I have a data set for web traffic. A sessionID ties all traffic for an individual browsing session together - all ev... by cxs6345 Engager in Splunk Search 08-05-2024 0 1	0	1
Regex to query csv raw data I have a CSV raw data which has files names and data inside the files which is seperated by double quotes and comma. ... by ravir_jbp Explorer in Splunk Search 08-05-2024 0 14	0	14
Getting unique values of a field. Hi all. I have a field called TaskAction that has some 400 values. But, I only want the distinct values of that field... by splunkpoornima Communicator in Splunk Search 08-05-2024 17 4	17	4
How to use eval with If ,AND Hello Splunkers,I have the following query returning the search results, index="demo1" \| search "metrics.job.overall_... by Gaya3_devi Explorer in Splunk Search 08-05-2024 0 3	0	3
Optmise dedup Splunk search Hi - I am looking to optimise this search by removing dedup, the idea of the search is to remove duplicate paymentId... by tomjb94 Observer in Splunk Search 08-05-2024 0 1	0	1
Export I want to export results of a search in pdf format but it shows by Siddharthnegi Contributor in Splunk Search 08-05-2024 0 1	0	1
Users who are logged in right now Hey, Is there a search that shows all of the users that are logged in to my Splunk instance right now? I have some ... by Ant1D Motivator in Splunk Search 08-04-2024 5 11	5	11
Stuck in writing complex query I want to get below in single query1. dc of field1 overall2. dc of field2 by field1 by Pathik Path Finder in Splunk Search 08-04-2024 0 4	0	4
splunkd_ui_access logs Im trying to create some dashboards to make reading _internal logs easier. I'm trying to figure out what all for the ... by Abass42 Communicator in Splunk Search 08-03-2024 0 2	0	2
How to extract a csv data fields message data into fields? I have a field message that whenI run the search index=example123 host=5566 \|search "specials word" I table message... by Cheng2Ready Communicator in Splunk Search 08-02-2024 0 6	0	6
[Advice/Help] Lookup Table search taking long Hello All, Can ya'll give me advice on why my query taking so long? In a dashboard it just times out and regular verb... by Player01 Engager in Splunk Search 08-02-2024 0 3	0	3
Field from Automatic Lookup (KV Store) not usable I have a KV Store with replicate turned on, a lookup definition with WILDCARD(match_field), and an automatic configur... by ejwade Contributor in Splunk Search 08-02-2024 0 7	0	7
How to join two queries and show not contain value Good day, I am pretty new to Splunk and want a way to join two queries together.Query 1 - Gives me all of my assets \|... by JandrevdM Path Finder in Splunk Search 08-02-2024 0 4	0	4