Splunk Search

Discussions

Thread Info

How to suppress one or two fields and associated values in csv file.

I have data following data in csv file. need to suppress last one or two columns. please suggest me how to do that. ...

by Loves-to-Learn Lots in

Compare values of main search and subsearch

I am looking to compare the count of transactions processed in a 3 hour window to the count of transactions made in t...

by Engager in

Need to send mail with multiples information

Hello everyone, There is my search : my_severity=error my_app="name" earliest=-48h latest=-24h | stats count as ...

by Path Finder in

How to find SSH session in past month

I want to know that there are or not SSH sessions which is in last 5 minutes in past 1 month. (except today) - I wa...

by Engager in

Rex expression Puzzle

Hey, is there anyone there good with rex expressions?I've been given a task by my boss, to extract 4 new fields from ...

by Explorer in

MaxMind DB Usage (more than just City)

All, Hopefully I have this in the correct location, I'm still new to all of this. Anyway, we have a subscript...

by Explorer in

How to table results only if field value within indexA is contained within field of indexB

I have email logs within index=Email and suspicious domain connections within index=Security. The field name within...

by Explorer in

How do I split a log entry into tags? how do I use this?

Hello, I am looking to split the log entry into tag using below link. https://community.splunk.com/t5/Splunk-Sear...

by Observer in

SPLUNK_HEC_URL is not working

Hello, I am trying to create Lambda function and enabling HTTP event collector using below doc. https://dev.splun...

by Observer in

Issues while parsing lengthy Json

We are facing issue while parsing the lengthy Json file. Splunk is picking up incomplete data. Attaching the specific...

by New Member in

how to display week by week data with different colors

I want to display counts by weeks . but current week's count in "green", last weeks counts in "Orange" and counts ol...

by Path Finder in

group keys having wildcard char like usermetadata_* by other unique field

Hi All, I have a requirement to group keys (key - value pair) having wildcard char like - usermetadata_* by other...

by Engager in

How to make a new list of values that are in one list but not another/

I have created two lists from stats-list and stats-values. These are called Lookup_Vals(from lookup table's Lookup_pr...

by Explorer in

How to upload file on dashboard, without navigating to another page?

Hi Splunkers, I have a use case to deploy, please refer the image attached. On clicking "choose file" it should brows...

by Communicator in

Splunk Convert Duration in Seconds to HH:MM:SS

Hey there, Right now I have come close to completing an absolute epic in getting a multi-array json API respo...

by Engager in

Chart # of instances for a process, w/ sum of RAM and avg CPU of all those instances

Really stumped on this. We would like to count the number of instances of each process run on a server, and present t...

by Path Finder in

Why does Splunk Web sometimes not show the event data for a search unless I restart?

Splunk Web doesn't show the events at times. If I restart and log in, it will show the events, but after some time, e...

by Explorer in

Calculate percentage increase/reduction

Hello, I have calculated my Total Escalations per Quarter using stats count and I would like to include another fie...

by Engager in

Extracting string from field in lookup

Hi, I have a few fields in lookup from which I am trying to extract strings. I read that rex is what I should be ...

by Explorer in

Different data format into same source type

Recently we changed the data logging process at source and it changed the event format of the Site minder log source ...

by Path Finder in

Splunk Search

Discussions

How to suppress one or two fields and associated values in csv file.

Compare values of main search and subsearch

Need to send mail with multiples information

How to find SSH session in past month

Rex expression Puzzle

MaxMind DB Usage (more than just City)

How to table results only if field value within indexA is contained within field of indexB

How do I split a log entry into tags? how do I use this?

SPLUNK_HEC_URL is not working

Issues while parsing lengthy Json

how to display week by week data with different colors

group keys having wildcard char like usermetadata_* by other unique field

How to make a new list of values that are in one list but not another/

How to upload file on dashboard, without navigating to another page?

Splunk Convert Duration in Seconds to HH:MM:SS

Chart # of instances for a process, w/ sum of RAM and avg CPU of all those instances

Why does Splunk Web sometimes not show the event data for a search unless I restart?

Calculate percentage increase/reduction

Extracting string from field in lookup

Different data format into same source type

Table Field Actions - Workflow actions

Tstats with Sparkline limiting values

Query Duo security for disabled, non-authenicated ...

Changes to user or group privileges

Outlier detection