Splunk Search

Community Activity

How to isolate a specific field in a lookup file I'm working on a project for work where I want to see employee entry data for specific groups. We have a lookup file ... by msage Path Finder in Splunk Search 10-23-2020 1 3	1	3
Could not use strptime to parse timestamp " having a problem creating proper TIME_FORMAT for the following data. Seeing "Could not use strptime to parse timesta... by fisuser1 Contributor in Splunk Search 10-23-2020 0 1	0	1
Count of computers user triggered event code to by count of events of that event code Hi All,I am trying to find:Users using event code 4769The count of computers a user connects to within 1hr which is g... by Mckechnie Engager in Splunk Search 10-23-2020 0 1	0	1
Extract variable between pipe symbol from log and use it for query I have a log generated in splunk which will have unique id in with pipe symbols:ex: 19:46:47.146 - [http-nio-8000... by krishman23 Explorer in Splunk Search 10-23-2020 0 7	0	7
Set difference between two output of two query I have two query i want to get those result that are in query 1 but not in query 2Query 1 :index=APP_SERVER- source=A... by Nilesh067 Explorer in Splunk Search 10-23-2020 0 3	0	3
Nessus add-on: How to obtain vulnerability count, host count, and vulnerability count per host My employer recently stood up the Tenable connector to Splunk and are looking to take full advantage of it. My experi... by giventofly08 Explorer in Splunk Search 10-23-2020 1 1	1	1
Calculate Index Size increase 24 hours. No admin privilege. Hi Team,Please note - No Admin privilege to run query on _internal indexI want to calculate the amount of data ingest... by asing13 Path Finder in Splunk Search 10-23-2020 1 4	1	4
Field Extraction - Hostname with inconsistent I'm trying to do a field extraction for a hostname field that has some inconsistency with the format.There are two ty... by jpsheridan Engager in Splunk Search 10-23-2020 1 4	1	4
Combine similar queries to create summary index How can I combine these 3 queries given everything before pipe is same:query1: index=abc source="*/d/e/f.log" artifac... by mukeshchandak Engager in Splunk Search 10-22-2020 0 1	0	1
How to use colors on Tree View Hi,I'd like to know how can I apply colors on the icon according to range values on Tree View (custom viz). The imag... by caioandrades Loves-to-Learn Lots in Splunk Search 10-22-2020 0 1	0	1
Dashboard i want add Radio button in which i want setting that when i will select MFG host it will show all MFG host result a... by uagraw01 Motivator in Splunk Search 10-22-2020 0 1	0	1
How to split user agent details Hi I am new to splunk, and I need some help with SPL query to execute the below user agentLog File - " Mozilla/5.0 (L... by jaibalaraman Path Finder in Splunk Search 10-22-2020 0 11	0	11
CloudTrail Alert: Instances: Reboot/Stop/Terminate Actions - query not working Hi We have installed " Splunk for AWS", how the below alert is not working and search result turn up as " No result f... by jaibalaraman Path Finder in Splunk Search 10-22-2020 0 1	0	1
How to show the Minimum and Maximum duration for last 90 days in a timechart? Hello guys I am displaying a TimeChart of average of Duration and a Baseline for last 30 days..It is working proper... by Rohit_Mallah New Member in Splunk Search 10-22-2020 0 10	0	10
Splunk query to join two searches Hi Splunkers, I have a complex query to extract the IDs from first search and join it using that to the second search... by asharmaeqfx Path Finder in Splunk Search 10-22-2020 0 4	0	4
Extracting record which is not success after few retry. I have below log message :basically it is for creating customer record and if we got error the we are retrying for 5 ... by Nilesh067 Explorer in Splunk Search 10-22-2020 0 1	0	1
Issue in transaction command Hi Team, I have few connections regarding transaction command. I have a series of events. One of the events are menti... by ramprakash Explorer in Splunk Search 10-22-2020 0 7	0	7
Word wrap column names in a table I have an email alert that is set to go out every morning. I have a bunch of long field names that get cut off rando... by codedtech Path Finder in Splunk Search 10-22-2020 0 0	0	0
tstats command returning different results Hi TeamI am running a tstats count on my accelerated data model for certain time periods. So the result which I am ge... by arjit Path Finder in Splunk Search 10-22-2020 0 1	0	1
Dedup and 'OR' problem Hi. I'm quite newbie in Splunk, but I'm trying to find solution to my problem. index=zt2 (first_search) OR (second_s... by Reijo86 New Member in Splunk Search 10-22-2020 0 1	0	1
Creating alert when any past hour count is x standard deviations from the average of the past 24 hours I have Splunk logs with data that is roughly like this:TimestampadapterNameresponseCodexxA1xxA2xxB1xxB2 For each com... by jojopup123 Explorer in Splunk Search 10-22-2020 0 2	0	2
Find the value of the last field and use that field as a filter to find matching records Hi,I am trying to build a result in tabular format.timestampprcs_nm outcomedatenormal time stampprcs_nmFail2020-10-19... by darth_mango_97 Explorer in Splunk Search 10-22-2020 0 8	0	8
"bin=2h time" doesn't split the bucket by every 2 hour. Hi team,with below query, I can't get expected result with the bins splitted by every 2 hour which I specified by "\| ... by cheriemilk Path Finder in Splunk Search 10-22-2020 0 3	0	3
Inputlookup - dropdown and multiselect behave weird I use an inputlookup to fill a multiselect/dropdown-input. \|inputlookup Errornumber 12 44 68 If i now use a multise... by light_of_sirius Explorer in Splunk Search 10-22-2020 0 0	0	0
valid sourcetype not in "data summary" When a valid sourcetype is not showing up in "Data Summary" under "sourcetypes", what does it mean, and how do I get ... by mitag Contributor in Splunk Search 10-21-2020 0 0	0	0