Splunk Search

Community Activity

Error - In handler 'savedsearch': Expecting different token When I create an action or try to change the variables in any of alert actions for an alert, I end up with a message ... by dantembe Loves-to-Learn in Splunk Search 10-21-2020 0 2	0	2
To remove few details using rex Hi Team,I have three below conditions to create a logic according to it.Case 1: operation="OVERRIDE" should print but... by sgulhane5 Explorer in Splunk Search 10-21-2020 0 3	0	3
Count occurrence of message in table I have a message feild having below data message=Successfully created customer id XXXXmessage =Duplicate create cu... by Nilesh067 Explorer in Splunk Search 10-21-2020 0 1	0	1
Search Sourcetype by Port ingested Hi there,Does anyone have a search that can show me what data was forwarded and ingested by which port?We have multip... by mwdbhyat Builder in Splunk Search 10-21-2020 0 0	0	0
CPU utilization There are some liberty services and in some host we have many microservice , I want to monitor CPU / memory usage in ... by ARaman77 Explorer in Splunk Search 10-21-2020 1 2	1	2
count filename form a message message: 'Successfully downloaded the file : FileAData2020-10-20_19_05_05.csv'message: 'Successfully downloaded the f... by Nilesh067 Explorer in Splunk Search 10-21-2020 0 1	0	1
Splunk built in rule question - urgent! HelloI have this Splunk built In rule: " Brute Force Access Behavior Detected Over 1d" \| tstats `summariesonly` val... by havatz Explorer in Splunk Search 10-21-2020 1 3	1	3
Today date and previous day data I want to calculate todays date data and previous day data from the host. Please suggest SPL for this. by uagraw01 Motivator in Splunk Search 10-21-2020 1 12	1	12
Time doesn't appear on the chart Time is not displayed on hover. How can this gap be resolved? by Luninho Explorer in Splunk Search 10-21-2020 0 0	0	0
How to add random month into event with only year Hi @linksI have event with future year 2021, 2022. I need to add random months into the years. Do you know which synt... by vgrand2 Explorer in Splunk Search 10-20-2020 0 2	0	2
Add 2 static rows to dropdown search results before sort I am populating dropdown options with the following search. Right now, this is the search. \| search service="$servic... by basandlin Engager in Splunk Search 10-20-2020 0 1	0	1
How handle JSON-Event with associative Array Hi, i need a special result, but i dont know how to iterate over an associative array. Here is this JSON-Events: ... by Roger_FB Explorer in Splunk Search 10-20-2020 0 3	0	3
Splunk App for AWS: How do I resolve error "The search specifies a macro 'aws-description-instance' that cannot be foun How do I resolve the following error? Error in 'SearchParser': The search specifies a macro 'aws-cloudtrail-sourcet... by jaibalaraman Path Finder in Splunk Search 10-20-2020 1 5	1	5
Search to display for list of applications to which users never logged in Hello All,I would like to list down the applications where users have never logged in. I have a input.csv file with t... by rvenkata Explorer in Splunk Search 10-20-2020 1 4	1	4
Why is my regular expression not working in the rex command? It has been tested as a standalone regex outside of splunk I am attempting to parse a solaris log file into key/value pairs. The log is: pam_vas: Authentication <succeeded> fo... by oliverj Communicator in Splunk Search 10-20-2020 1 7	1	7
tstats count on accelerated data models giving different results after a few days Hi All,We have schedule the job which would run a tstats command on an accelerated data model for yesterday’s data & ... by arjit Path Finder in Splunk Search 10-20-2020 0 0	0	0
Extracting users from a list 2020-10-19 05:00:03,744 INFO main() Deletion list: ['user1', 'user2', '$template', 'user233', 'svc_user1', ] I have t... by ryangillan Explorer in Splunk Search 10-20-2020 1 3	1	3
Convert Snap-To Time to Epoch Time Hi everyone!My time picker token spits out values like "-60m@m" and I want to convert this time value into an epoch t... by michaelsplunk1 Path Finder in Splunk Search 10-20-2020 1 2	1	2
count the field using occurrences of string in the field value I am very new to Splunk.I have an access.log file, which contains the Url and querystring:url ... by goalkeeper Explorer in Splunk Search 10-20-2020 1 2	1	2
Count within count I have a data and created a table like this:EligibilityCount01-Country31 Now I would like to see how those country a... by sauravdhungel Engager in Splunk Search 10-20-2020 1 1	1	1
Splunk search Hi Everyone,How can I write splunk search query to check if for particular variable value has increased in 4 hours.Th... by Emily12 Explorer in Splunk Search 10-20-2020 1 3	1	3
Specific keyword based colour Hi Team,need help in getting few nodelabel highlighted. "WANRT" & "DCNDC".sitecodenodelabelPJSLANCUA001PCWLANCUA001... by jerinvarghese Communicator in Splunk Search 10-20-2020 1 1	1	1
Multi Index combination Hi All,Need to combine 2 index together and also need the values to be added/summed together.Code 1 : index=nw_syslo... by jerinvarghese Communicator in Splunk Search 10-20-2020 0 3	0	3
Why is "stats" not working for the default "component" field on the internal except for in verbose mode? Hi. We are trying to do some stats on the "component" field in the internal splunkd logs, but have encountered a stra... by hettervik Builder in Splunk Search 10-20-2020 1 1	1	1
How to debug "Server error" Hello, the server only says "Server error" in search&reporting without showing "inspect job", how can I debug it? Reg... by Administrator Explorer in Splunk Search 10-20-2020 0 2	0	2