Splunk Search

Start a Conversation

Discussions

Start a Conversation

Thread Info

Query returns zero events

Any suggestions how the query can be improved This returns no events as of now. In the lookup csv Im having Use...

by Path Finder in

How to make substring using rex

Hello, I am currently confront some problem here. I want to substring data in specific column using rex. ...

by Path Finder in

Extracting Linux permissions using rex

Hi all! I'm looking to extract certain values from a Linux command line. Take the following example | mak...

by Path Finder in

'BuildInfo' field as "ABCYYYY_Number|XYZ" for eg "ABC2020_17|XYZ. Compare "error1" in consecutive "BuildInfo"

I have 'BuildInfo' field as "ABCYYYY_Number|XYZ" for eg "ABC2020_17|XYZ. Number will be keep increasing for a year...

by Communicator in

Field value based on stats

I am new to splunk. I have a need to get the visualization which shows the field of the corresponding stats value. ...

by Path Finder in

How do I find the first and last time a message is seen in a repetitive sequence of events?

I would like to create a table that displays the first and last event from a duplicate set of events. A duplicate ru...

by Engager in

Errors through REST API but not through Splunk GUI

One of our teams is running Java script that uses REST API to fetch data from Splunk Cloud using the search.They run...

by Builder in

Removing characters from output with rex

I`m trying to remove a hash string from my output-"Example hash is 3ernksMt7b3EzKwHuW4papuEFtvePZtDs9CQFeVYy57= will ...

by Explorer in

Complex Pie Chart

I'm sorry for the terrible subject. I can't think of a simplified title for what I'm trying to do. I'm trying to gr...

by Explorer in

How to calculate the factorial of a number in a Splunk search?

Hi, I want to calculate factorial of a number in eval for calculating Poisson value. Please let me know if it is p...

by Path Finder in

Extracting domain name from URL

Hi, I've a field with name URL and values are like this -- https://community.splunk.com/t5/forums/postpage/2...

by Explorer in

Field extraction

Hi All, I want to extract one particular filed under the description column but when i tried to extract the field i...

by Explorer in

Limiting Software Enumeration

I would like to modify an existing dashboard to limit the Linux package that is being reported. Specifically, I want...

by New Member in

How to Round an eval average

How do I round these numbers with this search? index=net_auth_long | eval time_hour=strftime(_time,"%H")| chart eva...

by Explorer in

Getting Average for this search

I am trying to get each value to be divided by certain number (x). So if x=7, the first value would be 138. index=n...

by Explorer in

How to filter rows based on a regex match on all fields?

Is it possible to filter search result rows by a search expression which can be applied to all fields of a row? Acc...

by Explorer in

limit for values of field 'message' reached. Some values may have been truncated or ignored. What it means?

I got below warning: "'anomalydetection' command: limit for values of field 'message' reached. Some values may have...

by Communicator in

Parse JSON only at 1st level

I want my nested JSON to be parsed only at 1st level instead of parsing all the nested parts. I have below JSON: ...

by Communicator in

Search time line break using REX

Hi Splunkers, Can anyone please help with search time line break for the following log. {"audits"...

by Observer in

How do i extract field usinng regex .

Hi all, I'm new to splunk and i had hard time extracting fields using regex for the following example :Class (six,...

by Engager in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Query returns zero events

How to make substring using rex

Extracting Linux permissions using rex

'BuildInfo' field as "ABCYYYY_Number|XYZ" for eg "ABC2020_17|XYZ. Compare "error1" in consecutive "BuildInfo"

Field value based on stats

How do I find the first and last time a message is seen in a repetitive sequence of events?

Errors through REST API but not through Splunk GUI

Removing characters from output with rex

Complex Pie Chart

How to calculate the factorial of a number in a Splunk search?

Extracting domain name from URL

Field extraction

Limiting Software Enumeration

How to Round an eval average

Getting Average for this search

How to filter rows based on a regex match on all fields?

limit for values of field 'message' reached. Some values may have been truncated or ignored. What it means?

Parse JSON only at 1st level

Search time line break using REX

How do i extract field usinng regex .

Build Scalable Security While Moving to Cloud - Guide From Clayton Homes

Mission Control | Explore the latest release of Splunk Mission Control (2.3)

Cloud Platform | Migrating your Splunk Cloud deployment to Python 3.7

Ex Cisco - run a report for all DFS users who logg...

Splunk query to list all the queries that time out

How to perform time series analysis and anomaly de...

How to find events that were sent to HEC?

How to use a list of output as the input parameter...