Splunk Search

Community Activity

Ignore null values I am using the nix agent to gather disk space. I only collect "df" information once per day. I want to be able to pr... by jackpal Path Finder in Splunk Search 10-14-2020 0 1	0	1
How to execute macro search with REST API How do i execute macros in rest API , example :curl -ku user:pass https://<url> -d search="`macro name` \| table data1... by pravinvram Engager in Splunk Search 10-14-2020 0 3	0	3
[Need help] command "bin span=1d _time" doesn't split stats count by day. Hi team,1. I have below query <base query here>\| rex field=_raw "POST\s+(?<RequestURL>.)HTTP.company\=(?<CMID>.*?)\... by cheriemilk Path Finder in Splunk Search 10-14-2020 0 10	0	10
Can we update a lookup CSV file through a URL in splunk I have CSV inventory file which is dynamic and same needs to updated in splunk manually, Is there a way to integrat... by skhan28 Explorer in Splunk Search 10-14-2020 0 4	0	4
Transaction using datamodel Hello,I am trying to calculate the browse time and bandwith usage of users by looking at the log files of the firewal... by rkd Loves-to-Learn Everything in Splunk Search 10-13-2020 0 2	0	2
How to read FLOAT_ARRAY from dbxquery I'm trying to read an array field from database query using dbxquery, and got error "failed to load column with type ... by kyu New Member in Splunk Search 10-13-2020 0 0	0	0
For a timechart based alert, is it possible to attach both timechart and the corresponding events in the email ? We have an alert configured to send email when the number of results is >20 in 5min but since this is a timechart bas... by kiranstar24 Loves-to-Learn Lots in Splunk Search 10-13-2020 0 7	0	7
regular expression Can i get a regular expression to show TSK KUBHEKA v2.0.70 from the below extract2020-10-13 17:24:15 [bp-[xxxxxxxxx]-... by sphiwee Contributor in Splunk Search 10-13-2020 0 4	0	4
Adding new service into ITSI analyser. Hi I am new to Splunk. I wanted to know how to add a new service into a already created ITSI Splunk dashboard. I need... by SaiN04 New Member in Splunk Search 10-13-2020 0 0	0	0
Bar chart with multiple series Hello,I have the following databook="title1" reader="reader1"book="title1" reader="reader1"book="title1" reader="read... by pitmod Explorer in Splunk Search 10-13-2020 0 2	0	2
Dashboard - multi-select input - how to add "ANY" option apart of the result of a query Hi,I am building a dashboard where I have an multi-select input called locations, which is populated with a query vi... by jacortijo Explorer in Splunk Search 10-13-2020 0 8	0	8
Prevent duplicate IP lookups by verifying it hasn't been used previously Our department has created a Splunk integration that performs API lookups against IPQualityScore. One of our searche... by Nextbeat Path Finder in Splunk Search 10-12-2020 0 1	0	1
Rex command for extracting data from a variable Good Morning,I am currently trying to extract a field from a variable.The variable name is command, and the value th... by Marco Communicator in Splunk Search 10-12-2020 0 1	0	1
Calculate average from two fields My initial log looks something like:The quick brown fox jumps over the lazy dog, and it jumped in 23092 seconds.Tryin... by BornConfused Engager in Splunk Search 10-12-2020 0 4	0	4
Lookup table search criteria each row hello, looking for help on a search query using lookup tablecol1,col2,col3aaa,100,a@a.combbb,200,b@b.comi need to use... by praveenvvn Explorer in Splunk Search 10-12-2020 0 4	0	4
Matching a search (with spath) and Inputlookup Hi Guys,I'm trying to match a result from one search to an Inputlookup.The original search contains "spath" command b... by knadav Explorer in Splunk Search 10-12-2020 1 9	1	9
help for retrieving events not found from a lookup list HelloI use the search below in order to display the list of HOSTNAME which have a SITE field that matches \| inputloo... by jip31 Motivator in Splunk Search 10-12-2020 0 6	0	6
Need help with Rex Function I got a variable called _host_name which = usscic-secfio102.na.xxx.com. I need to derive a variable called host_shor... by Stephen11 Explorer in Splunk Search 10-11-2020 0 2	0	2
How to group and count first and last timestamp Hi to everyone,I have some trouble on setting a correct output for a search query.This is the start situation of the ... by glm_cybaze Engager in Splunk Search 10-11-2020 0 4	0	4
how to get the count of different ErrorID's from application log Hello splunk users,Can someone help me with a solution? I am running my base search query to see the error in respons... by iqbalintouch Path Finder in Splunk Search 10-11-2020 1 3	1	3
Compare 2 multivalues fields for matching Hi all,i need some help in comparing 2 fields, the other field has multi values,Field 1Field 2127.0.0.1127.0.0.1127.0... by Laxman24 Explorer in Splunk Search 10-11-2020 0 2	0	2
Adding computed column in Chart by date Hi, I have a search below to compare previous 2 days Splunk usage, but I need additional column that computes the dif... by hyp3rf0x Engager in Splunk Search 10-11-2020 0 2	0	2
Formatting output of XML Hi, can I check how can I output this row in a proper format? E.g.<LogonTriggers> <Enabled> ......... by spicynuggs Engager in Splunk Search 10-11-2020 0 2	0	2
Remove specific substrings from specific values I have a query that looks for certain error messages and displays a list sorted by most common occurrence. My problem... by techspec Explorer in Splunk Search 10-10-2020 0 7	0	7
Search formatting in Splunk 6.5.0 for easier readability I saw a feature in Splunk 6.5.0 where you can press a single button in the search bar and it will autoformat the quer... by markdflip Path Finder in Splunk Search 10-10-2020 7 18	7	18