Splunk Search

Community Activity

Dashboard - multi-select input - how to add "ANY" option apart of the result of a query Hi,I am building a dashboard where I have an multi-select input called locations, which is populated with a query vi... by jacortijo Explorer in Splunk Search 10-13-2020 0 8	0	8
Prevent duplicate IP lookups by verifying it hasn't been used previously Our department has created a Splunk integration that performs API lookups against IPQualityScore. One of our searche... by Nextbeat Path Finder in Splunk Search 10-12-2020 0 1	0	1
Rex command for extracting data from a variable Good Morning,I am currently trying to extract a field from a variable.The variable name is command, and the value th... by Marco Communicator in Splunk Search 10-12-2020 0 1	0	1
Calculate average from two fields My initial log looks something like:The quick brown fox jumps over the lazy dog, and it jumped in 23092 seconds.Tryin... by BornConfused Engager in Splunk Search 10-12-2020 0 4	0	4
Lookup table search criteria each row hello, looking for help on a search query using lookup tablecol1,col2,col3aaa,100,a@a.combbb,200,b@b.comi need to use... by praveenvvn Explorer in Splunk Search 10-12-2020 0 4	0	4
Matching a search (with spath) and Inputlookup Hi Guys,I'm trying to match a result from one search to an Inputlookup.The original search contains "spath" command b... by knadav Explorer in Splunk Search 10-12-2020 1 9	1	9
help for retrieving events not found from a lookup list HelloI use the search below in order to display the list of HOSTNAME which have a SITE field that matches \| inputloo... by jip31 Motivator in Splunk Search 10-12-2020 0 6	0	6
Need help with Rex Function I got a variable called _host_name which = usscic-secfio102.na.xxx.com. I need to derive a variable called host_shor... by Stephen11 Explorer in Splunk Search 10-11-2020 0 2	0	2
How to group and count first and last timestamp Hi to everyone,I have some trouble on setting a correct output for a search query.This is the start situation of the ... by glm_cybaze Engager in Splunk Search 10-11-2020 0 4	0	4
how to get the count of different ErrorID's from application log Hello splunk users,Can someone help me with a solution? I am running my base search query to see the error in respons... by iqbalintouch Path Finder in Splunk Search 10-11-2020 1 3	1	3
Compare 2 multivalues fields for matching Hi all,i need some help in comparing 2 fields, the other field has multi values,Field 1Field 2127.0.0.1127.0.0.1127.0... by Laxman24 Explorer in Splunk Search 10-11-2020 0 2	0	2
Adding computed column in Chart by date Hi, I have a search below to compare previous 2 days Splunk usage, but I need additional column that computes the dif... by hyp3rf0x Engager in Splunk Search 10-11-2020 0 2	0	2
Formatting output of XML Hi, can I check how can I output this row in a proper format? E.g.<LogonTriggers> <Enabled> ......... by spicynuggs Engager in Splunk Search 10-11-2020 0 2	0	2
Remove specific substrings from specific values I have a query that looks for certain error messages and displays a list sorted by most common occurrence. My problem... by techspec Explorer in Splunk Search 10-10-2020 0 7	0	7
Search formatting in Splunk 6.5.0 for easier readability I saw a feature in Splunk 6.5.0 where you can press a single button in the search bar and it will autoformat the quer... by markdflip Path Finder in Splunk Search 10-10-2020 7 18	7	18
Extracting field as a json object I am trying to extract a field(json array having objects) from events, now I would like to extract few more fields fr... by vpsierra Loves-to-Learn Lots in Splunk Search 10-10-2020 0 1	0	1
Regex pattern Can you help me with this regex pattern? I only need the numbers.simNumber\""2201240132708969900\"I am using "simNum... by irvindominguez9 Observer in Splunk Search 10-09-2020 0 1	0	1
How to generate a Month-Year Series with 3 months interval ? Hello Experts,I need to generate a series of values in the form of Year-Month to part of the drop down list in the Pa... by promukh Path Finder in Splunk Search 10-09-2020 0 1	0	1
Combine 3 different source type in single table Hi,I want to combine 3 different source type in single table. The column names are different in all the 3 source type... by ND Path Finder in Splunk Search 10-09-2020 0 1	0	1
Compare Search count of main query and subquery I have 2 search queries one is main and the other one is a subquery and i need to find the count difference between b... by javeeth Loves-to-Learn in Splunk Search 10-09-2020 0 2	0	2
Taking one event to give value to other events Greetings Everyone!I am a little confused, hope you can help me. I am trying to assign a value to other rows that are... by 4t14s Explorer in Splunk Search 10-09-2020 0 6	0	6
Why is CSV data showing up as hexadecimal? Please see the attached screenshot. I have a uploaded CSV with valid data but when I upload the CSV, the GUI displa... by jordanking1992 Path Finder in Splunk Search 10-09-2020 0 4	0	4
Replacing Xml header at search time i want to remove the header tag in the xml during search time as it was not properly quoted also, please help with th... by DataOrg Builder in Splunk Search 10-09-2020 0 9	0	9
NOT Like function I am using this like function in in a pie chart and want to exclude the other values How do I use NOT Like or id!="... by athorat Communicator in Splunk Search 10-09-2020 2 6	2	6
How to deal with nested JSON containing variable numbers of objects I'm trying to work with the aws:description events to track changes to security groups. The events are in a nested J... by tableau_merch New Member in Splunk Search 10-09-2020 0 1	0	1