Splunk Search

Community Activity

How to generate a Month-Year Series with 3 months interval ? Hello Experts,I need to generate a series of values in the form of Year-Month to part of the drop down list in the Pa... by promukh Path Finder in Splunk Search 10-09-2020 0 1	0	1
Combine 3 different source type in single table Hi,I want to combine 3 different source type in single table. The column names are different in all the 3 source type... by ND Path Finder in Splunk Search 10-09-2020 0 1	0	1
Compare Search count of main query and subquery I have 2 search queries one is main and the other one is a subquery and i need to find the count difference between b... by javeeth Loves-to-Learn in Splunk Search 10-09-2020 0 2	0	2
Taking one event to give value to other events Greetings Everyone!I am a little confused, hope you can help me. I am trying to assign a value to other rows that are... by 4t14s Explorer in Splunk Search 10-09-2020 0 6	0	6
Why is CSV data showing up as hexadecimal? Please see the attached screenshot. I have a uploaded CSV with valid data but when I upload the CSV, the GUI displa... by jordanking1992 Path Finder in Splunk Search 10-09-2020 0 4	0	4
Replacing Xml header at search time i want to remove the header tag in the xml during search time as it was not properly quoted also, please help with th... by DataOrg Builder in Splunk Search 10-09-2020 0 9	0	9
NOT Like function I am using this like function in in a pie chart and want to exclude the other values How do I use NOT Like or id!="... by athorat Communicator in Splunk Search 10-09-2020 2 6	2	6
How to deal with nested JSON containing variable numbers of objects I'm trying to work with the aws:description events to track changes to security groups. The events are in a nested J... by tableau_merch New Member in Splunk Search 10-09-2020 0 1	0	1
In search - Dynamic REX loading. Hello,I´m trying to load custom rex field extraction if another field has a certain value, for example:if logtype=sys... by cpm003 Path Finder in Splunk Search 10-09-2020 0 2	0	2
splunk I have logs like belowEmail information for the template:payment_receipt_ppo_1 Posted Successfully with status:200Ema... by vinod_52791 Engager in Splunk Search 10-09-2020 0 6	0	6
[Need Help] how to expand 'OTHER' column created by stats command Hi team,when I use stats command to group and aggregration. For example: <base query here>\| bin span=1d _time\| stats... by cheriemilk Path Finder in Splunk Search 10-09-2020 0 4	0	4
Combining Searches from Multiple Sourcetypes Looking for some advice on combining searches from multiple sourcetypes into a single report for my auditing team. Th... by m314219 Explorer in Splunk Search 10-09-2020 1 4	1	4
splunk search I have logs like belowEmail information for the template:payment_receipt_ppo_1 Posted Successfully with status:200Ema... by vinod0313 Explorer in Splunk Search 10-09-2020 0 1	0	1
Join command not working I want to extend the results of the first search : add the column category (from the 2 search) to the results of the... by user2020dy Path Finder in Splunk Search 10-09-2020 0 4	0	4
How to Export custome visualization in PDF format? I have created a "WordCloud" in my dashboard, when i try to export it as PDF worldcloud is not coming please help.. by 9738078959 Engager in Splunk Search 10-09-2020 0 3	0	3
Count Single Occurrence Based On Value Hello, Need some help with the below. We have multiple entries for a single IP that has multiple results as the Statu... by fward92 Engager in Splunk Search 10-08-2020 0 3	0	3
Regex help I am currently trying to use a regex to pick out the events with the date '2020XXXX' - I want the regex to search pic... by jboustead Explorer in Splunk Search 10-08-2020 0 6	0	6
Strange foreach behaviour with wildcards We all know that foreach * will work on all the fields in the result row right...Well it seems that when using datamo... by bowesmana SplunkTrust in Splunk Search 10-08-2020 0 0	0	0
How to exclude the results from main search that matches with sub search Here is my problem statement: 1st Query:index=test "TestRequest" \| dedup _time \| rex field=_raw "Price\":(?<price>.*?... by nits Explorer in Splunk Search 10-08-2020 0 1	0	1
Filter rex value in where clause Hi,I want to filter the below rex value in where clause but its not working.\| rex field=_raw ":[ ]*(?<error>[^:]+$)"\|... by Munatdev Observer in Splunk Search 10-08-2020 0 2	0	2
How to pass IP argument for API call to Python script and integrate with generating command? Hi, I'm very new to splunklib and not so experienced in programming and breaking my brain on this. I have 2 scripts. ... by Bart Explorer in Splunk Search 10-08-2020 0 1	0	1
XML epoch time to time I want to extract dailyTime from XML and convert it into time <globalView id="108" version="17" recordClassName="Nor... by chevalier51 Loves-to-Learn Lots in Splunk Search 10-08-2020 0 7	0	7
I want to index fieldName which contains square brackets Hi,I want to index a fieldName which contains square bracketsBelow is the key-value pair format I have and splunk is... by pallavikarpaklu Explorer in Splunk Search 10-08-2020 0 5	0	5
Event correlation There's been numerous other questions that I've read through to see if a similar situation has been asked but so far ... by Shuzzillay Explorer in Splunk Search 10-08-2020 1 5	1	5
Extracting details from windows logs Hi I'm new to splunk and hope you guys are having a good day!How can I query and extract out the information from thi... by spicynuggs Engager in Splunk Search 10-08-2020 0 3	0	3