Splunk Search

Community Activity

separately calculated stats side by side in a table I am building a table displayed in a splunk dashboard that needs a complicated query and I was hoping to get a quick ... by hyddenlynx Engager in Splunk Search 10-14-2020 0 1	0	1
Creating a Splunk Alert Rule for Anomoly's detected Hello, I am trying to create a splunk alert to trigger when it detects an anomaly in the firewall logs based on IDS s... by CyberCyberSec Loves-to-Learn in Splunk Search 10-14-2020 0 0	0	0
Field extraction needed Hi,I have data in XML format. Out of many fields that I have extracted, there is another field name pluginText which ... by mbasharat Builder in Splunk Search 10-14-2020 0 4	0	4
Volume end of each day Hi community, using Splunk for a ~month now and need some help, If done correctly, I have the realtime volume/depot. ... by EH Explorer in Splunk Search 10-14-2020 0 3	0	3
Why does this chart work, but this table doesn't? I would like to apply a formula to each of the values in the field "stocks." I have been able to show this in a char... by CarbonCriterium Path Finder in Splunk Search 10-14-2020 0 5	0	5
Whitelist traffic using lookup table Hi alli would like to ask how we can use a lookup table to whitelist a set of src and dest. sample trafficsrc 1.1.1.1... by Ning Engager in Splunk Search 10-14-2020 0 0	0	0
source count vs summary index count not match Hi All,have this dilemma where source counts does not match the count inserted in summary index. sample query that wa... by raventura Observer in Splunk Search 10-14-2020 0 3	0	3
Ignore null values I am using the nix agent to gather disk space. I only collect "df" information once per day. I want to be able to pr... by jackpal Path Finder in Splunk Search 10-14-2020 0 1	0	1
How to execute macro search with REST API How do i execute macros in rest API , example :curl -ku user:pass https://<url> -d search="`macro name` \| table data1... by pravinvram Engager in Splunk Search 10-14-2020 0 3	0	3
[Need help] command "bin span=1d _time" doesn't split stats count by day. Hi team,1. I have below query <base query here>\| rex field=_raw "POST\s+(?<RequestURL>.)HTTP.company\=(?<CMID>.*?)\... by cheriemilk Path Finder in Splunk Search 10-14-2020 0 10	0	10
Can we update a lookup CSV file through a URL in splunk I have CSV inventory file which is dynamic and same needs to updated in splunk manually, Is there a way to integrat... by skhan28 Explorer in Splunk Search 10-14-2020 0 4	0	4
Transaction using datamodel Hello,I am trying to calculate the browse time and bandwith usage of users by looking at the log files of the firewal... by rkd Loves-to-Learn Everything in Splunk Search 10-13-2020 0 2	0	2
How to read FLOAT_ARRAY from dbxquery I'm trying to read an array field from database query using dbxquery, and got error "failed to load column with type ... by kyu New Member in Splunk Search 10-13-2020 0 0	0	0
For a timechart based alert, is it possible to attach both timechart and the corresponding events in the email ? We have an alert configured to send email when the number of results is >20 in 5min but since this is a timechart bas... by kiranstar24 Loves-to-Learn Lots in Splunk Search 10-13-2020 0 7	0	7
regular expression Can i get a regular expression to show TSK KUBHEKA v2.0.70 from the below extract2020-10-13 17:24:15 [bp-[xxxxxxxxx]-... by sphiwee Contributor in Splunk Search 10-13-2020 0 4	0	4
Adding new service into ITSI analyser. Hi I am new to Splunk. I wanted to know how to add a new service into a already created ITSI Splunk dashboard. I need... by SaiN04 New Member in Splunk Search 10-13-2020 0 0	0	0
Bar chart with multiple series Hello,I have the following databook="title1" reader="reader1"book="title1" reader="reader1"book="title1" reader="read... by pitmod Explorer in Splunk Search 10-13-2020 0 2	0	2
Dashboard - multi-select input - how to add "ANY" option apart of the result of a query Hi,I am building a dashboard where I have an multi-select input called locations, which is populated with a query vi... by jacortijo Explorer in Splunk Search 10-13-2020 0 8	0	8
Prevent duplicate IP lookups by verifying it hasn't been used previously Our department has created a Splunk integration that performs API lookups against IPQualityScore. One of our searche... by Nextbeat Path Finder in Splunk Search 10-12-2020 0 1	0	1
Rex command for extracting data from a variable Good Morning,I am currently trying to extract a field from a variable.The variable name is command, and the value th... by Marco Communicator in Splunk Search 10-12-2020 0 1	0	1
Calculate average from two fields My initial log looks something like:The quick brown fox jumps over the lazy dog, and it jumped in 23092 seconds.Tryin... by BornConfused Engager in Splunk Search 10-12-2020 0 4	0	4
Lookup table search criteria each row hello, looking for help on a search query using lookup tablecol1,col2,col3aaa,100,a@a.combbb,200,b@b.comi need to use... by praveenvvn Explorer in Splunk Search 10-12-2020 0 4	0	4
Matching a search (with spath) and Inputlookup Hi Guys,I'm trying to match a result from one search to an Inputlookup.The original search contains "spath" command b... by knadav Explorer in Splunk Search 10-12-2020 1 9	1	9
help for retrieving events not found from a lookup list HelloI use the search below in order to display the list of HOSTNAME which have a SITE field that matches \| inputloo... by jip31 Motivator in Splunk Search 10-12-2020 0 6	0	6
Need help with Rex Function I got a variable called _host_name which = usscic-secfio102.na.xxx.com. I need to derive a variable called host_shor... by Stephen11 Explorer in Splunk Search 10-11-2020 0 2	0	2