Splunk Search

Community Activity

Compare 2 multivalues fields for matching Hi all,i need some help in comparing 2 fields, the other field has multi values,Field 1Field 2127.0.0.1127.0.0.1127.0... by Laxman24 Explorer in Splunk Search 10-11-2020 0 2	0	2
Adding computed column in Chart by date Hi, I have a search below to compare previous 2 days Splunk usage, but I need additional column that computes the dif... by hyp3rf0x Engager in Splunk Search 10-11-2020 0 2	0	2
Formatting output of XML Hi, can I check how can I output this row in a proper format? E.g.<LogonTriggers> <Enabled> ......... by spicynuggs Engager in Splunk Search 10-11-2020 0 2	0	2
Remove specific substrings from specific values I have a query that looks for certain error messages and displays a list sorted by most common occurrence. My problem... by techspec Explorer in Splunk Search 10-10-2020 0 7	0	7
Extracting field as a json object I am trying to extract a field(json array having objects) from events, now I would like to extract few more fields fr... by vpsierra Loves-to-Learn Lots in Splunk Search 10-10-2020 0 1	0	1
Regex pattern Can you help me with this regex pattern? I only need the numbers.simNumber\""2201240132708969900\"I am using "simNum... by irvindominguez9 Observer in Splunk Search 10-09-2020 0 1	0	1
How to generate a Month-Year Series with 3 months interval ? Hello Experts,I need to generate a series of values in the form of Year-Month to part of the drop down list in the Pa... by promukh Path Finder in Splunk Search 10-09-2020 0 1	0	1
Combine 3 different source type in single table Hi,I want to combine 3 different source type in single table. The column names are different in all the 3 source type... by ND Path Finder in Splunk Search 10-09-2020 0 1	0	1
Compare Search count of main query and subquery I have 2 search queries one is main and the other one is a subquery and i need to find the count difference between b... by javeeth Loves-to-Learn in Splunk Search 10-09-2020 0 2	0	2
Taking one event to give value to other events Greetings Everyone!I am a little confused, hope you can help me. I am trying to assign a value to other rows that are... by 4t14s Explorer in Splunk Search 10-09-2020 0 6	0	6
Why is CSV data showing up as hexadecimal? Please see the attached screenshot. I have a uploaded CSV with valid data but when I upload the CSV, the GUI displa... by jordanking1992 Path Finder in Splunk Search 10-09-2020 0 4	0	4
Replacing Xml header at search time i want to remove the header tag in the xml during search time as it was not properly quoted also, please help with th... by DataOrg Builder in Splunk Search 10-09-2020 0 9	0	9
NOT Like function I am using this like function in in a pie chart and want to exclude the other values How do I use NOT Like or id!="... by athorat Communicator in Splunk Search 10-09-2020 2 6	2	6
How to deal with nested JSON containing variable numbers of objects I'm trying to work with the aws:description events to track changes to security groups. The events are in a nested J... by tableau_merch New Member in Splunk Search 10-09-2020 0 1	0	1
In search - Dynamic REX loading. Hello,I´m trying to load custom rex field extraction if another field has a certain value, for example:if logtype=sys... by cpm003 Path Finder in Splunk Search 10-09-2020 0 2	0	2
splunk I have logs like belowEmail information for the template:payment_receipt_ppo_1 Posted Successfully with status:200Ema... by vinod_52791 Engager in Splunk Search 10-09-2020 0 6	0	6
[Need Help] how to expand 'OTHER' column created by stats command Hi team,when I use stats command to group and aggregration. For example: <base query here>\| bin span=1d _time\| stats... by cheriemilk Path Finder in Splunk Search 10-09-2020 0 4	0	4
Combining Searches from Multiple Sourcetypes Looking for some advice on combining searches from multiple sourcetypes into a single report for my auditing team. Th... by m314219 Explorer in Splunk Search 10-09-2020 1 4	1	4
splunk search I have logs like belowEmail information for the template:payment_receipt_ppo_1 Posted Successfully with status:200Ema... by vinod0313 Explorer in Splunk Search 10-09-2020 0 1	0	1
Join command not working I want to extend the results of the first search : add the column category (from the 2 search) to the results of the... by user2020dy Path Finder in Splunk Search 10-09-2020 0 4	0	4
How to Export custome visualization in PDF format? I have created a "WordCloud" in my dashboard, when i try to export it as PDF worldcloud is not coming please help.. by 9738078959 Engager in Splunk Search 10-09-2020 0 3	0	3
Count Single Occurrence Based On Value Hello, Need some help with the below. We have multiple entries for a single IP that has multiple results as the Statu... by fward92 Engager in Splunk Search 10-08-2020 0 3	0	3
Regex help I am currently trying to use a regex to pick out the events with the date '2020XXXX' - I want the regex to search pic... by jboustead Explorer in Splunk Search 10-08-2020 0 6	0	6
Strange foreach behaviour with wildcards We all know that foreach * will work on all the fields in the result row right...Well it seems that when using datamo... by bowesmana SplunkTrust in Splunk Search 10-08-2020 0 0	0	0
How to exclude the results from main search that matches with sub search Here is my problem statement: 1st Query:index=test "TestRequest" \| dedup _time \| rex field=_raw "Price\":(?<price>.*?... by nits Explorer in Splunk Search 10-08-2020 0 1	0	1