Splunk Search

Community Activity

Fill in 0 if no result is returned I am showing list of stopped services by host on a dashboard panel. I have 3 servers to show to show stopped services... by rajnish1202 Explorer in Splunk Search 10-02-2020 0 13	0	13
How to get the date time difference of two different formatted dates Hi, i am relatively newer to splunk, looking for a solution to get time difference is a splunk sample log like this "... by venky10 Loves-to-Learn Everything in Splunk Search 10-02-2020 0 1	0	1
identify scanner and malicious domain For example, My ip is 202.101.53.4, I want to identify what are the domains sent me the most number of packets (most ... by cyberfan Explorer in Splunk Search 10-02-2020 0 1	0	1
How to extract key, field name, and value with regex? I'm wondering if somebody had faced this freaking behavior. I wanna extract both key, the field name, and its value ... by tcmarquesi Explorer in Splunk Search 10-02-2020 0 16	0	16
Fetching logs via Splunk SDK on index time and event time simultaneously Hi Team,We are currently extracting logs from Splunk via Splunk SDK based on index time. We have been seeing issues w... by pcnitk New Member in Splunk Search 10-02-2020 0 1	0	1
Subsearch produced 50000 results, truncating to maxout 50000 Query: index=summary_estore_error_cust report=DelPassError userType=LoyalElite \| rex field=raw "(UserId\W*(?\d+))" ... by sureshwalmart Explorer in Splunk Search 10-02-2020 3 13	3	13
How to filter a result with two timestamp ? Hi,I have a search which I want to optimise by replace the join command : index="AAA" sourcetype=BBB\| stats count(OK)... by mah Builder in Splunk Search 10-02-2020 0 4	0	4
Search events for multiple samaccountnames Hello Cam someone assist on how to do a search like below for multiple samaccountnames ? ideally from a txt file or C... by papa Explorer in Splunk Search 10-02-2020 1 2	1	2
how to query time spent by user in a console Hi I want to create a report to display time spent by user in a consoleBeing beginner doesnt know how to query .Any ... by anikeshp7 Path Finder in Splunk Search 10-02-2020 1 19	1	19
timechart data derived from lookup Hi,I have data that contains a field in binary that i can use a lookup table to map the various binary values to a va... by mcaulsc Path Finder in Splunk Search 10-01-2020 1 4	1	4
Post processing gives incorrect results Hello Everyone,I am new to the splunk and this community. I have searched everyone for my problem but i could not fig... by Kaand Explorer in Splunk Search 10-01-2020 1 2	1	2
streamstats and eval combination to find error HiI have created below dummy sample data- \|makeresults\|eval a="1328,1345" \|append[\|makeresults\| eval state="added", a... by ips_mandar Builder in Splunk Search 10-01-2020 1 3	1	3
Greater and less than Hi, I'm trying this search and it seems to be working as i'm not getting anything outside the range. The issue is I'... by stevelfc Loves-to-Learn in Splunk Search 10-01-2020 0 2	0	2
Need help with creating table and regex {"line":{"log_type":"testlog","log_version":"1.0.0","service":"test","version":"1.0.0","timestamp":"2021-10-01T22:24:... by irshtnak New Member in Splunk Search 10-01-2020 0 1	0	1
How to combine multiple rows into different columns on single row I have a query that returns the following result. StatusCount200800404344002050012 And I would like to transform it t... by hpendela New Member in Splunk Search 10-01-2020 0 1	0	1
Extract aggregated micro-service calls I have a service that is 1 to many microservice so I am aggregating the backend calls into a single entry. { "ti... by cmahoney Loves-to-Learn in Splunk Search 10-01-2020 0 1	0	1
collect command and time I have two Splunk servers and run the following command\| makeresults \| fields - _time \| collect index=temp addtime=f ... by bowesmana SplunkTrust in Splunk Search 10-01-2020 0 2	0	2
How to get locale and numbers shown right in the Splunk UI Hi @gljiva (and others),I'm situated in Scandinavia, where we no one uses the US way of showing numbers ie: "1,234,... by bjarnedein Explorer in Splunk Search 10-01-2020 0 3	0	3
Splunk query for port scan Hi All,I am looking for splunk query to detect vertical and horizontal port scan in the Infra. Any help in this regar... by dsdeepak Explorer in Splunk Search 10-01-2020 0 2	0	2
Issue with missing data when using transaction I use the following querysource="/opt/apps/spring-boot/abc/log/communication.log"\| rex "\"correlation\" : \"(?P<corre... by ellstream44 Explorer in Splunk Search 10-01-2020 0 5	0	5
how to combine 2 separate queries and list there data in tabular format. e.gQUERY 1: host=jtcstcxbsswb* source="/usr/IBM/HTTPServer/logs/access*" httpmethod="GET" statuscode="200" loaninfo="... by Aps17 Explorer in Splunk Search 10-01-2020 0 1	0	1
What causes Maximum Disk Usage error? We are working on/ developing 4-5 Dashboards with around 10 Charts in each Dashboard. When we work on multiple Dashbo... by rajkskumar Explorer in Splunk Search 10-01-2020 0 1	0	1
Filter IP out from datamodel Hello guys,I'm having issues solving this one. I have a generated datamodel of our network traffic (internal) and I n... by p3rf3ctst4r Engager in Splunk Search 10-01-2020 0 2	0	2
multiple event code search we want to detect the multiple events together, for example, we want to find out those events which have event 4741 a... by cyberfan Explorer in Splunk Search 09-30-2020 0 2	0	2
Field extraction using rex Hi, I am new to splunk, I am trying to extract specific message from my log event. The pattern I am looking from belo... by avanijjain16 Explorer in Splunk Search 09-30-2020 0 4	0	4