Splunk Search

Community Activity

Splunk query for port scan Hi All,I am looking for splunk query to detect vertical and horizontal port scan in the Infra. Any help in this regar... by dsdeepak Explorer in Splunk Search 10-01-2020 0 2	0	2
Issue with missing data when using transaction I use the following querysource="/opt/apps/spring-boot/abc/log/communication.log"\| rex "\"correlation\" : \"(?P<corre... by ellstream44 Explorer in Splunk Search 10-01-2020 0 5	0	5
how to combine 2 separate queries and list there data in tabular format. e.gQUERY 1: host=jtcstcxbsswb* source="/usr/IBM/HTTPServer/logs/access*" httpmethod="GET" statuscode="200" loaninfo="... by Aps17 Explorer in Splunk Search 10-01-2020 0 1	0	1
What causes Maximum Disk Usage error? We are working on/ developing 4-5 Dashboards with around 10 Charts in each Dashboard. When we work on multiple Dashbo... by rajkskumar Explorer in Splunk Search 10-01-2020 0 1	0	1
Filter IP out from datamodel Hello guys,I'm having issues solving this one. I have a generated datamodel of our network traffic (internal) and I n... by p3rf3ctst4r Engager in Splunk Search 10-01-2020 0 2	0	2
multiple event code search we want to detect the multiple events together, for example, we want to find out those events which have event 4741 a... by cyberfan Explorer in Splunk Search 09-30-2020 0 2	0	2
Field extraction using rex Hi, I am new to splunk, I am trying to extract specific message from my log event. The pattern I am looking from belo... by avanijjain16 Explorer in Splunk Search 09-30-2020 0 4	0	4
Query to get the search which consumed more memory and CPU for the past 1 hour SPL query to get the ADHOC search or saved search (with user info) which consumed maximum memory and CPU for the past... by msplunk33 Path Finder in Splunk Search 09-30-2020 0 2	0	2
How to return results in sub-search only if it does not match the results in the main search? o365 AD logs Hello,Using the o365:management:activity logs, I'm trying to create a search where I:Get a list of users and their IP... by SausagePizzza Engager in Splunk Search 09-30-2020 0 1	0	1
Replace string in column A based on query of multiple columns HiI have this table: customer \| city A \| NY B \| NY A \| LA and I want to replace the value in `cu... by olivne Engager in Splunk Search 09-30-2020 0 1	0	1
Finding new IP addresses that haven't been seen before. Hey,I have a splunk instance digesting nmap results. Each host that is found on the network generates an event that h... by help_me_pls New Member in Splunk Search 09-30-2020 0 1	0	1
csv lookup number vs string I have a csv lookup that has a column with numerical data (specifically integers). When I do the lookup, splunk is t... by dglass0215 Path Finder in Splunk Search 09-30-2020 0 1	0	1
Exclude Null in subsearch I have the following query used to build a chart. Sometimes, the incoming events do not have the fields set. How coul... by rajkskumar Explorer in Splunk Search 09-30-2020 0 4	0	4
Transaction command is not closing transactions and is hitting the max open transaction limit (maxopentxn). We recently upgraded to from 7.1.2 to 8.0.3 on on-prem Splunk Enterprise. A previously working saved search is no lo... by andrewcg Path Finder in Splunk Search 09-30-2020 0 4	0	4
Query to get the list of all indexes under a specific index cluster Is there any query to get the list of all indexes under a specific index cluster. by msplunk33 Path Finder in Splunk Search 09-30-2020 0 1	0	1
How to hide some result on a table ? Hi, I have a search ending like this : \| chart count over service by environment\| where prod>50 OR OR dev>50 It retur... by mah Builder in Splunk Search 09-30-2020 0 2	0	2
How to do regression testing before and after an upgrade from Splunk Cloud? Hi, My team will be performing an upgrade from Splunk Cloud. We need to understand how all of our artifact types chan... by EricFSplunker Engager in Splunk Search 09-30-2020 1 0	1	0
Finding value from search and appending to lookup Hi I have following LARGE lookup with over 1000 entries\|host \| type \|\|host1 \| \|\|host2 \| \|\|host3... by k31453 Explorer in Splunk Search 09-30-2020 0 9	0	9
Identify difference in first & second column and output in third column Is there a way to get the difference between column A and column B and output in column CColumn A. Column B.... by changyu New Member in Splunk Search 09-30-2020 0 1	0	1
Compare search results to CSV values Hi all! I have been trying to compare a search with a CSV lookup table. So far no luck... The list contains only 1 co... by Sasquatchatmars Communicator in Splunk Search 09-30-2020 0 4	0	4
How to count valid and invalid requests at the same time? Hello,I want to display the total count of events and failed events count. In my case, it is determined by the field ... by vamshiverma Explorer in Splunk Search 09-30-2020 0 10	0	10
Delete rows in a CSV lookup file Hi all,I have succesfully made a search to populate a CSV file thanks to @gcusello , this file lets me add Usernames ... by Sasquatchatmars Communicator in Splunk Search 09-30-2020 0 10	0	10
How to append two columns from different data inputs based on time I have data in below format Data Input 1 : index=abcTime (YYYY-MM-DD HH24)Count12020-09-30 00102020-09-30 01202020-0... by pahujadeep Explorer in Splunk Search 09-30-2020 0 1	0	1
How to search on another index based on the first search condition? Hi, i am trying to do a search which can shows which internal client accessed the web but i have a proxy to access th... by TrAnS Loves-to-Learn in Splunk Search 09-29-2020 0 1	0	1
Listing out dates and appending to search?? I'm trying to list out all dates between my time picker and have that as a column in my table. I do both things indiv... by tb5821 Communicator in Splunk Search 09-29-2020 0 4	0	4