Splunk Search

Community Activity

30 Minute Interval Search Hello,I'd like my search to return 30 min interval searches between 9/24/2020 20:00 and the current date; what's the ... by itsmevic Communicator in Splunk Search 09-28-2020 0 1	0	1
Macro at time field extraction Hi, we use a lot of base64 encoded fields to save traffic bandwidth.Is there any way to decode these fields at index ... by me74fhfd Path Finder in Splunk Search 09-28-2020 0 4	0	4
no events for distinct logins into an app in the last 30 days Requirement- I want to display distinct logins into an app in the last 30 days.My query returns zero events.index="12... by anikeshp7 Path Finder in Splunk Search 09-28-2020 0 6	0	6
Simplify REGEX Several months back I created a macro with the following regular expressions to "clean up" and concatenate several st... by CarbonCriterium Path Finder in Splunk Search 09-28-2020 0 1	0	1
Update CSV values without ovewriting old ones Hi, I am trying to make a CSV table with users that have logged in the system. The CSV file contains a field "Time" a... by Sasquatchatmars Communicator in Splunk Search 09-28-2020 0 7	0	7
What are my searches finding? Hi! This is my first post here so I apologise if the format is flawed. I am a Splunk novice and have been tinkering w... by Freddler Explorer in Splunk Search 09-28-2020 1 10	1	10
How to compare two searches and find common data between them Hi,I have following search where I'm searching for the common Plugin_ID between searches. However with the 'stats cou... by bhagatdd Explorer in Splunk Search 09-28-2020 1 12	1	12
How can I do fields from text-file? I need to get 3 columns: host, port, description from text:10.224.19.18 \| 2222\| New server10.198.18.18 \| 2443 \| IFTet... by Luninho Explorer in Splunk Search 09-28-2020 0 1	0	1
Event correlation Hello,I would like to display some VPN informations in splunk like username, host information, session id. My problem... by miguel1423 Explorer in Splunk Search 09-28-2020 0 10	0	10
Compare two fields and ignore the data with same values Hi, I am trying to include a condition where splunk needs to ignore when it two different fields has the same value... by Meena27 Explorer in Splunk Search 09-28-2020 0 2	0	2
Total and Error count by Provider I am trying to create a table which has Total number of events and the Error count in the events. The field 'services... by rajkskumar Explorer in Splunk Search 09-28-2020 0 7	0	7
How to extract the last part of all the combined URLs Hello Everyone! I have a field(FieldA) which contains multiple URLs together. I would like to have a new field(FieldB... by kiru2992 Path Finder in Splunk Search 09-28-2020 1 14	1	14
New Field REX HELP (API) Hi allI want to create a new AWS monitoring alert.For the first step I checked the AWS fields and I saw that I need t... by havatz Explorer in Splunk Search 09-28-2020 0 10	0	10
Search Marcos Hello,i have two fields Vers0 and Vers1 given in hexadecimal. They encode the Software-Version, in the Form:Vers0.Ver... by light_of_sirius Explorer in Splunk Search 09-28-2020 0 3	0	3
Raw Logs Hi ,How do I fetch the raw logs for the source type :wms_oracle_sessions?Query:index=main sourcetype=wms_oracle_sessi... by rahul2gupta Path Finder in Splunk Search 09-27-2020 0 5	0	5
Finding the ratio between fields in different events I have the a search (picture below) which is calculating the open option interest on several ticker symbols. I was ... by minikatz Engager in Splunk Search 09-27-2020 0 2	0	2
Extracting names from fields Hi, I am trying to extract name of the individuals from the field that I have in the data. For example from the data ... by Rgk_Trail Explorer in Splunk Search 09-26-2020 0 10	0	10
Eval field based on similar events or single event i have a case where i need to determine if a row has been repeated multiple times or not .it may have 4 common value... by jiaqya Builder in Splunk Search 09-26-2020 0 8	0	8
How to get latest time from an index's subsearch When i run this query it seems to run just fine as an adhoc search but when i schedule it, it throws the following er... by aa70627 Communicator in Splunk Search 09-25-2020 1 2	1	2
Assigning a field value to "Earliest" "Latest" time modifiers Hello, I am interested in making the results of one index search (in particular the values of fields early and late) ... by epw0rrell Path Finder in Splunk Search 09-25-2020 0 4	0	4
How to group by field and calculate Error rate ? Hello,I'm trying to determine the Error rate for individual servicename . I'm having trouble while performing group b... by vamshiverma Explorer in Splunk Search 09-25-2020 0 3	0	3
Combined Linux Searches Hello ,Im trying to run a audit search for high priority linux servers - should have the following in the searchsudo ... by gm3ndez New Member in Splunk Search 09-25-2020 0 1	0	1
Failed to parse a JSON string Hi I get data from an CSV file and one of the filed imported is a JSON string called "Tags" which looks like thatTags... by erwanlebaron Engager in Splunk Search 09-25-2020 0 1	0	1
JIRA add-on not ingesting historical data Hi,I am using jira add-on available in splunk base app-1438 to ingest events from JIRA cloud instance to splunk . How... by sumeetsirohi01 New Member in Splunk Search 09-25-2020 0 1	0	1
combine two evals in to a single case statement I have 1600+ storage arrays and they are from multiple vendors, each with different thin provisioning levels. I curre... by codedtech Path Finder in Splunk Search 09-25-2020 0 3	0	3