Splunk Search

Community Activity

New rows for each of the Extracted values from a multi-valued field Hello Everyone!Currently the result of my query is below:Input:id URL101 ... by kiru2992 Path Finder in Splunk Search 09-29-2020 0 12	0	12
Spread a value over a variable duration I have several events that are structured like this:2020-09-28T15:18:40Z duration=8.0 somevalue=42 otherfield=A2020-0... by enenkey Loves-to-Learn in Splunk Search 09-29-2020 0 3	0	3
How to group values of the same field and display timechart counts for each group month over month? I first need to group values of the same field... Group1 (values match A1, A2, A3,...) Group2 (values match B1, B2, ... by tmaltizo Path Finder in Splunk Search 09-29-2020 0 6	0	6
hi team need to fetch the from the given files using operator >= I have got a field Vulnerability ages, which are having now in days like 120days,110, days,30days,45daysI need to fet... by shoyeb Observer in Splunk Search 09-29-2020 0 1	0	1
To get IP counts by no of occurence I have a query which can give DIfferent IPS that are hitting to the top URI's source= some source 404 \| stats count v... by naval1992 Engager in Splunk Search 09-29-2020 0 3	0	3
How to add a color to the field in one column based on the other column filed values Hi,How can I add a color to the field in one column based on the other column filed values? The example below, I need... by msr New Member in Splunk Search 09-29-2020 0 1	0	1
How to convert this time format with strptime()? I haven't found something for this time format in the docs:Mon Sep 28 00:00:00 GMT 2020How can I convert this with st... by Sundried Explorer in Splunk Search 09-28-2020 0 2	0	2
Subsearch and Join(?) for VPN+Azure+O365 correlation I'm trying to look at all of our users using personal VPN who have accessed O365 (Sharepoint, OneDrive, etc.) from th... by fdevera Path Finder in Splunk Search 09-28-2020 0 4	0	4
Stats count for multiple fields in search I have a query that has multiple states represented in each log event how do i get stats based on the state values my... by rockybhai Loves-to-Learn Lots in Splunk Search 09-28-2020 0 3	0	3
30 Minute Interval Search Hello,I'd like my search to return 30 min interval searches between 9/24/2020 20:00 and the current date; what's the ... by itsmevic Communicator in Splunk Search 09-28-2020 0 1	0	1
Macro at time field extraction Hi, we use a lot of base64 encoded fields to save traffic bandwidth.Is there any way to decode these fields at index ... by me74fhfd Path Finder in Splunk Search 09-28-2020 0 4	0	4
no events for distinct logins into an app in the last 30 days Requirement- I want to display distinct logins into an app in the last 30 days.My query returns zero events.index="12... by anikeshp7 Path Finder in Splunk Search 09-28-2020 0 6	0	6
Simplify REGEX Several months back I created a macro with the following regular expressions to "clean up" and concatenate several st... by CarbonCriterium Path Finder in Splunk Search 09-28-2020 0 1	0	1
Update CSV values without ovewriting old ones Hi, I am trying to make a CSV table with users that have logged in the system. The CSV file contains a field "Time" a... by Sasquatchatmars Communicator in Splunk Search 09-28-2020 0 7	0	7
What are my searches finding? Hi! This is my first post here so I apologise if the format is flawed. I am a Splunk novice and have been tinkering w... by Freddler Explorer in Splunk Search 09-28-2020 1 10	1	10
How to compare two searches and find common data between them Hi,I have following search where I'm searching for the common Plugin_ID between searches. However with the 'stats cou... by bhagatdd Explorer in Splunk Search 09-28-2020 1 12	1	12
How can I do fields from text-file? I need to get 3 columns: host, port, description from text:10.224.19.18 \| 2222\| New server10.198.18.18 \| 2443 \| IFTet... by Luninho Explorer in Splunk Search 09-28-2020 0 1	0	1
Event correlation Hello,I would like to display some VPN informations in splunk like username, host information, session id. My problem... by miguel1423 Explorer in Splunk Search 09-28-2020 0 10	0	10
Compare two fields and ignore the data with same values Hi, I am trying to include a condition where splunk needs to ignore when it two different fields has the same value... by Meena27 Explorer in Splunk Search 09-28-2020 0 2	0	2
Total and Error count by Provider I am trying to create a table which has Total number of events and the Error count in the events. The field 'services... by rajkskumar Explorer in Splunk Search 09-28-2020 0 7	0	7
How to extract the last part of all the combined URLs Hello Everyone! I have a field(FieldA) which contains multiple URLs together. I would like to have a new field(FieldB... by kiru2992 Path Finder in Splunk Search 09-28-2020 1 14	1	14
New Field REX HELP (API) Hi allI want to create a new AWS monitoring alert.For the first step I checked the AWS fields and I saw that I need t... by havatz Explorer in Splunk Search 09-28-2020 0 10	0	10
Search Marcos Hello,i have two fields Vers0 and Vers1 given in hexadecimal. They encode the Software-Version, in the Form:Vers0.Ver... by light_of_sirius Explorer in Splunk Search 09-28-2020 0 3	0	3
Raw Logs Hi ,How do I fetch the raw logs for the source type :wms_oracle_sessions?Query:index=main sourcetype=wms_oracle_sessi... by rahul2gupta Path Finder in Splunk Search 09-27-2020 0 5	0	5
Finding the ratio between fields in different events I have the a search (picture below) which is calculating the open option interest on several ticker symbols. I was ... by minikatz Engager in Splunk Search 09-27-2020 0 2	0	2