Splunk Search

Community Activity

Post processing gives incorrect results Hello Everyone,I am new to the splunk and this community. I have searched everyone for my problem but i could not fig... by Kaand Explorer in Splunk Search 10-01-2020 1 2	1	2
streamstats and eval combination to find error HiI have created below dummy sample data- \|makeresults\|eval a="1328,1345" \|append[\|makeresults\| eval state="added", a... by ips_mandar Builder in Splunk Search 10-01-2020 1 3	1	3
Greater and less than Hi, I'm trying this search and it seems to be working as i'm not getting anything outside the range. The issue is I'... by stevelfc Loves-to-Learn in Splunk Search 10-01-2020 0 2	0	2
Need help with creating table and regex {"line":{"log_type":"testlog","log_version":"1.0.0","service":"test","version":"1.0.0","timestamp":"2021-10-01T22:24:... by irshtnak New Member in Splunk Search 10-01-2020 0 1	0	1
How to combine multiple rows into different columns on single row I have a query that returns the following result. StatusCount200800404344002050012 And I would like to transform it t... by hpendela New Member in Splunk Search 10-01-2020 0 1	0	1
Extract aggregated micro-service calls I have a service that is 1 to many microservice so I am aggregating the backend calls into a single entry. { "ti... by cmahoney Loves-to-Learn in Splunk Search 10-01-2020 0 1	0	1
collect command and time I have two Splunk servers and run the following command\| makeresults \| fields - _time \| collect index=temp addtime=f ... by bowesmana SplunkTrust in Splunk Search 10-01-2020 0 2	0	2
How to get locale and numbers shown right in the Splunk UI Hi @gljiva (and others),I'm situated in Scandinavia, where we no one uses the US way of showing numbers ie: "1,234,... by bjarnedein Explorer in Splunk Search 10-01-2020 0 3	0	3
Splunk query for port scan Hi All,I am looking for splunk query to detect vertical and horizontal port scan in the Infra. Any help in this regar... by dsdeepak Explorer in Splunk Search 10-01-2020 0 2	0	2
Issue with missing data when using transaction I use the following querysource="/opt/apps/spring-boot/abc/log/communication.log"\| rex "\"correlation\" : \"(?P<corre... by ellstream44 Explorer in Splunk Search 10-01-2020 0 5	0	5
how to combine 2 separate queries and list there data in tabular format. e.gQUERY 1: host=jtcstcxbsswb* source="/usr/IBM/HTTPServer/logs/access*" httpmethod="GET" statuscode="200" loaninfo="... by Aps17 Explorer in Splunk Search 10-01-2020 0 1	0	1
What causes Maximum Disk Usage error? We are working on/ developing 4-5 Dashboards with around 10 Charts in each Dashboard. When we work on multiple Dashbo... by rajkskumar Explorer in Splunk Search 10-01-2020 0 1	0	1
Filter IP out from datamodel Hello guys,I'm having issues solving this one. I have a generated datamodel of our network traffic (internal) and I n... by p3rf3ctst4r Engager in Splunk Search 10-01-2020 0 2	0	2
multiple event code search we want to detect the multiple events together, for example, we want to find out those events which have event 4741 a... by cyberfan Explorer in Splunk Search 09-30-2020 0 2	0	2
Field extraction using rex Hi, I am new to splunk, I am trying to extract specific message from my log event. The pattern I am looking from belo... by avanijjain16 Explorer in Splunk Search 09-30-2020 0 4	0	4
Query to get the search which consumed more memory and CPU for the past 1 hour SPL query to get the ADHOC search or saved search (with user info) which consumed maximum memory and CPU for the past... by msplunk33 Path Finder in Splunk Search 09-30-2020 0 2	0	2
How to return results in sub-search only if it does not match the results in the main search? o365 AD logs Hello,Using the o365:management:activity logs, I'm trying to create a search where I:Get a list of users and their IP... by SausagePizzza Engager in Splunk Search 09-30-2020 0 1	0	1
Replace string in column A based on query of multiple columns HiI have this table: customer \| city A \| NY B \| NY A \| LA and I want to replace the value in `cu... by olivne Engager in Splunk Search 09-30-2020 0 1	0	1
Finding new IP addresses that haven't been seen before. Hey,I have a splunk instance digesting nmap results. Each host that is found on the network generates an event that h... by help_me_pls New Member in Splunk Search 09-30-2020 0 1	0	1
csv lookup number vs string I have a csv lookup that has a column with numerical data (specifically integers). When I do the lookup, splunk is t... by dglass0215 Path Finder in Splunk Search 09-30-2020 0 1	0	1
Exclude Null in subsearch I have the following query used to build a chart. Sometimes, the incoming events do not have the fields set. How coul... by rajkskumar Explorer in Splunk Search 09-30-2020 0 4	0	4
Transaction command is not closing transactions and is hitting the max open transaction limit (maxopentxn). We recently upgraded to from 7.1.2 to 8.0.3 on on-prem Splunk Enterprise. A previously working saved search is no lo... by andrewcg Path Finder in Splunk Search 09-30-2020 0 4	0	4
Query to get the list of all indexes under a specific index cluster Is there any query to get the list of all indexes under a specific index cluster. by msplunk33 Path Finder in Splunk Search 09-30-2020 0 1	0	1
How to hide some result on a table ? Hi, I have a search ending like this : \| chart count over service by environment\| where prod>50 OR OR dev>50 It retur... by mah Builder in Splunk Search 09-30-2020 0 2	0	2
How to do regression testing before and after an upgrade from Splunk Cloud? Hi, My team will be performing an upgrade from Splunk Cloud. We need to understand how all of our artifact types chan... by EricFSplunker Engager in Splunk Search 09-30-2020 1 0	1	0