Splunk Search

Community Activity

Update CSV values without ovewriting old ones Hi, I am trying to make a CSV table with users that have logged in the system. The CSV file contains a field "Time" a... by Sasquatchatmars Communicator in Splunk Search 09-28-2020 0 7	0	7
What are my searches finding? Hi! This is my first post here so I apologise if the format is flawed. I am a Splunk novice and have been tinkering w... by Freddler Explorer in Splunk Search 09-28-2020 1 10	1	10
How to compare two searches and find common data between them Hi,I have following search where I'm searching for the common Plugin_ID between searches. However with the 'stats cou... by bhagatdd Explorer in Splunk Search 09-28-2020 1 12	1	12
How can I do fields from text-file? I need to get 3 columns: host, port, description from text:10.224.19.18 \| 2222\| New server10.198.18.18 \| 2443 \| IFTet... by Luninho Explorer in Splunk Search 09-28-2020 0 1	0	1
Event correlation Hello,I would like to display some VPN informations in splunk like username, host information, session id. My problem... by miguel1423 Explorer in Splunk Search 09-28-2020 0 10	0	10
Compare two fields and ignore the data with same values Hi, I am trying to include a condition where splunk needs to ignore when it two different fields has the same value... by Meena27 Explorer in Splunk Search 09-28-2020 0 2	0	2
Total and Error count by Provider I am trying to create a table which has Total number of events and the Error count in the events. The field 'services... by rajkskumar Explorer in Splunk Search 09-28-2020 0 7	0	7
How to extract the last part of all the combined URLs Hello Everyone! I have a field(FieldA) which contains multiple URLs together. I would like to have a new field(FieldB... by kiru2992 Path Finder in Splunk Search 09-28-2020 1 14	1	14
New Field REX HELP (API) Hi allI want to create a new AWS monitoring alert.For the first step I checked the AWS fields and I saw that I need t... by havatz Explorer in Splunk Search 09-28-2020 0 10	0	10
Search Marcos Hello,i have two fields Vers0 and Vers1 given in hexadecimal. They encode the Software-Version, in the Form:Vers0.Ver... by light_of_sirius Explorer in Splunk Search 09-28-2020 0 3	0	3
Raw Logs Hi ,How do I fetch the raw logs for the source type :wms_oracle_sessions?Query:index=main sourcetype=wms_oracle_sessi... by rahul2gupta Path Finder in Splunk Search 09-27-2020 0 5	0	5
Finding the ratio between fields in different events I have the a search (picture below) which is calculating the open option interest on several ticker symbols. I was ... by minikatz Engager in Splunk Search 09-27-2020 0 2	0	2
Extracting names from fields Hi, I am trying to extract name of the individuals from the field that I have in the data. For example from the data ... by Rgk_Trail Explorer in Splunk Search 09-26-2020 0 10	0	10
Eval field based on similar events or single event i have a case where i need to determine if a row has been repeated multiple times or not .it may have 4 common value... by jiaqya Builder in Splunk Search 09-26-2020 0 8	0	8
How to get latest time from an index's subsearch When i run this query it seems to run just fine as an adhoc search but when i schedule it, it throws the following er... by aa70627 Communicator in Splunk Search 09-25-2020 1 2	1	2
Assigning a field value to "Earliest" "Latest" time modifiers Hello, I am interested in making the results of one index search (in particular the values of fields early and late) ... by epw0rrell Path Finder in Splunk Search 09-25-2020 0 4	0	4
How to group by field and calculate Error rate ? Hello,I'm trying to determine the Error rate for individual servicename . I'm having trouble while performing group b... by vamshiverma Explorer in Splunk Search 09-25-2020 0 3	0	3
Combined Linux Searches Hello ,Im trying to run a audit search for high priority linux servers - should have the following in the searchsudo ... by gm3ndez New Member in Splunk Search 09-25-2020 0 1	0	1
Failed to parse a JSON string Hi I get data from an CSV file and one of the filed imported is a JSON string called "Tags" which looks like thatTags... by erwanlebaron Engager in Splunk Search 09-25-2020 0 1	0	1
JIRA add-on not ingesting historical data Hi,I am using jira add-on available in splunk base app-1438 to ingest events from JIRA cloud instance to splunk . How... by sumeetsirohi01 New Member in Splunk Search 09-25-2020 0 1	0	1
combine two evals in to a single case statement I have 1600+ storage arrays and they are from multiple vendors, each with different thin provisioning levels. I curre... by codedtech Path Finder in Splunk Search 09-25-2020 0 3	0	3
How to create a lookup table I'm new to Splunk and was wondering how to do a lookup table. So what i'm trying to get is something like a lookup o... by ngox0061 Explorer in Splunk Search 09-25-2020 1 6	1	6
rex help Hello,index=myindex\| spath "Rules{}" output=rules \|mvexpand rules \| table device ip rulesNow my rules has data like b... by surekhasplunk Communicator in Splunk Search 09-25-2020 1 5	1	5
rex help I am using a query below which gives me rules fieldindex=myindex\| spath "Rules{}" output=rules \|mvexpand rules \| tabl... by surekhasplunk Communicator in Splunk Search 09-25-2020 0 1	0	1
How to create a report that appends the data of every past month in the excel before sending Hi,I want to create a report through splunk that will send out an email consisting data of each months stats by auto ... by ak9092 Path Finder in Splunk Search 09-25-2020 0 6	0	6