Splunk Search

Community Activity

Stuck in writing complex query I want to get below in single query1. dc of field1 overall2. dc of field2 by field1 by Pathik Path Finder in Splunk Search 08-04-2024 0 4	0	4
splunkd_ui_access logs Im trying to create some dashboards to make reading _internal logs easier. I'm trying to figure out what all for the ... by Abass42 Communicator in Splunk Search 08-03-2024 0 2	0	2
How to extract a csv data fields message data into fields? I have a field message that whenI run the search index=example123 host=5566 \|search "specials word" I table message... by Cheng2Ready Communicator in Splunk Search 08-02-2024 0 6	0	6
[Advice/Help] Lookup Table search taking long Hello All, Can ya'll give me advice on why my query taking so long? In a dashboard it just times out and regular verb... by Player01 Engager in Splunk Search 08-02-2024 0 3	0	3
Field from Automatic Lookup (KV Store) not usable I have a KV Store with replicate turned on, a lookup definition with WILDCARD(match_field), and an automatic configur... by ejwade Contributor in Splunk Search 08-02-2024 0 7	0	7
How to join two queries and show not contain value Good day, I am pretty new to Splunk and want a way to join two queries together.Query 1 - Gives me all of my assets \|... by JandrevdM Path Finder in Splunk Search 08-02-2024 0 4	0	4
Want To extract values from query output and create a table Here is the my output data. i want to create a table for path and responsetime . can you please help.Expecting output... by RKP Loves-to-Learn Everything in Splunk Search 08-02-2024 0 16	0	16
Emulating FULL OUTER JOIN Hi, I have to tables: ID name 1..A 2..B ID Error 1..bla1 1..bla2 so Id like a table which is like the following... by andreafebbo Communicator in Splunk Search 08-02-2024 3 12	3	12
BIN - incorrect buckets In my case there is an index with field OP which has a duration TT . Of course there are a lot of records with differ... by kp_pl Path Finder in Splunk Search 08-02-2024 0 5	0	5
Reuse token across different indexes/ searches HiBased on a Multiselect reading from index="pm-azlm_internal_prod_events" sourcetype="azlm" I define a token with t... by Ste Path Finder in Splunk Search 08-01-2024 0 3	0	3
Find all assets in splunk Hi, I am new to Splunk and would like to build a dashboard to find all hosts in environment. This should query all lo... by JandrevdM Path Finder in Splunk Search 08-01-2024 0 4	0	4
Field that exist is not showing in search report Hello all,I have a query which creates a table similar to the following: \| table S42DSN_0001 S42DSN_0010 The table po... by trevor7 Engager in Splunk Search 08-01-2024 0 3	0	3
unable to use loadjob to access field value of a previous savedsearch I am trying to get value of a field from a previous scheduled savedsearch in a new field using loadjob, however unabl... by newsplunker2024 Explorer in Splunk Search 08-01-2024 0 9	0	9
Log Analysis Request for IP Address Values I need to perform an analysis based on a lookup file named checkin_rooms.csv, which includes a column confroom_ipaddr... by Tajuddin Explorer in Splunk Search 08-01-2024 0 2	0	2
Help optimising search Hi - I am currently looking to optimise the search below as it is using a lot of search head resource: index=idem a... by tomjb94 Observer in Splunk Search 07-31-2024 0 3	0	3
How can I filter all events on one field by a value in another field? We pull weekly vulnerability reports from Splunk associated with our Qualys data. I am trying to filter out all reco... by DATT Path Finder in Splunk Search 07-31-2024 0 5	0	5
Line breaking odd issue I'm working with a 9.1.2 UF on Linux. This is the props.conf [stanza] # # Input-time operation on Forwarders # LINE_... by jwhughes58 Contributor in Splunk Search 07-31-2024 0 5	0	5
How get data lookup from other remote peer? Hi all, Can Splunk get data lookup from remote peer server ?The problem is, because we have many Splunk servers, so i... by luthfiag Explorer in Splunk Search 07-31-2024 0 31	0	31
How to Find Unique Buildings Present in One Search but Not in Another Hi Splunk Community, I have a query that retrieves building data from two sources and I need assistance in identifyin... by Tajuddin Explorer in Splunk Search 07-31-2024 0 6	0	6
Need to calculate difference between two epoch timestamps from different searches Hi Community, I need to calculate the difference between two timestamps printed in log4j logs of java application fro... by Anurag_Ntt Explorer in Splunk Search 07-31-2024 0 3	0	3
how to get data last 15minutes data from last 7 days time range saved search? I have a saved search which is scheduled for every 17mins with time range of last 7 days. instead of getting results ... by nivets Engager in Splunk Search 07-31-2024 0 3	0	3
How to export to CSV when fields have commas My data has a tables{}.values{} containing a list of lists. Within each list there is data. Sample data below. When I... by cherrypick Path Finder in Splunk Search 07-30-2024 0 8	0	8
How to generate a baseline on a timechart using a value from a lookup table I have a search that captures a specific product code, calculates the total number of units attributed to the product... by beetlegeuse Path Finder in Splunk Search 07-30-2024 0 4	0	4
Using basesearch with subsearch I nabbed some searches from our license server/monitoring console and placed them in the search head cluster so that ... by fatsug Builder in Splunk Search 07-30-2024 0 4	0	4
Splunk Query Help! I Have Service_names (A, B ,C ,D, E, F, G, H, I J, K, L , M) but want (C ,D, E, F, G, H, I J, K, L , M ) servic... by kc_prane Communicator in Splunk Search 07-30-2024 0 4	0	4