Splunk Search

Community Activity

How to add columns from lookup table file to main search Hi everyoneI do a search in Splunk and this is the resultsNamePriceDateapple235689/18/2020apple233469/18/2020apple226... by mzn1979 Explorer in Splunk Search 09-19-2020 0 3	0	3
How do we find events on indexers wise in splunk Hi Community,I was trying to get the event details of all the indexes wise in splunk but i couldn't. please help me o... by mputtam Path Finder in Splunk Search 09-18-2020 0 4	0	4
rename command seems to work differently in Splunk 7.2.5.1 vs Splunk 8.0.5.1 Let me start by saying I know we should be using the coalesce command. I didn't write this query, it has been running... by chans28 Explorer in Splunk Search 09-18-2020 0 2	0	2
transpose and xyseries Hi,I have a situation where I need to split my stats table. I have tried to use transpose and xyseries but not gettin... by mbasharat Builder in Splunk Search 09-18-2020 0 5	0	5
How do we handle white space in TIME_FORMAT? I have a log file with events that start like - 2019-01-09 11:19:37 WARN. We ended up using TIME_FORMAT=%Y-%m-%d%t%H... by ddrillic Ultra Champion in Splunk Search 09-18-2020 0 10	0	10
How to get the maximum count by host and time Hi,I am trying to query to pick the maximum TPS count of each host(three hosts) and the time when the maximum count w... by spkriyaz Path Finder in Splunk Search 09-18-2020 0 3	0	3
how to combine two source files with different timestamp I have two source files as below with different dates . 1. 17092020wlslog 2. 18092020wlslogNow I want to merge these... by ddp2kor Loves-to-Learn in Splunk Search 09-18-2020 0 1	0	1
Disable a button when submit button is enabled . There are two buttons on my dashboard .On clicking the submit button , the other button should be disabled .Can anyo... by pb2 Loves-to-Learn Everything in Splunk Search 09-18-2020 0 1	0	1
Editing the Parent ID's of a Splunk Table Panel Everyone,I am trying to edit the ID values for the "div" tags mentioned in the above screenshot so that they are uniq... by aamirs291 Path Finder in Splunk Search 09-18-2020 0 7	0	7
event categorization with rex: best practices? Expanding a bit on my question from last year, "categorize or classify dissimilar field values at search time?":How d... by mitag Contributor in Splunk Search 09-18-2020 0 9	0	9
NOT Search is not giving the expected result i am trying the exclude the events in the sub search query using Search NOT. It is not returning the expected result.... by ajees_basha Explorer in Splunk Search 09-18-2020 0 6	0	6
Join 2 queries and obtain count of rows of right side of join Hi, I am trying to obtain user locked out events (4740) while performing a join with failed password events (4625 log... by Kerghan666 New Member in Splunk Search 09-17-2020 0 1	0	1
Table In table shown above .. The highlighted column name 'changequantity ' , on clicking on this column name it should op... by pb2 Loves-to-Learn Everything in Splunk Search 09-17-2020 0 2	0	2
How to calculate percentage and display this on a timechart? I extract a variable called "state" using rex, and it has 3 values: success, aborted, chargeback Now I want to see th... by mitcanmit Explorer in Splunk Search 09-17-2020 1 5	1	5
Determine frequency over time I am attempting to work out the frequency of events over the selected timespan in weeks. Basically: count of events ... by chrisj Engager in Splunk Search 09-17-2020 0 2	0	2
drill down Question : A Table with 4 columns:eg:A B C D 1 3 1 22 4 1 6 where A , B , C ,D are column names .How on click on c... by pb2 Loves-to-Learn Everything in Splunk Search 09-17-2020 0 1	0	1
Trying to filter out multivalue rex returns when they have a specific value. Hi all, I have run in to a wall on a query I am attempting. I am receiving an error on my log, and one of the items i... by mknezel1 Engager in Splunk Search 09-17-2020 0 2	0	2
If statement help I have a table generating fields Assignee, Support_tier, HR_Country, Hostdomain,I have to Assign some values to 'Assi... by priya0709 Path Finder in Splunk Search 09-17-2020 0 1	0	1
multiple host input listing in splunk query (search & Reporting) i am seeking a way to define a variable where i can define a static list of hosts to (re-)use in adhoc searchesExampl... by p544gm Explorer in Splunk Search 09-17-2020 0 2	0	2
EVAL with Sub search Hi Friends,If I execute below highlighted query I am getting the result where when I supply the result as search it i... by Reddy_dash Engager in Splunk Search 09-17-2020 0 1	0	1
regex to cull particular dest and src IP's before indexing Hi All, I have an issue where I need to cull certain IP sources and destinations from syslog sources before it gets i... by dthompsonsplunk Explorer in Splunk Search 09-17-2020 0 7	0	7
Splunk Logging I have a XML payload like below which is getting logged in Splunk. However when i search in Splunk with customer emai... by sumanth_sun New Member in Splunk Search 09-17-2020 0 1	0	1
Matching a lookup table using rex or regex to match to data in the result of a query field Hello, I am trying to use a lookup table to search against the URL field inside of the proxy logs. The use case is to... by CyberCyberSec Loves-to-Learn in Splunk Search 09-17-2020 0 1	0	1
table sort columns numerically I would like to be able to sort table columns numerically. Right now it sorts based on 1 11 111 2, but I want 1 2 11 ... by pethier Explorer in Splunk Search 09-17-2020 4 15	4	15
help on rename which doesnt works HelloI use the search below but I don't know why the rename command doesn't worksThanks for your help \| inputlookup f... by jip31 Motivator in Splunk Search 09-17-2020 0 6	0	6