Splunk Search

Community Activity

	Get distinct count of users, per user type, for each domain HiI was hoping someone might be able to help me with what I'm trying to achieve. I've tried to work this out but with... by deton0 Explorer in Splunk Search 09-02-2020 0 2	0	2
	Data Models query Can someone help with a query to identify any events which could align with existing Data models, that contain infor... by mag85032 Engager in Splunk Search 09-02-2020 0 0	0	0
	Search for an IP and create a field I have an IP Address after the word Source that I want to extract and create a field and use that field (e.g. clientI... by Xfactor Observer in Splunk Search 09-02-2020 0 2	0	2
	Tracking Failed logon events over time I have been trying to figure out a search that can be used to track failed logon events over time but really struggli... by maxywalker1 Explorer in Splunk Search 09-02-2020 0 2	0	2
	regex returns limit exceeded HiCould you please help me figure out what is wrong with my regex. Splunk is returning a limite exceeds error while m... by drissbek New Member in Splunk Search 09-02-2020 0 2	0	2
	Phishing Domain Hunting with double TLDs BLUF: is there a good way to search for double TLD's?I have been attempting to get at a way to hunt for double TLD's ... by biers04 Explorer in Splunk Search 09-02-2020 0 1	0	1
	Need help with search based on values that are duplicated but have different status levels. In my data, there are duplicate rows for a server, but their status is "active" or "deleted". Based on the field valu... by jiaqya Builder in Splunk Search 09-02-2020 0 1	0	1
	increment count in a field based on field values.. Need help with a situation.Example table below:column1,column2,column3,_time1,2,3,21st1,2,3,22nd1,2,3,23rd3,2,1,23rd4... by jiaqya Builder in Splunk Search 09-02-2020 0 2	0	2
	When first input dropdown value changes run a query using it and set second drop down. How to do it? Here first drop down Dates will display last 7 days of date. When user select any one date, query will be executed an... by cshahfis Engager in Splunk Search 09-02-2020 0 1	0	1
	How do you make fields into individual rows with each field value? I have a search that does the following: \| inputlookup system_scores.csv \| search "big search goes here" \| fields ser... by UMDTERPS Communicator in Splunk Search 09-02-2020 0 1	0	1
	Stats by hour I would like to create a table of count metrics based on hour of the day. So average hits at 1AM, 2AM, etc. stats mi... by motobeats Path Finder in Splunk Search 09-02-2020 0 9	0	9
	Field extraction Hello all,I'm having issues achieving to extract fields from a sample in Splunk.I went to "extract fields", I have th... by marina_rovira Contributor in Splunk Search 09-02-2020 0 6	0	6
	search does not match token which contains file path with special characters Hi Everyone,I passed a token which contain a file path with some special character into a search but it does not show... by ToniHuynh Explorer in Splunk Search 09-02-2020 0 3	0	3
	How to merge two events? Event1 - Ticket_no = username*, id=111 Event2 - Ticket_no = TKT123, Id =0 Is there any way to merge this 2 events to ... by Khuzair81 Path Finder in Splunk Search 09-02-2020 0 4	0	4
	Timechart vs chart behaviour When I run following query: .... \| bin _time span=5m \| timechart avg(responseTime) (responseTime is an extracted fi... by ghildiya Explorer in Splunk Search 09-02-2020 0 5	0	5
	server status on dashboard Good day everyone How can I visualize and edit this query to show the status of our servers, ONLINE/OFFLINE ? by sphiwee Contributor in Splunk Search 09-02-2020 0 1	0	1
	need help or ideas on how to check status of server within the hour still a newbie, need help or ideas on how to check the status of a server if it's changed or stayed the same within t... by owie6466 Explorer in Splunk Search 09-02-2020 0 2	0	2
	Getting error in rex command while running search for DB health check report. Hello Splunkers, I'm working on creating a DB health check report. Idea is to get the error info when there is a fa... by firefox95 Explorer in Splunk Search 09-02-2020 0 2	0	2
	How to efficiently delete rows from KV Store based lookup. I have a lookup which is based on KV store. The lookup contains thousands of rows. We want to delete rows from this l... by iet_ashish Explorer in Splunk Search 09-02-2020 0 3	0	3
	typical week base on month data Hello,I'm trying to chart typical week of our web application users based on data from last 4 weeks. Idea is, roughly... by JakubJ Explorer in Splunk Search 09-02-2020 0 3	0	3
	For Anomaly detection, on string field, which method is better - Zscore or histogram? For Anomaly detection, on string field, which method is better - Zscore or histogram? Please suggest by VS0909 Communicator in Splunk Search 09-01-2020 0 3	0	3
	Datamodel tstats search and normal search result is not same Hi,I run two splunk search and results not come same.In the first search is with tstats ;timeprefix = yesterday\| tsta... by burakatabay Path Finder in Splunk Search 09-01-2020 0 2	0	2
	How to get a list of users who accessed data models in search head? Hi all,I have X number of data models in the search head that I want to get usage information about.Is there a way to... by SRG9 Explorer in Splunk Search 09-01-2020 0 2	0	2
	Search returns no result when including a () Hi everyone,I have trouble to decode the token which contains some special character such as (). Below is my search a... by ToniHuynh Explorer in Splunk Search 09-01-2020 0 1	0	1
	Passing token to dashboard query Passing a token to dashboard using below is not working, dashboard is stuck on "search is waiting for input"message b... by nagarjuna119 Engager in Splunk Search 09-01-2020 0 3	0	3