Splunk Search

Community Activity

	Getting error in rex command while running search for DB health check report. Hello Splunkers, I'm working on creating a DB health check report. Idea is to get the error info when there is a fa... by firefox95 Explorer in Splunk Search 09-02-2020 0 2	0	2
	How to efficiently delete rows from KV Store based lookup. I have a lookup which is based on KV store. The lookup contains thousands of rows. We want to delete rows from this l... by iet_ashish Explorer in Splunk Search 09-02-2020 0 3	0	3
	typical week base on month data Hello,I'm trying to chart typical week of our web application users based on data from last 4 weeks. Idea is, roughly... by JakubJ Explorer in Splunk Search 09-02-2020 0 3	0	3
	For Anomaly detection, on string field, which method is better - Zscore or histogram? For Anomaly detection, on string field, which method is better - Zscore or histogram? Please suggest by VS0909 Communicator in Splunk Search 09-01-2020 0 3	0	3
	Datamodel tstats search and normal search result is not same Hi,I run two splunk search and results not come same.In the first search is with tstats ;timeprefix = yesterday\| tsta... by burakatabay Path Finder in Splunk Search 09-01-2020 0 2	0	2
	How to get a list of users who accessed data models in search head? Hi all,I have X number of data models in the search head that I want to get usage information about.Is there a way to... by SRG9 Explorer in Splunk Search 09-01-2020 0 2	0	2
	Search returns no result when including a () Hi everyone,I have trouble to decode the token which contains some special character such as (). Below is my search a... by ToniHuynh Explorer in Splunk Search 09-01-2020 0 1	0	1
	Passing token to dashboard query Passing a token to dashboard using below is not working, dashboard is stuck on "search is waiting for input"message b... by nagarjuna119 Engager in Splunk Search 09-01-2020 0 3	0	3
	How to extract the hostname value into a separate field using regex? Hello - I need help extracting the "hostname" value into a separate field in the following string: ABC1234: VPN Tun... by mistydennis Communicator in Splunk Search 09-01-2020 0 3	0	3
	Summary indexing with join Hello guys,I'm using index=... \| join commonfield [search index=...] \| sistats count as nbscheduled each minute on lo... by splunkreal Influencer in Splunk Search 09-01-2020 0 5	0	5
	Extracting text from event using search Hi I am trying to make a dashboard that searches events and extracts the correlationId from the event so I can displa... by fabiozihlmann Engager in Splunk Search 09-01-2020 0 2	0	2
	tstats count query 'by' when a field may or maynot exist I would like to search for events by certain fields, and the field may or may not exist. I want to show all results a... by sidsinhad Engager in Splunk Search 09-01-2020 0 6	0	6
	Group events by mutiple fields Hi I have some events in splunk which are of this form-Location: some value(same value can be there in multiple event... by DeXteR New Member in Splunk Search 09-01-2020 0 2	0	2
	aduit all user activity Helloi want to audit all activity in splunk (example : change settings( port udp/tcp configuration , reciving port co... by adcom26 Explorer in Splunk Search 09-01-2020 0 1	0	1
	Lookup With Value Between Two Lookup Fields I have a lookup table which contains a varying low value and a high value for many rows, along with the desired value... by dcsteve24 Explorer in Splunk Search 09-01-2020 0 4	0	4
	saved search multiple values Hi guys, I'm trying to create a saved search (instead of typing the same search command few times a day) , but there... by klaudiac Path Finder in Splunk Search 09-01-2020 0 3	0	3
	How to exclude results from a search by referencing a lookup table? Hi,I have a search that is returning values from certain fields of an index. I would like the search to use a lookup ... by ezmo1982 Path Finder in Splunk Search 09-01-2020 0 2	0	2
	In notepad editor the field offset and its size is known , how to extract fields based upon offset ? In notepad editor the field offset and its size is known , how to extract fields based upon offset ? AS log pattern i... by yogeshpunia05 Explorer in Splunk Search 09-01-2020 0 4	0	4
	How to Redirect hyperlink of one column to another column Hi Everyone,I have a requirement like this.This is my search query.index=xyz sourcetype=yui source="user.log" process... by aditsss Motivator in Splunk Search 09-01-2020 0 2	0	2
	Getting data in called "SUM(AMOUNT)" I'm using Splunk for the first time, and I have an sql query giving the following output:2020-08-31 00:17:34.608, EMP... by nc-mvw Engager in Splunk Search 09-01-2020 0 2	0	2
	compare values inside mv field in a table Hello,I've have an alert that returns by email suspicious login attempts in the form of a table with client_ip, numbe... by UnivLyon2 Explorer in Splunk Search 09-01-2020 0 3	0	3
	regex is working in cisco asa add-on but get error if the same regex is used in UI with regex command HelloI have the following regex from cisco asa add-on default transforms.conf:[cisco_source_ipv4]REGEX = \s+(?:from\|f... by net1993 Path Finder in Splunk Search 08-31-2020 0 2	0	2
	Inner/outer search results don't match I have a query trying to compare two different time periods, which I do with an inner search ( \| append [search <iden... by ShagVT Path Finder in Splunk Search 08-31-2020 0 9	0	9
	Fill Null not working as expected I have a CSV that I am monitoring. The CSV has lots of fields and my extraction works appropriately. What I have no... by willadams Contributor in Splunk Search 08-31-2020 0 1	0	1
	Splunk Forwarder Connectivity from 6.x(UF) to 7.x(HF) to 8.x(IDX) possible? Hi, I have asked this question since we have forwarders that, for some reason, will not be able to upgrade to Win10 o... by rajyah Communicator in Splunk Search 08-31-2020 0 1	0	1