Splunk Search

Community Activity

	Search returns no result when including a () Hi everyone,I have trouble to decode the token which contains some special character such as (). Below is my search a... by ToniHuynh Explorer in Splunk Search 09-01-2020 0 1	0	1
	Passing token to dashboard query Passing a token to dashboard using below is not working, dashboard is stuck on "search is waiting for input"message b... by nagarjuna119 Engager in Splunk Search 09-01-2020 0 3	0	3
	How to extract the hostname value into a separate field using regex? Hello - I need help extracting the "hostname" value into a separate field in the following string: ABC1234: VPN Tun... by mistydennis Communicator in Splunk Search 09-01-2020 0 3	0	3
	Summary indexing with join Hello guys,I'm using index=... \| join commonfield [search index=...] \| sistats count as nbscheduled each minute on lo... by splunkreal Influencer in Splunk Search 09-01-2020 0 5	0	5
	Extracting text from event using search Hi I am trying to make a dashboard that searches events and extracts the correlationId from the event so I can displa... by fabiozihlmann Engager in Splunk Search 09-01-2020 0 2	0	2
	tstats count query 'by' when a field may or maynot exist I would like to search for events by certain fields, and the field may or may not exist. I want to show all results a... by sidsinhad Engager in Splunk Search 09-01-2020 0 6	0	6
	Group events by mutiple fields Hi I have some events in splunk which are of this form-Location: some value(same value can be there in multiple event... by DeXteR New Member in Splunk Search 09-01-2020 0 2	0	2
	aduit all user activity Helloi want to audit all activity in splunk (example : change settings( port udp/tcp configuration , reciving port co... by adcom26 Explorer in Splunk Search 09-01-2020 0 1	0	1
	Lookup With Value Between Two Lookup Fields I have a lookup table which contains a varying low value and a high value for many rows, along with the desired value... by dcsteve24 Explorer in Splunk Search 09-01-2020 0 4	0	4
	saved search multiple values Hi guys, I'm trying to create a saved search (instead of typing the same search command few times a day) , but there... by klaudiac Path Finder in Splunk Search 09-01-2020 0 3	0	3
	How to exclude results from a search by referencing a lookup table? Hi,I have a search that is returning values from certain fields of an index. I would like the search to use a lookup ... by ezmo1982 Path Finder in Splunk Search 09-01-2020 0 2	0	2
	In notepad editor the field offset and its size is known , how to extract fields based upon offset ? In notepad editor the field offset and its size is known , how to extract fields based upon offset ? AS log pattern i... by yogeshpunia05 Explorer in Splunk Search 09-01-2020 0 4	0	4
	How to Redirect hyperlink of one column to another column Hi Everyone,I have a requirement like this.This is my search query.index=xyz sourcetype=yui source="user.log" process... by aditsss Motivator in Splunk Search 09-01-2020 0 2	0	2
	Getting data in called "SUM(AMOUNT)" I'm using Splunk for the first time, and I have an sql query giving the following output:2020-08-31 00:17:34.608, EMP... by nc-mvw Engager in Splunk Search 09-01-2020 0 2	0	2
	compare values inside mv field in a table Hello,I've have an alert that returns by email suspicious login attempts in the form of a table with client_ip, numbe... by UnivLyon2 Explorer in Splunk Search 09-01-2020 0 3	0	3
	regex is working in cisco asa add-on but get error if the same regex is used in UI with regex command HelloI have the following regex from cisco asa add-on default transforms.conf:[cisco_source_ipv4]REGEX = \s+(?:from\|f... by net1993 Path Finder in Splunk Search 08-31-2020 0 2	0	2
	Inner/outer search results don't match I have a query trying to compare two different time periods, which I do with an inner search ( \| append [search <iden... by ShagVT Path Finder in Splunk Search 08-31-2020 0 9	0	9
	Fill Null not working as expected I have a CSV that I am monitoring. The CSV has lots of fields and my extraction works appropriately. What I have no... by willadams Contributor in Splunk Search 08-31-2020 0 1	0	1
	Splunk Forwarder Connectivity from 6.x(UF) to 7.x(HF) to 8.x(IDX) possible? Hi, I have asked this question since we have forwarders that, for some reason, will not be able to upgrade to Win10 o... by rajyah Communicator in Splunk Search 08-31-2020 0 1	0	1
	Wrong results on stats sum or addcoltotals upon reaching 13th decimal value and beyond Hi,The screenshot presented below shows that there are 2 pairs that negates each other which should equal to 0 on col... by rajyah Communicator in Splunk Search 08-31-2020 0 2	0	2
	TA-asngen lookup - does it actually work? Been looking for a replacement for the GeoASN app that used to exist on Splunkbase for a while, and the TA-asngen (ht... by howyagoin Contributor in Splunk Search 08-31-2020 0 2	0	2
	The fillnull_value option in tstats command According to Splunk document in "tstats" command, the optional argument, fillnull_value, is available for my Splunk v... by lucas4394 Path Finder in Splunk Search 08-31-2020 0 2	0	2
	To find New error in server logs that was not present in logs in the past one week. I am looking to trigger an alert in splunk if a new error is there in server logs. New error is an error/s that was n... by VS0909 Communicator in Splunk Search 08-31-2020 0 9	0	9
	Merge multiple rows into one of a field With the below query I am able to get data as below(first one) and I need to convert it as second box For the time fi... by obularajud16 Explorer in Splunk Search 08-31-2020 0 2	0	2
	How to group events, subtract earliest rank from latest rank per user, and track value change over time? Hello, Each event represents a user state and every user has rank. data look as follow : timerankusertime1302time1501... by amoulkaf Engager in Splunk Search 08-31-2020 0 3	0	3