Splunk Search

Community Activity

	How can I filter all events on one field by a value in another field? We pull weekly vulnerability reports from Splunk associated with our Qualys data. I am trying to filter out all reco... by DATT Path Finder in Splunk Search 07-31-2024 0 5	0	5
	Line breaking odd issue I'm working with a 9.1.2 UF on Linux. This is the props.conf [stanza] # # Input-time operation on Forwarders # LINE_... by jwhughes58 Contributor in Splunk Search 07-31-2024 0 5	0	5
	How get data lookup from other remote peer? Hi all, Can Splunk get data lookup from remote peer server ?The problem is, because we have many Splunk servers, so i... by luthfiag Explorer in Splunk Search 07-31-2024 0 31	0	31
	How to Find Unique Buildings Present in One Search but Not in Another Hi Splunk Community, I have a query that retrieves building data from two sources and I need assistance in identifyin... by Tajuddin Explorer in Splunk Search 07-31-2024 0 6	0	6
	Need to calculate difference between two epoch timestamps from different searches Hi Community, I need to calculate the difference between two timestamps printed in log4j logs of java application fro... by Anurag_Ntt Explorer in Splunk Search 07-31-2024 0 3	0	3
	how to get data last 15minutes data from last 7 days time range saved search? I have a saved search which is scheduled for every 17mins with time range of last 7 days. instead of getting results ... by nivets Engager in Splunk Search 07-31-2024 0 3	0	3
	How to export to CSV when fields have commas My data has a tables{}.values{} containing a list of lists. Within each list there is data. Sample data below. When I... by cherrypick Path Finder in Splunk Search 07-30-2024 0 8	0	8
	How to generate a baseline on a timechart using a value from a lookup table I have a search that captures a specific product code, calculates the total number of units attributed to the product... by beetlegeuse Path Finder in Splunk Search 07-30-2024 0 4	0	4
	Using basesearch with subsearch I nabbed some searches from our license server/monitoring console and placed them in the search head cluster so that ... by fatsug Builder in Splunk Search 07-30-2024 0 4	0	4
	Splunk Query Help! I Have Service_names (A, B ,C ,D, E, F, G, H, I J, K, L , M) but want (C ,D, E, F, G, H, I J, K, L , M ) servic... by kc_prane Communicator in Splunk Search 07-30-2024 0 4	0	4
	Splunk Search help! I Have ServiceNames (A, B ,C ,D, E, F, G, H) but want (C ,D, E, F, G, H ) ServiceNames combined results and renam... by kc_prane Communicator in Splunk Search 07-30-2024 0 5	0	5
	Number comparison seems not to be working Hi, This thing is getting me crazy.I am running Splunk 9.2.1 and I have the following table:amountcomparefrac_typefra... by tommasoscarpa1 Path Finder in Splunk Search 07-30-2024 0 4	0	4
	Timechart based on two joined indexes I have a set of data which comes from two indexes . It looks more or less like below:(index="o_a_p") OR ( index="o_d_... by kp_pl Path Finder in Splunk Search 07-30-2024 0 3	0	3
	How to find computers which stopped sending logs I have a deployment where multiple computers are sending logs to a WEF server using WEF(windows event forwarding). I ... by Nawab Communicator in Splunk Search 07-30-2024 0 5	0	5
	The extraction failed. If you are extracting multiple fields, try removing one or more fields. Hello,While parsing the logs, I'm trying to extract fields, but at some point, I receive the following message "The e... by BRFZ Communicator in Splunk Search 07-29-2024 0 17	0	17
	Display Total transactions with overall count and without taking where clause events in consideration. I want to display total transactions without where condition in result with other fields which has specific where con... by Gauri Engager in Splunk Search 07-29-2024 0 6	0	6
	How to combine the outputs of multiple searches into a single field ? HI Can you please let me know how we can combine the outputs of multiple searches into a single field?? For example... by Real_captain Path Finder in Splunk Search 07-29-2024 0 1	0	1
	How to splunk api to get statistics in python If I run the below code I am getting events in output json file , if I want to get statistics , is there any api avai... by rajendar381 Loves-to-Learn Lots in Splunk Search 07-29-2024 0 0	0	0
	Regex Help! My Raw log says "message: (c4328dd3-d16e-4df8-a8e6-b2ebcab9d8bc)" I wanted to extract everything inside the Parenth... by kc_prane Communicator in Splunk Search 07-29-2024 0 2	0	2
	I have two searches, one search will produce icinga problem alerts and other search will produce icinga recovery alerts. I have two searches, one search will produce icinga problem alerts and other search will produce icinga recovery aler... by bmanikya Loves-to-Learn Everything in Splunk Search 07-29-2024 0 18	0	18
	Query that that tracks multiple traffic flows between firewalls I was wondering if there was a query to track flows through multiple firewallsFor example I want to track the flowsou... by thebhattman New Member in Splunk Search 07-27-2024 0 1	0	1
	Noob Question - Parsing JSON Hi,complete Splunk beginner here, so sorry it this is a stupid question.I'm trying to chart some data that I'm pullin... by ikoth Explorer in Splunk Search 07-27-2024 0 4	0	4
	How to extract specific field values from Splunk query? Hello,My Splunk query returns the marks of students in the below format. User Subject ... by CuriousSplunky Loves-to-Learn Lots in Splunk Search 07-27-2024 0 4	0	4
	Need to output 4 different queries to the same lookup daily, but have the data refresh every 24 hours. My org has millions of events coming in through firewalls.I had a 24 hour timeframe search take 12.5 hours to run. I ... by antoniolamonica SplunkTrust in Splunk Search 07-26-2024 0 4	0	4
	Recursive sub-search I have 3 separate queries. I need to run them one after the other. 1. First query returns a field from each event tha... by rangarbus Path Finder in Splunk Search 07-26-2024 0 3	0	3