Splunk Search

Community Activity

Minimizing relationships between objects Let's say I am using a visualization to map the relationships between different "objects" (my use case isn't IT speci... by pguillen_splunk Splunk Employee in Splunk Search 08-24-2020 0 1	0	1
How to obtain a variable for string value in a field? Need some help ... I looked at several examples but not that straight forward ... The rex and split functions were ... by Stephen11 Explorer in Splunk Search 08-24-2020 0 1	0	1
Windows monitoring- high CPU % process - Splunk Alert Hello,I wanted to setup alert in Splunk cloud for windows machines when CPU% is greater than 90. Please do help how... by dkgs Communicator in Splunk Search 08-24-2020 0 6	0	6
How to fix performance issue when replacing join on rex value? Hi - I'm new to Splunk I am having a performance issue that causes a timeout over longer time spans on a base search ... by Keesh Engager in Splunk Search 08-24-2020 0 2	0	2
Show results of stats count when result is 0 I have a search using stats count but it is not showing the result for an index that has 0 results. There is two colu... by tromero3 Path Finder in Splunk Search 08-24-2020 0 8	0	8
Why does Splunk return 0 results when filtering data that we know is there? Hi everyone! We're sending events to Splunk using the HTTP Collector but we have an issue when we try to search for t... by FedeCarrizo Engager in Splunk Search 08-24-2020 0 8	0	8
Display results of search that are not in result of subsearch I have events sent from a configuration management tool that may either contain a status of 'Job Started', or 'Job Co... by JARFB Engager in Splunk Search 08-24-2020 0 3	0	3
Inconsistent results when searching splunk connect for kubernetes logs Hi all, I’m getting strange results when splunking container logs collected by splunk connect for k8s… when searching... by schose Builder in Splunk Search 08-24-2020 0 1	0	1
sed to replace a string after a match Is there a way I can substitute a string after a regular expression match? For example, i want to replace the IP addr... by anoopdi Path Finder in Splunk Search 08-24-2020 0 2	0	2
Seeing duplicated alerts each time the alerts triggers We have only one log in the Splunk, but the user is receiving 2 alerts at a time with the same search id. by Klas_splunk7777 Observer in Splunk Search 08-24-2020 0 3	0	3
Stats function with additional fields Hi, In my splunk events, I have multiple jobsNames and their corresponding statusText. For one jobName, there will be... by worldexplorer81 Path Finder in Splunk Search 08-24-2020 0 4	0	4
Table with Multiple by Fields I have a search that I have been asked to organize in a different way.Mysearch \| rex (FieldA)(FieldB)(FieldC)(FieldD)... by Ladron New Member in Splunk Search 08-24-2020 0 1	0	1
Remove useless header HTML events Hey Splunkers! Could someone please help me to remove useless header HTML events before it gets indexed into splunk.T... by Madhu02splunk New Member in Splunk Search 08-24-2020 0 1	0	1
json to table Hello I have a log like below,which is having JSON objectFEATURES=[{<!-- -->"featureName":"TOKEN_VALIDATION","addedIn":"1.0.7... by vinod0313 Explorer in Splunk Search 08-24-2020 0 3	0	3
Regex host upper case my query fetches (host, incident) from subject line by using below regex commandregex field=subject max_match=0 “(<In... by priya0709 Path Finder in Splunk Search 08-24-2020 0 9	0	9
Search combine transaction with summing Goal:To get a table summing the amount of data transferred between specified time ranges based on a transaction.Sampl... by rogueraider Explorer in Splunk Search 08-23-2020 0 4	0	4
a very simple query with two data hello Guys,I'm very very noob using Splunk, I have a very simple log file which contains 5 columns of data:bloque1 \|... by rpachecoa New Member in Splunk Search 08-23-2020 0 1	0	1
How to detect a newly sessionid with SPL and alert. I want to do a security log monitoring and using splunk alert feature to send email notifications. The security log a... by umou7 Explorer in Splunk Search 08-23-2020 0 4	0	4
How to sum of two result of appending subsearch in Total Hi,I have two OUTPUT as " IA" and "IB" in one chart by appending sub search.I want addcoltotals of sum of "IA" and "I... by Manasi25 Explorer in Splunk Search 08-23-2020 0 4	0	4
Splunk Python Script to Decode MIME Headers in email subject I wrote a python script that works great from the command-line however when I run it from the search in the browser I... by bkirk Path Finder in Splunk Search 08-22-2020 2 9	2	9
Blocking New Events from getting triggered based on the status of the Earliest Event Everyone,Needed help on an issue of event blocking for a Splunk setup which would receive events from a Web page that... by aamirs291 Path Finder in Splunk Search 08-21-2020 0 1	0	1
unable to extract deeply-nested JSON from AWS CloudTrail I have a large query which works great to search CloudTrail logs for Security Group changes. Different events, howeve... by ttovarzoll Path Finder in Splunk Search 08-21-2020 0 1	0	1
How do I narrow my base query by time Greetings,I want to use one base query for my dashboard, with time going back a couple months. I thought I would po... by chris94089 Path Finder in Splunk Search 08-21-2020 0 4	0	4
Day of Week in Columns to Match Day of Week and Return Results In my lookup table, I have the days of the week as columns with "Y" or "N" in the field (not able to change this as t... by CSULeigh Explorer in Splunk Search 08-21-2020 0 3	0	3
List events but exclude if part of transaction My log has timeout events that occur on calls to UPS. There are timeout events for other reasons as well. I want my... by bbuff1 New Member in Splunk Search 08-21-2020 0 1	0	1