Splunk Search

Community Activity

array HelloI have log like belowFEATURES_USING=[tokenValidatorInfo=false, requestValidationRequired=false, requestPayloadVa... by vinod0313 Explorer in Splunk Search 08-25-2020 0 3	0	3
splunk I have a dashboard like below screenshotWhen I click on 1.0.9-SNAPSHOT(which is hightighted with blue colour in the s... by vinod0313 Explorer in Splunk Search 08-25-2020 0 3	0	3
lookup the fields in a different index I have a splunk query in paloalto data (index=idx_paloalto) something like this:index=idx_paloalto sourcetype=pan:tra... by goringop Explorer in Splunk Search 08-25-2020 0 1	0	1
Compare percentages with a week ago Hello all, I'm trying to put together a dashboard that - among other things - compares the success rate of various tr... by ShagVT Path Finder in Splunk Search 08-25-2020 0 4	0	4
Inputlookup used twice in 1 search with a NOT I have a problem with a 2nd NOT inputlookup that doesn't work. If I break out of the 2nd inputlookup and run this wi... by willadams Contributor in Splunk Search 08-25-2020 0 3	0	3
Comparing contents of separate but related events Hi,I am trying to find the best way to query events based on windows event log 7036 , around status of a service. I w... by paulw10 Explorer in Splunk Search 08-25-2020 0 8	0	8
json Hi I have a log like below which is having jsonFEATURES={ "featureDetails":[ { "featureName":"TOKEN_VALIDATION", "add... by vinod0313 Explorer in Splunk Search 08-25-2020 0 1	0	1
Search&Reporting的“数据摘要”无法显示“主机/来源/来源类型” 使用的版本：splunk:6.2.2splunkforwarder:6.2.2问题：索引-当前大小/事件计数/最晚的事件：都显示有数据，而应用：Search&Reporting的“数据摘要”无法显示“主机/来源/来源类型”。望告知问题... by icgooo New Member in Splunk Search 08-25-2020 0 0	0	0
Time based counting. Hi All,need your help in getting the count correct for the below table.Table: Timesitecodecount2020-08-21FAW12020-08-... by jerinvarghese Communicator in Splunk Search 08-25-2020 0 6	0	6
How to color a panel if the result is not equal a specific datetime ? Hi, My issue is : I have a panel like that :what I want is to change dynamically the color (red for example) when thi... by mah Builder in Splunk Search 08-25-2020 0 1	0	1
Splunk Training PPT Hi Guys,I know this seems very sill query but I am looking this in urgency and I don't have much time to create it fr... by Hemant21 New Member in Splunk Search 08-25-2020 0 3	0	3
Certificate Download I am unable to download splunk certificate .My certificate got expired Can I still download it? by neha0107 New Member in Splunk Search 08-25-2020 0 1	0	1
renaming saved alerts Hi, We have a lot of saved searches and alerts. To make it easier to browse, I want rename them. If I go to manage... by aniketb Path Finder in Splunk Search 08-25-2020 2 5	2	5
Rename and grouping saved searches. These are more feature requests than questions. Why is it not possible to rename a saved search? I have too clone it... by jjordaan Explorer in Splunk Search 08-25-2020 4 5	4	5
Returning the results of two criteria Hi,I am fairly new to Splunk. I have been going down a lot of rabbit holes and its probably time I reach out for som... by johnnybillyd Explorer in Splunk Search 08-25-2020 0 7	0	7
Minimizing relationships between objects Let's say I am using a visualization to map the relationships between different "objects" (my use case isn't IT speci... by pguillen_splunk Splunk Employee in Splunk Search 08-24-2020 0 1	0	1
How to obtain a variable for string value in a field? Need some help ... I looked at several examples but not that straight forward ... The rex and split functions were ... by Stephen11 Explorer in Splunk Search 08-24-2020 0 1	0	1
Windows monitoring- high CPU % process - Splunk Alert Hello,I wanted to setup alert in Splunk cloud for windows machines when CPU% is greater than 90. Please do help how... by dkgs Communicator in Splunk Search 08-24-2020 0 6	0	6
How to fix performance issue when replacing join on rex value? Hi - I'm new to Splunk I am having a performance issue that causes a timeout over longer time spans on a base search ... by Keesh Engager in Splunk Search 08-24-2020 0 2	0	2
Show results of stats count when result is 0 I have a search using stats count but it is not showing the result for an index that has 0 results. There is two colu... by tromero3 Path Finder in Splunk Search 08-24-2020 0 8	0	8
Why does Splunk return 0 results when filtering data that we know is there? Hi everyone! We're sending events to Splunk using the HTTP Collector but we have an issue when we try to search for t... by FedeCarrizo Engager in Splunk Search 08-24-2020 0 8	0	8
Display results of search that are not in result of subsearch I have events sent from a configuration management tool that may either contain a status of 'Job Started', or 'Job Co... by JARFB Engager in Splunk Search 08-24-2020 0 3	0	3
Inconsistent results when searching splunk connect for kubernetes logs Hi all, I’m getting strange results when splunking container logs collected by splunk connect for k8s… when searching... by schose Builder in Splunk Search 08-24-2020 0 1	0	1
sed to replace a string after a match Is there a way I can substitute a string after a regular expression match? For example, i want to replace the IP addr... by anoopdi Path Finder in Splunk Search 08-24-2020 0 2	0	2
Seeing duplicated alerts each time the alerts triggers We have only one log in the Splunk, but the user is receiving 2 alerts at a time with the same search id. by Klas_splunk7777 Observer in Splunk Search 08-24-2020 0 3	0	3