Splunk Search

Community Activity

	Need Help to pull the logs in the below format Hi Community,I was trying to pull the logs in the following format _time, src, dest, src_port, dest_port by using st... by mputtam Path Finder in Splunk Search 08-11-2020 0 1	0	1
	Set "latest" search time to 7 days after "earliest" Hi all,I'm trying to set the search period such that "earliest" is a specific day, and "latest" is 7 days after that.... by wu_weidong Path Finder in Splunk Search 08-11-2020 0 1	0	1
	How to get stats count to include zero count by time? Hi,I have a lookup file like this -users:User1User2User3User4...I need to count the events by user:index=myindex \| st... by lukas Loves-to-Learn in Splunk Search 08-11-2020 0 2	0	2
	wql query not returning any events [WMI:Services] Hello,Below query in wmi.conf file is not returning any events . But other queries are working.Please do suggest if a... by dkgs Communicator in Splunk Search 08-11-2020 0 0	0	0
	Join SPL result to a single line? Hi, The following SPL returns records to me as shown below. index="uf_basickpi" host!=DS-* (sourcetype="CPU" counte... by wbolten Path Finder in Splunk Search 08-11-2020 0 2	0	2
	How to produce stats with based on a field clientId Hi, I am stuck at a query problem. So what i need to do is join some events and get the result and for that I am usin... by shashank_24 Path Finder in Splunk Search 08-11-2020 0 5	0	5
	Optimizing search to display week-over-week percentage change of event count Hi all,I'm trying to display a week-over-week percentage change of event count collected for various countries, and d... by wu_weidong Path Finder in Splunk Search 08-11-2020 0 2	0	2
	Append causing dashboard panels to use colours for max ranges In my dashboard, I have "Alerts Open" timechart single value panels with colour ranges that are using the following s... by benhooper Communicator in Splunk Search 08-11-2020 0 1	0	1
	How to create a custom alert based on job failures that includes job name in subject title? Hi, We are planning to create alerts based on the search pattern we are given. We are very new and need your suggesti... by sudhakar419 Observer in Splunk Search 08-10-2020 0 3	0	3
	Extracting using rex How do I use rex to extract the virus info so that I can display this info in my splunk dashboard? by rkris Explorer in Splunk Search 08-10-2020 0 8	0	8
	Source or destination IP Address? Is 192.168.1.111 the source or destination IP Address? by rkris Explorer in Splunk Search 08-10-2020 0 1	0	1
	If column is certain value but the other is null. Hi Everyone,This might be straight forward and I'm missing it but my current query is below and I am not able to get ... by Username1 Path Finder in Splunk Search 08-10-2020 0 5	0	5
	outputlookup append one field but not another I am trying to write a search that will update a lookup asset table, with an additional table column metric (weight1)... by daniel_althoff8 Loves-to-Learn in Splunk Search 08-10-2020 0 4	0	4
	Why does my Geomap not work? I'm trying to display the city and country name for all these IP Addesses which I extracted from my windows log file... by rkris Explorer in Splunk Search 08-10-2020 0 2	0	2
	How to combine the results ? I am new to Splunk. I have the logs in the following format for our servers. Host, CPU, %USAGEHost, Memory, %UsageHos... by skavuri11 Observer in Splunk Search 08-10-2020 0 2	0	2
	How to display only the test name if key "failure" is in the same object in JSON event I am sending sauce labs test results to splunk and they are in this format: { "testsuite": { "@name": "'PR-108... by sloh_splunk Splunk Employee in Splunk Search 08-10-2020 0 3	0	3
	How to make table from two queries with common field HiI have one index with two sources (source=source1 and source2). Both events have two common fields (common_field1 a... by edrivera3 Builder in Splunk Search 08-10-2020 0 4	0	4
	issue with dividing two numbers Hi, Can someone help me with this.I have fields with values SP=3390510 and TP=3394992I am trying to get Success per... by sravankaripe Communicator in Splunk Search 08-10-2020 0 1	0	1
	Dedup field values using if"match"? Hello all, I am attempting to put together a search where I'm taking website status (200=allowed, etc) and breaking i... by BB34 Explorer in Splunk Search 08-10-2020 0 6	0	6
	Saving License on Windows Events - Regex "This event..." Hi! i've been trying to regex some part of the windows events to save license. Many windows events contains a large p... by dieguiariel Path Finder in Splunk Search 08-10-2020 0 9	0	9
	Can't get timechart average to work I'm trying to get the average time that a case is open in a system.To get the latest event per case that's closed and... by benhooper Communicator in Splunk Search 08-10-2020 0 13	0	13
	How to search span for 1 day and 2 hours ? This is my query and I have some challenges in the log. The thing is my daily job will start at 11 PM. If the job run... by karthi2809 Builder in Splunk Search 08-10-2020 0 6	0	6
	How can I compare values from a lookup and alert when there is no mach? Hi, I have a lookup tables with user names (ftp_users.csv).Every day I'm getting one line from a particular system wi... by yossefn Path Finder in Splunk Search 08-10-2020 0 5	0	5
	Tstats Summary Join Different Search Ranges Hey Guys,I am struggling arround a few days now, but I cant find a good/efficient solution for my problem.I want to c... by sarausch New Member in Splunk Search 08-10-2020 0 3	0	3
	SPL Search - Alert if not true (transaction) I have written a rule that is trying to use a transaction and based on the transaction value to either alert or not. ... by willadams Contributor in Splunk Search 08-09-2020 0 1	0	1