Splunk Search

Community Activity

How can I count a field grouped by fields from 2 different Sources I am trying to count the employees per location during a particular shift and date. I'm pretty new to SPLUNK and I am... by taichii New Member in Splunk Search 08-15-2020 0 1	0	1
need regex to extract domain from url of mimecast,ironport logs Hi i need assistance in extracting domain from url received in ironport logs,url received in mimecast logsi need the ... by vsneha New Member in Splunk Search 08-15-2020 0 3	0	3
Field Extraction Struggle i have these log entries, and I'm trying to extract the underlined data as "Business_Process" i'm using the below reg... by sphiwee Contributor in Splunk Search 08-15-2020 0 9	0	9
How to populate nonexistent values in a table? My query below generates a table, which appears as follows. The issue that I'm trying to resolve is being able to pop... by adnankhan5133 Communicator in Splunk Search 08-15-2020 0 10	0	10
Help with Stats and time good day everyone,I have been wrestling with a rather trivial task in Splunk but have not been able to progress with ... by qewqre Explorer in Splunk Search 08-14-2020 0 4	0	4
Transaction and Filldown from different hosts I have the following query index="main" \| rex field=_raw "node '(?<Falling_Node>[^']*)" \| eval Rising_Node=case(<... by tbrown Path Finder in Splunk Search 08-14-2020 0 11	0	11
why ulimit values are not persistent even after trying all the splunk recommended options Hello All,I have tried updating ulimits values but it is not persistant in all the instances. Production environment ... by hegderm Engager in Splunk Search 08-14-2020 0 6	0	6
Trying to get Variance by test type I have the standard deviation given to me in statistics.std and am trying to get the average variance by test type(su... by fjyiyfjcfy Loves-to-Learn in Splunk Search 08-14-2020 0 0	0	0
Extraction using rex How do I use rex to extract the backdoor info and the IP addresses so that I can display this info in my splunk dash... by rkris Explorer in Splunk Search 08-14-2020 0 9	0	9
How to Extract a Part of the field in splunk Hi Everyone,It would be great if someone help me on this.I am having one field URL in my raw data.URL = https://jfghd... by chavi Engager in Splunk Search 08-14-2020 1 2	1	2
Get first and last event by ID Is there an easy way to get the first and last event by a unique ID?"transaction" seems to be the way to go but I hav... by benhooper Communicator in Splunk Search 08-14-2020 0 3	0	3
How to only display fields with values in a table I'm interested in doing a search for a number of fields and displaying the output in a \| table ... of only the fields... by alecl Explorer in Splunk Search 08-14-2020 3 15	3	15
How to put found and not found results of search in two different lists Hi,I have the following search and sub-search:index=someindex source=somesource \| search [search index=otherindex sou... by pitmod Explorer in Splunk Search 08-14-2020 0 4	0	4
compare two multivalue fields to get unique values in a third field I have 2 multivalue collumns like below,giving two rows for example:Collumn 1 collumn 2A ... by architkhanna Path Finder in Splunk Search 08-14-2020 0 4	0	4
How do you compare values in two columns created using two different searches and then keep only uncommon values in a separate table(field)? I want search to check values one by one from "table A" and parallel match with values in "table B" . If any value fr... by ashikuma Explorer in Splunk Search 08-13-2020 0 7	0	7
Measure Memory Available_Bytes using sai_metrics_indexes but within a time range Hello,Trying to know, if it is possible to measure Memory Available using the sai_metrics_indexes. More details of th... by subhrangshu Explorer in Splunk Search 08-13-2020 0 0	0	0
How to calculate the number of times a value appear in a multi value field? Hi All,Is there a way we can calculate the number of times a value appear in a multi value field into a separate fiel... by architkhanna Path Finder in Splunk Search 08-13-2020 0 1	0	1
Extract one word Hello, How can I extract debitsksvrvru7 from this query:sndb(1p_debitsksvrvru/-363877568/localhost_debitsksvrvru7)pas... by edfigue Engager in Splunk Search 08-13-2020 0 2	0	2
search on aggregation These are two question that that i need to solve. Memory loss by time since boot aggregated across entire populatio... by sanjeev Explorer in Splunk Search 08-13-2020 0 0	0	0
Only want most recent ticket - dedup? Hey Everyone,Everyday Splunk is ingesting a csv of information, and we are doing charts to show when/how they changed... by Username1 Path Finder in Splunk Search 08-13-2020 0 1	0	1
Is there a way to populate missing/non-existent values? My Splunk query, which I included below, generates a table, which appears as follows. The issue that I'm trying to re... by adnankhan5133 Communicator in Splunk Search 08-13-2020 0 0	0	0
Streamstats sum that doesn't go below zero This is the second time I have come across this problem but I really can't seem to find any answer anywhere. I need t... by ALXWBR Path Finder in Splunk Search 08-13-2020 0 4	0	4
Extraction using rex This is a dashboard panel that i've created by extracting virus information from a log file This is my search query I... by rkris Explorer in Splunk Search 08-13-2020 0 3	0	3
Restrict access to create dashboards and alerts and give access only to run search query Hi,Basically i want to revoke write access to users but due to business requirements i am supposed to give access to ... by Ashwini008 Builder in Splunk Search 08-13-2020 0 4	0	4
Finding the diff of two time stamps is returning null/ empty value Hello,I am trying to find two events from my log with time into consideration, as earliest and latest. Next I am tryi... by subhrangshu Explorer in Splunk Search 08-13-2020 0 1	0	1