Splunk Search

Community Activity

Why does search in fast mode return different results than verbose mode in Splunk Enterprise 7.0.2? Problem: search: 1. Search: index=win* EventCode=4624 \|userlookup(Account_Name)\| table Account_Name name sam eid m... by marycordova SplunkTrust in Splunk Search 08-12-2024 1 7	1	7
How to set different charts' Y axis values to be dependent of the values of one chart ? Hello. This is my third of fourth question in this page (I think) so I would like to beg you mercy if this issue/ques... by juancarlos_pola Explorer in Splunk Search 08-09-2024 1 9	1	9
Extract using pairdelim and kvdelim I am trying to extract fields for this custom data but unable to parse the data\| extract kv pairdelim=" " kvdelim=" ... by srivenna Engager in Splunk Search 08-09-2024 0 1	0	1
Httpevent collector logs in to splunk, not showing the host,source,sourcetype in splunk Hi All,Httpevent collector logs in to splunk, not showing the host,source,sourcetype in splunk, please find the belo... by vijreddy30 Loves-to-Learn Everything in Splunk Search 08-09-2024 0 1	0	1
This usually indicates problems with underlying storage performanc [serversindex] Configuration initialization for /opt/splunk/var/run/searchpeers/serverhead-1721913866 took longer tha... by Alnardo Engager in Splunk Search 08-08-2024 0 4	0	4
aggregate rows with same value hide count Hi guys, i have the following query that produces table below index=core_ct_report_* \| eval brand=case(like(repo... by lemospt Explorer in Splunk Search 08-08-2024 0 1	0	1
Date Format displaying incorrect when uploading CSV HI All,I am new to using Splunk. I am uploading a CSV to Splunk that has a column called 'Transaction Date' with the ... by Declan123 Explorer in Splunk Search 08-08-2024 0 3	0	3
Splunk SPL Examples for WebSphere SystemOut Logs We use Splunk, and I do know that our SystemOut logs are forwarded to the Splunk indexer. Does anyone have some examp... by cadm777 Explorer in Splunk Search 08-08-2024 0 3	0	3
Generate a report where it will output table with different timings in columns I need to generate a report where it will output table with different timings in columns.Trick part is logs captured ... by jcsvaldueza New Member in Splunk Search 08-08-2024 0 1	0	1
Splunk Security Essential - MITRE ATT&CK Matrix HI all,I just installed the security essential app on my splunk but i'm having issues retrieving the MITRE matrix.I g... by lorispiana Loves-to-Learn in Splunk Search 08-08-2024 0 4	0	4
How do report for Windows logon and logoff per user day-by-day Is it possible to get each day first login event( EventCode=4634) as "logon" and Last event of (EventCode=4634) as... by Nraj87 Explorer in Splunk Search 08-08-2024 0 1	0	1
splunk query with substring not working Hello Everyone,I have written the splunk query to remove last 2 character from the string:processingDuration = 102ms ... by super_edition Path Finder in Splunk Search 08-08-2024 0 1	0	1
Combining 3 queries output to produce table \|union [ search index=osp source=xxx EVENT_TYPE=xxx EVENT_SUBTYPE=xxx field1=* field3=xxx field4="" \| eval DATE = s... by jjohn149 Observer in Splunk Search 08-07-2024 0 5	0	5
Troubleshooting how can i troubleshoot when using a dashboard to export data, the data exported has numerous NULL values where there ... by whitecat001 Explorer in Splunk Search 08-07-2024 0 1	0	1
Could not load lookup=LOOKUP-reply_code Good morning!I am receiving the Error: Could not load lookup=LOOKUP-reply_code on multiple boxes. Any similar situat... by mamagreen Engager in Splunk Search 08-07-2024 0 1	0	1
How to get count 0 for the field value which is not matching with events Hi Splunkers, My requirement is below . I have lookup where 7 hosts defined . when my search is running for both tsta... by ssuluguri Path Finder in Splunk Search 08-07-2024 0 10	0	10
Splunk Citrix get-brokersession I have a powershell script running get-brokersession which then exports the results to a txt file. The file is then... by kmm2 Path Finder in Splunk Search 08-07-2024 0 8	0	8
SPL Time range is giving issue Hi Splunkers!I wish to get data in a specific time range using earliest and latest command .I have checked with time ... by chimpui New Member in Splunk Search 08-07-2024 0 4	0	4
Framing query with tstats command Hi, Can anyone please help me to frame the SPL script.I have to collect the list of devices reporting in splunk along... by RanjiRaje Explorer in Splunk Search 08-07-2024 0 7	0	7
Head for each value of a field Hi there.I'm relatively new to searching in Splunk so I can't sometimes get my head wrapped up around some Splunk con... by PickleRick SplunkTrust in Splunk Search 08-07-2024 0 5	0	5
"Corrupt csv header" : how to find the corrupted csv? I find on splunkd.log a lot of warnings as: "Corrupt csv header, contains empty value (col #3)" without any other det... by mekamundia Explorer in Splunk Search 08-06-2024 1 12	1	12
How to remove missing value timestamps for accurate delta calculation HI, I'm running a search for two different timeranges, for missing datapoint pair it's creating discrepancy with my c... by Bart Explorer in Splunk Search 08-06-2024 0 2	0	2
Hi Splunkers - Heat Map Index - Host Hello friends, I am trying to create a heat map where I can see the indexes on the left side and in each cell of the ... by JuanPerez New Member in Splunk Search 08-06-2024 0 2	0	2
Multiple Server New Field Can we create a new field which contains the group of multiple servers name and that field I can use directly in all ... by Chirag812 Explorer in Splunk Search 08-06-2024 0 2	0	2
Regex issue Hi Teami am trying to make below field regex which is coming in every single event. but its not allowing me to use sa... by cbiraris Path Finder in Splunk Search 08-06-2024 0 3	0	3