Splunk Search

Community Activity

WILDCARD in LookUp .csv files Hi all,I have a challenge, that i have been struggling for the past few days, and can't find the correct solution.I h... by boromir Path Finder in Splunk Search 08-04-2020 0 5	0	5
unable to manipulate string from JSON (AWS CloudTrail) I am trying to write a report of 'AccessDenied' messages in our AWS CloudTrail logs. These are in JSON format and the... by ttovarzoll Path Finder in Splunk Search 08-04-2020 0 3	0	3
how to avoid join Hi, I have scenario where index and sourcetype are same and i am tryng below conditions.chart dc(run) OVER app by eve... by vikashperiwal Path Finder in Splunk Search 08-04-2020 0 3	0	3
IndexScopedSearch Error Details I just ran into the problem -- Error in 'IndexScopedSearch': The search failed. More than 125000 events found at time... by kevintelford Path Finder in Splunk Search 08-04-2020 0 6	0	6
Error in 'IndexScopedSearch': The search failed. More than 1000000 events found at time So I seem to have an issue similar to the one in this question here and have accidentally indexed over 1,000,000 even... by svercelli Path Finder in Splunk Search 08-04-2020 0 3	0	3
How to use 「inputlookup」fliter duplicate domains (BIND dns query log) hello ervery:Scenario:In my case,I use daily search create DnsQueryLog.csv,record the domains inquired every day in t... by Sunjux Explorer in Splunk Search 08-04-2020 0 5	0	5
Convert data to hex with tostring inside chart Hi,Can we manipulate data with functions in a chart.I have a chart table obtained with :\| chart count over user by da... by Voriaz Engager in Splunk Search 08-04-2020 0 3	0	3
How to join two searches for stats command I have 2 queries and need to show the result of both in one table index=someindex queryType="ts" filename=PNASC.HRBD... by prakashbhanu407 New Member in Splunk Search 08-03-2020 0 5	0	5
How to display a unit format and a color format in a single panel with an appendpipe subsearch? HelloI use the search below [\| inputlookup host.csv \| table host] `diskspace` \| fields FreeSpaceKB host \| ... by jip31 Motivator in Splunk Search 08-03-2020 0 0	0	0
Comparing attendance info for two months (Feb and July) I want to create a chart showing the attendance between pre covid (February) and current covid (July) for one of our ... by msage Path Finder in Splunk Search 08-03-2020 0 4	0	4
Changing the background of Single Value Viz. with dark theme If the trend is zero, how do I not have a black background? I just want a grey background by Username1 Path Finder in Splunk Search 08-03-2020 0 0	0	0
How to color code a field value based on the newly created field? Hi!I have a table created with Splunk search with the name of the site and projects with due dates that looks like th... by yvassilyeva Path Finder in Splunk Search 08-03-2020 0 0	0	0
inputlookup + Join search = parsing job I have scheduled search jobs that run nightly. The first search adds fields A and B for the day to the lookup. The ... by bdondlinger Explorer in Splunk Search 08-03-2020 1 6	1	6
How to get previous records in splunk Hi,I have multiple records with different data_set value. I want to get each data_set record at a time. So tried usin... by DHPADIA Engager in Splunk Search 08-03-2020 0 0	0	0
Brute Force Query Help I am trying to mimic the table below. I have the count of the source IP, but how do I get the count of the respective... by alanzchan Path Finder in Splunk Search 08-03-2020 0 1	0	1
Return index position of {someValue} in multi-value field I'm using transaction to combine events & generate multi-value fields. What I want to do is keep the values of a mv f... by stjack99 Explorer in Splunk Search 08-03-2020 0 3	0	3
How to print non-unique values for each row in a table? I have a script that extracts table data from a database and loads the data to other tables in another database. Eve... by VictorCrunch Loves-to-Learn in Splunk Search 08-03-2020 0 9	0	9
alert Hi,How can I set an alert with firing setted to send an email to me.But when It fires on the mail it has to show me a... by dani9 Explorer in Splunk Search 08-03-2020 0 3	0	3
Retrieve stats for this current and previous week Hi,I have the following simple query searchQuery \| stats count, p50(duration), p99(duration) by uri_path and we qu... by srikanth88infy Loves-to-Learn in Splunk Search 08-03-2020 0 4	0	4
How to generate chart with 'streamstats' and consecutive 'stats' statements Hello Everyone!I have to generate a time chart for a calculated average with below sample query. Sample Query: \|stre... by kiru2992 Path Finder in Splunk Search 08-02-2020 0 0	0	0
Date Comparisons . Eg:- R06=Tue 24 Mar 2020,Wed 10 Jun 2020 ,First_Date = Tue 24 Mar 2020, Second_Date = Wed 10 Jun 2020 then compare ... by renuka Path Finder in Splunk Search 08-02-2020 0 0	0	0
Field extraction permissions questions Hi,If I create a field extraction in the context of App1 and set the permissions as Global and give Everyone read per... by jeremyhagand61 Communicator in Splunk Search 08-02-2020 1 1	1	1
Compare field of each event with Subsearch of past each events 1. If the same JobName field name is already exists,Trying to get average of column value of JobName's elapsedtime va... by sarumathi Loves-to-Learn Lots in Splunk Search 08-02-2020 0 0	0	0
Move widgets/icons (Search, Inspect, Refresh, and Export) from bottom-right corner to top-left corner in table in Splunk Dashbaord Is there way to move "Open in Search, Inspect, Refresh, and Export" widgets in Splunk Dashboard-tables? by smusunuri Explorer in Splunk Search 08-02-2020 1 2	1	2
Search related events We have java based rest service A with logfile a.log and another rest service B with log b.logwhen A receives a reque... by mprad New Member in Splunk Search 08-02-2020 0 1	0	1