Splunk Search

Community Activity

Compare field of each event with Subsearch of past each events 1. If the same JobName field name is already exists,Trying to get average of column value of JobName's elapsedtime va... by sarumathi Loves-to-Learn Lots in Splunk Search 08-02-2020 0 0	0	0
Move widgets/icons (Search, Inspect, Refresh, and Export) from bottom-right corner to top-left corner in table in Splunk Dashbaord Is there way to move "Open in Search, Inspect, Refresh, and Export" widgets in Splunk Dashboard-tables? by smusunuri Explorer in Splunk Search 08-02-2020 1 2	1	2
Search related events We have java based rest service A with logfile a.log and another rest service B with log b.logwhen A receives a reque... by mprad New Member in Splunk Search 08-02-2020 0 1	0	1
search events from txt I have one txt file, only one column, the txt file has around 60 SHA-256 hashes. these hashes are from malicious file... by cyberfan Explorer in Splunk Search 08-02-2020 0 1	0	1
search for script launched there are some malware enabled by word Macro and run VB script to communicate to outside. I want to find out what are... by cyberfan Explorer in Splunk Search 08-02-2020 0 1	0	1
Jump to next line in Search Hi, is it possible to jump to the next line in the search window, to make the whole search more readable? Thanks H... by HeinzWaescher Motivator in Splunk Search 08-02-2020 0 6	0	6
Moving beyond noob queries (comparing results) Imagine the following data set:STUDENTEOY_GRADEGENDERSTUDENT_STATUSAlice96FemaleACTIVEBob94MaleACTIVECandice92FemaleF... by awmorris Path Finder in Splunk Search 08-01-2020 0 3	0	3
How to remove an entire column from results if all the values of the column are zero? Is there any possibility to remove an entire column if all the values of the column are zero? by Naren26 Path Finder in Splunk Search 08-01-2020 0 4	0	4
Education is down for maintenance on last day of 30 days. I need to take the final quiz. I will need an additional day to complete the final quiz for Fundamentals 3 if this doesn’t come up in next couple of... by mangopickle New Member in Splunk Search 08-01-2020 0 1	0	1
How to determine missing entries for a given time I have a scenario where when a device checks in, it sends multiple records of it's inventory with the same time stamp... by warren_h Observer in Splunk Search 07-31-2020 0 3	0	3
Percentage of value combinations in the dataset Hello,I am looking to figure out the percentage of times certain value combinations appear in the data. The field I... by CarbonCriterium Path Finder in Splunk Search 07-31-2020 0 3	0	3
How to perform regex on latest event? I have a query statement like so index=* "account balance:" \| rex "blah blah account balance:(?P<balance>(\d{1,3}(,... by splunktest_ Loves-to-Learn Lots in Splunk Search 07-31-2020 0 2	0	2
Explicit Search/Alert for an Error I am looking at setting up Search/Alert if i see an only "ERROR OGG-01296", however don't want to receive any alert w... by kvallala Explorer in Splunk Search 07-31-2020 0 2	0	2
Is there a "keepdup" command? HI, I am looking for something that is the 'opposite' of dedup; where the duplicate events are kept, and singular eve... by hirschel New Member in Splunk Search 07-31-2020 0 1	0	1
use eval variable in my search hi, i'm trying to use an eval variable in my search. i've tried many different things and i've failed, and i'm sure t... by gpSplunk123 Engager in Splunk Search 07-31-2020 0 3	0	3
How to search for all outward bound data? I'm a noobie here, and I'm trying to figure out how to search for all outward bound data. How does one accomplish thi... by splunktest_ Loves-to-Learn Lots in Splunk Search 07-31-2020 0 1	0	1
Connecting "remotely" instead of using localhost I want to test an HEC script that is hosted remotely by pointing it to the Splunk instance at my desk.Up to this poin... by chris94089 Path Finder in Splunk Search 07-31-2020 0 1	0	1
Count of events by field where field has multiple instances of same value Hi there We presently have a setup where error codes are extracted and put into their own field. The way it's been s... by djohnson99 Explorer in Splunk Search 07-31-2020 0 2	0	2
query the number between a range Hi,I have alerts when the number goes above certain % of the disk usage. So there are alerts at 70, 80, 90. It works ... by deepakaakula Explorer in Splunk Search 07-31-2020 0 8	0	8
Search for sample to convert my Pivot Table from excel to SPL, have raw data Hi, I am a beginner of SPLUNK and SPL. Recently I am asked to replace my statistic table from excel into SPLUNK to c... by puppy0723 New Member in Splunk Search 07-31-2020 0 0	0	0
Troubles pivoting from dnslookup results to index search I am trying to use the results of dnslookup to pivot the results to query my index.\| makeresults\| eval domain="google... by cbakes New Member in Splunk Search 07-31-2020 0 1	0	1
map command Can I use the map command with the variable being the index and/or sourcetype?\| makeresults\| eval User = "12345", ind... by kgrahamLM Observer in Splunk Search 07-31-2020 0 7	0	7
Sum in timechart I want to display earliest invested amount based on type (stock,fd,mutual fund,etc) over a month and want to keep num... by shravanikarale Loves-to-Learn Lots in Splunk Search 07-31-2020 0 0	0	0
How can we make first tab as default when dashboard is opened Hi All,We have a dashboard which uses three layers of tabs- (please refer attached screenshot)Issue- when we load the... by shugup2923 Path Finder in Splunk Search 07-31-2020 0 1	0	1
How to change default from "All time" in Pivot time filter? Currently when building a pivot table the default time is set to "All Time". Is it possible to set it to some other v... by jwebster0000 Engager in Splunk Search 07-31-2020 2 8	2	8