Splunk Search

Community Activity

	Finding ip's not in a inputlookup Hi All,I appreciate that there are tons of answers on this but I am having issues getting it to work!I have a csv nam... by realtimetechnol Explorer in Splunk Search 07-08-2020 0 1	0	1
	'Empty' a csv on a daily basis Hi all,I have a dashboard where users can add comments to a .csv lookup file. The comments are only related to the d... by timrich66 Communicator in Splunk Search 07-08-2020 0 2	0	2
	How to compare and match timestamp of one field with the latest timestamp of other field before calculating duration ? Hi All,I am currently getting following results from my search query - time1 tim... by ak9092 Path Finder in Splunk Search 07-08-2020 0 6	0	6
	How to sum all the Latest events for the specific field How to sum all the Latest events for the specific fieldExample:Raw data of the event: Client=XXXXX,CreationTime=3/19/... by Boopalan New Member in Splunk Search 07-08-2020 0 0	0	0
	Dynamic lookup - how to remove entries? Hello,I have following issue:I have VPN GW used to remote connecting of users, this GW sends log to Splunk. I would l... by lukasmecir Path Finder in Splunk Search 07-08-2020 0 2	0	2
	Search for IP Addresses more efficient using wildcards or CIDR ranges Hello I'm looking to run a search in a Firewall log index for connections to a know IP range and trying to decide whi... by andylee53 New Member in Splunk Search 07-08-2020 0 3	0	3
	Search Data 1 Minute Ago I have data that has _time from 18:00:20-18:00:52 and I set my current time to 18:01 so it should search the 18:00 ti... by mathiasy123 Path Finder in Splunk Search 07-08-2020 0 10	0	10
	Error with Search Scheduler Hi Splunk users, After I successfully deployed a Splunk standalone, I see this error message reg Searches skipped: ... by mufthmu Path Finder in Splunk Search 07-08-2020 0 1	0	1
	Question about replace(X,Y,Z) function I'm kind of new in Splunk and found one syntax of replace when I read the official document. Here is the link https:/... by Scott_Wang Explorer in Splunk Search 07-07-2020 0 4	0	4
	Extract multiple name value pairs from a field Hello,I have a field that contains the string below. a) There can be fewer/more than the 4 events listed below. b) V... by jbax Engager in Splunk Search 07-07-2020 0 3	0	3
	Inconsistent behavior with eval after stats I have this query that matches two types of events, sending a request and receiving an answer. My goal is to take the... by randeepbydesign Engager in Splunk Search 07-07-2020 0 2	0	2
	Splunk users won't update in Ldap authentication I can't assign roles to and can't see new users in Splunk search head for last 2 weeks. We have LDAP auth.A part of t... by dunyaelbasan Path Finder in Splunk Search 07-07-2020 0 4	0	4
	If I use an automatic lookup to overwrite field values, can it be configured to overwrite only if a match exists? Hello all, The question is self explanatory I think. I've seen similar questions that are resolved with an eval, but... by andrewtrobec Motivator in Splunk Search 07-07-2020 0 4	0	4
	compare timestamp splunk and timestamp logs HelloI noticed a lot of the events not the same timestamp as Splunk. Can you tell me how I can compare the date of th... by dfall Loves-to-Learn in Splunk Search 07-07-2020 0 1	0	1
	How to do RIGHT OUTER JOIN with Lookup table? Events stream has ID field in every record. There is a lookup table with a small subset of IDs.The task is to calcul... by pm771 Communicator in Splunk Search 07-07-2020 0 2	0	2
	rex command to extract [2020-07-07 12:40:01+0200] workspace_sandbox RUNNING pid 17159, uptime 21 days, 21:43:58 i have this line of log but ... by sphiwee Contributor in Splunk Search 07-07-2020 0 5	0	5
	Preciso tirar duplicação de um tabela usando o DEDUP Estou com este comandoindex = raw_maximo GR_RESP = STATUS "OPERACAO MAINFRAME"! = Cancelado \| contagem de estatística... by Marcosecpinheir New Member in Splunk Search 07-07-2020 0 1	0	1
	Lookup table help Hello all,Looking for some help integrating a lookup table into my failed login search. What I am trying to achieve i... by tkerr357 Observer in Splunk Search 07-07-2020 0 2	0	2
	Not showing data for a particular sourcetype Events are not getting generated after the date 15th June, 2019 for the following query.index=webmethods_prd sourcety... by pratapa Explorer in Splunk Search 07-07-2020 0 16	0	16
	splunk and task manager hello i begin with splunk and i have Something complex to need i need to index the data coming from the Windows task... by jip31 Motivator in Splunk Search 07-07-2020 0 2	0	2
	Genesys log sourcetype Anyone come up with a custom sourcetype for Genesys Application logs. ? by Stav Loves-to-Learn Lots in Splunk Search 07-06-2020 0 0	0	0
	Replace entire string if it contains partial string Can anyone tell me how I would replace entire strings if they contain partial strings. As a basic example, in my sear... by darls15 Explorer in Splunk Search 07-06-2020 0 2	0	2
	Extract numeric values with in a field We have a field called number and the field number has both alpha and numeric values like "number=AVAILABLE=25 USD;" ... by iamsplunker Communicator in Splunk Search 07-06-2020 0 1	0	1
	How to "UnZip" the result of `timechart count by`? My base query:index=... sourcecode=... \| timechart span=1m count as number by name useother=f In the result I hav... by pm771 Communicator in Splunk Search 07-06-2020 0 1	0	1
	How to extract values from a JSON like string? I am having data like this in my Splunk and I wanted to extract the value of status which is Active.How can I do it w... by kotig Path Finder in Splunk Search 07-06-2020 0 6	0	6