Splunk Search

Community Activity

	Ingesting Palo Alto Threat logs with log_subtype=URL into Splunk Hi there, We are currently ingesting Palo Alto threat logs into Splunk although we are missing the 'URL' log_subtype.... by cwhelan Explorer in Splunk Search 07-16-2024 0 1	0	1
	Extracting Messages which may be found in event I have a search yielding the following result"message":"gimlet::hardware_controller: State { target: Idle, state: Idl... by nkavouris Path Finder in Splunk Search 07-16-2024 0 4	0	4
	Unique values of one field based on unique values of another field Morning, Splunkers!I've got a fun one today. I need to find the most resource efficient way (i.e., fastest way that w... by A_VA Explorer in Splunk Search 07-16-2024 0 2	0	2
	I can see 2 different sourcetypes (xmlwineventlog, XmlWinEventLog) Hi All, It would be great help if anyone help me figure out this.App is deployed in the UFs to receive such logs in s... by RanjiRaje Explorer in Splunk Search 07-16-2024 0 3	0	3
	How to round a percentage value in a pie chart to 1 decimal place? Hi, I have the entry below in my dashboard which shows the percent value in pie chart, but defaults to 3 decimal pla... by dvg06 Path Finder in Splunk Search 07-16-2024 0 6	0	6
	Download/Export all the Indexed data from Splunk cloud We have approximately a year's worth of data in our Splunk Cloud instance. Due to certain reasons, we need to export ... by Aditi27 Loves-to-Learn Lots in Splunk Search 07-16-2024 0 1	0	1
	_rawdata Hi,I had been using search syntax "rename "_raw" AS errortrace" in my custom search but one of my app team needs _ra... by guru333 Engager in Splunk Search 07-16-2024 0 3	0	3
	removing decimal value in table how do i get the values in days_to_eol to just show without the .00 decimal.I even rounded the result to the nearest ... by sintjm Path Finder in Splunk Search 07-16-2024 0 1	0	1
	Want To extract fields and values from JSON Below is my row text in Splunk and i want to extract JSON array from from below row text.After extract I want to do ... by gauravkumar85 Path Finder in Splunk Search 07-16-2024 0 10	0	10
	how to convert number to string using tostring function? Hello,how to convert number to string using tostring function?I tried using tostring function, but the result is stil... by LearningGuy Motivator in Splunk Search 07-15-2024 0 10	0	10
	Extracting fields within nested json data Hi,I am new to splunk development .Please provide your assistance for creating a search . Thanks advance.Trying to c... by Pr1 New Member in Splunk Search 07-15-2024 0 4	0	4
	How to convert transpose rows to columns by column name match I have result like this column, row 1 TotalHits: Create, 171 TotalHits: Health, 894 TotalHi... by josephpe Explorer in Splunk Search 07-14-2024 0 2	0	2
	Count of multiple unique events per field Hi Folks, I have two types of events that look like thisType1:TXN_ID=abcd inbound call INGRESSType2:TXN_ID=abcd inbou... by larunrahul Observer in Splunk Search 07-14-2024 0 1	0	1
	How to find a index are used in reports, alerts and dashboards? It there any best way to find if an index used in any of the saved searches, alerts, reports and dashboard by susinkumar Engager in Splunk Search 07-12-2024 0 5	0	5
	timechart function not working as expected I have this query which is working well in Splunk8 whereas I am getting timechart with wrong values in Splunk9. Is th... by riyastk Observer in Splunk Search 07-12-2024 0 5	0	5
	Search earliest and latest within a field Hi All;I have list of events, which includes a field called reported_date, format is yyyy-mm-dd.I'm trying to create ... by mrdeterville Explorer in Splunk Search 07-12-2024 0 2	0	2
	Count values changes only when value in a column changes Hello wonderful Splunk community,I have some data where I want count to change only when status changes:Status Coun... by nabeel652 Builder in Splunk Search 07-12-2024 0 6	0	6
	Using match to see if a container begins with a string and setting a value as a result I am trying to write a search query as part of our alerting. The intention is that if search results come from a cer... by SleepyGuy Engager in Splunk Search 07-12-2024 0 1	0	1
	Help in optimising a horrible regex (46K+ steps) Hi Splunkers,I am trying to extract a string within a string, which has been repeated, with the addition of some pre-... by Nikobobinus Explorer in Splunk Search 07-12-2024 0 3	0	3
	How to get ip range lookup? I uploaded csv lookup table has 2 field location and iprange.iS THERE WAY TO GET WHAT ARE POSSIBLE IP IN EACH RANGE. ... by abi2023 Path Finder in Splunk Search 07-12-2024 0 8	0	8
	Search Query Specific Values Hello,I'm trying to only capture and show only the time it took for the service to complete. Shown below, is is a rec... by msarkaus Path Finder in Splunk Search 07-11-2024 0 2	0	2
	How to show only related fields when condition matches Hi Team, I am trying to create a search which says If myField= xyz, then i need to show id , salary ,department field... by vikashperiwal89 Engager in Splunk Search 07-11-2024 0 4	0	4
	Split time period into shorter intervals Hello, I have this data set: event, start_time, end_time EV1, 2024/07/11 12:05, 2024/07/11 13:05 EV2, 2024/07/11 21... by tommasoscarpa1 Path Finder in Splunk Search 07-11-2024 0 3	0	3
	Host Field is Using the Old Hostname Hi,I'm facing an issue with 5 hosts, recently we change the hostname of these machines but it is not reflected in the... by ibraheem Explorer in Splunk Search 07-11-2024 0 6	0	6
	How to convert the result to a 2-digit decimal and then convert it to a percentage HiHow to convert the result to a 2-digit decimal and then convert it to a percentage. index=p1991_m_tiltline_index_js... by danliu Loves-to-Learn Everything in Splunk Search 07-11-2024 0 3	0	3