Splunk Search

Community Activity

how to compare and replace fields value on an indexA from a different fields on indexB Hi,I have an an indexA which have logs which includes data in each raw like:User=11111,Language=English,Usage=btn_sec... by skylabsit Engager in Splunk Search 06-25-2020 0 3	0	3
How to exclude web crawlers from site traffic Hi, I'm trying to exclude as many crawl bots from my search and show only human hits on our website. I found the sear... by chuckeelos New Member in Splunk Search 06-25-2020 0 1	0	1
Search based on results of another search? Is it possible to perform a search on a whole dataset using a subset of terms from a previous search? For example, I... by lnetherton Engager in Splunk Search 06-25-2020 2 4	2	4
Need help in eval case - nested eval possible ? I've created a summary index where it contains 6 eval cases,for example: eval 1=case(match(something,"a",...."b","c")... by gopiven Explorer in Splunk Search 06-25-2020 0 0	0	0
Count To Boolean Hi All,I have a requirement wherein I count a specific log in the last minute. The count is supposed to be 1. I need ... by sharadrk Engager in Splunk Search 06-25-2020 0 4	0	4
uas_lookup error Hi all, I am using this plugin in order to extract the info from User Agent: uas_lookupSPL looks like this:"mysearch.... by me74fhfd Path Finder in Splunk Search 06-25-2020 0 0	0	0
Display count of two field in a same dashboard I have two fields in two different log lines and want result something like below sample table :-product_code_pauseco... by naved77 Loves-to-Learn Lots in Splunk Search 06-25-2020 0 0	0	0
Parse decoded HTTP data Hi all, I am new to Splunk and trying here to parse decoded HTTP data to table with unique fields like "Method", "URI... by me74fhfd Path Finder in Splunk Search 06-25-2020 0 2	0	2
correlating of events I want to correlate the login events of aws console to login events of cyberark.people login to aws console via cybe... by ayu15 Engager in Splunk Search 06-24-2020 0 3	0	3
Compare today's search with yesterday's search Hello Team, I have below search but I want to compare today's data with Yesterday's data in same way this week data w... by chandukreddi Path Finder in Splunk Search 06-24-2020 0 1	0	1
Combining searches that look for a lack of data without using append Hi All,Hoping someone can point me in the right direction with this one. The use case is there are some processes th... by hoangtony Explorer in Splunk Search 06-24-2020 0 1	0	1
How to see the sequence of logs Hello, Is there any way, I can check the sequence of logs. For example:I have following list of msg 1. "Message arriv... by smahuja Explorer in Splunk Search 06-24-2020 0 2	0	2
Event count variation between base and non-base search dashboard panels I have a dashboard which counts the number of times a user performed an action. I have 3 time frames (last 24h, 7d, ... by DEADBEEF Path Finder in Splunk Search 06-24-2020 0 2	0	2
Select a column (named as days of the week) and copy over to a new column Hello,I have an inputlookup table (test.csv) with a few columns including 7 columns (for 7 days of the week) as shown... by rahul0621 Explorer in Splunk Search 06-24-2020 0 5	0	5
Multiple Where Clause I'm running the below query across the network and would like it to pinpoint that search towards two users rather tha... by itsmevic Communicator in Splunk Search 06-24-2020 0 1	0	1
Does Splunk Log if a lookup file is modified? Does Splunk generate logs when a lookup file is modified? I have some searches that use lookup files. I'd like to mo... by AndySplunks Communicator in Splunk Search 06-24-2020 0 2	0	2
Scatterplot elapsed time by date with both earliest and latest query matches I'm trying to track the elapsed time it takes a user to complete a web application based on the earliest and latest o... by mrhodes93 Explorer in Splunk Search 06-24-2020 0 0	0	0
How to attract a specific word from string using rex? Hello Splunk Experts!I have a string like belowrex " - - (?<text>foo\|bar) " \| .....I want to take the text when a wor... by thinhdinh Path Finder in Splunk Search 06-24-2020 0 5	0	5
Distribution function using bin I am trying to create a PDF and CDF with limited amount of buckets:... \| bucket bins=10 fs as fsBinned\| stats count(f... by mtatulda New Member in Splunk Search 06-24-2020 0 0	0	0
Extracting Key Value Pairs from a JSON object and convert them to fields Hello Splunk Community,We have two types of logs being forwarded to splunk a simple .log file and json logs that are ... by thenino Loves-to-Learn Lots in Splunk Search 06-24-2020 0 0	0	0
How to find the no of days different between indexed date time and the field exists date in my search? Hi, i am new to splunk, i need to find the number of days different between indexed time date and the field exists da... by karunagaraprabh Explorer in Splunk Search 06-24-2020 0 14	0	14
InfoSec App Datamodel Searches I'm trying to use the CIM to look at some firewall data in the InfoSec app. I've setup the event tagging and field al... by moogmusic Path Finder in Splunk Search 06-24-2020 0 0	0	0
how to find differnce between epoch When i try to find the difference between two epoc1)find the days range i get blank values2) and i need to filter onl... by karunagaraprabh Explorer in Splunk Search 06-24-2020 0 2	0	2
Repeat index and host time in tablerow Hi, i need index time and host time to repeat for each data for host, printedA_epoch & printedb_epoch, how can i achi... by karunagaraprabh Explorer in Splunk Search 06-24-2020 0 6	0	6
eval status=if ("inputlookup line x<70% and x+1>50%) Boolean While Loop? Hello,I am looking for some help on status evaluation. What I am trying to do is create a eval column where you eithe... by wblewis Engager in Splunk Search 06-24-2020 0 5	0	5