Splunk Search

Community Activity

how to extract the message field into multiple fields from windows Message field I want to extract the below field into two fields i want to extract the Name and version both as two fields can some ... by srinivasmanikan Engager in Splunk Search 07-09-2024 0 1	0	1
how to exclude a events in the search query if the events is present in the other index I have a scenario where events are coming from one index =sample field= status as status 1, 2, 3, 4 , and 5. I have t... by Rajiv_splunk Path Finder in Splunk Search 07-09-2024 0 1	0	1
saved searches How to get all saved searches with their names and their respective search by Siddharthnegi Contributor in Splunk Search 07-09-2024 0 1	0	1
saved search I have a saved search but I don't know the name of that saved search how do I get it. by Siddharthnegi Contributor in Splunk Search 07-08-2024 0 5	0	5
How to count based upon relative_time ? I think what I am trying to do is relatively easy ?I want to query looking back -8 hours then count the # of events t... by sjringo Contributor in Splunk Search 07-08-2024 0 9	0	9
Matching regular expressions in lookup table against field in index I have a lookup table containing a list of regular expressions, and am trying see if there are matches against a fiel... by madcow Loves-to-Learn Lots in Splunk Search 07-08-2024 0 4	0	4
traverse through each record and check whether that ticket breached SLA or not Hi All,I have one set of output having 8 closed tickets for two consecutive months as a result of splunk query. I als... by avi123 Explorer in Splunk Search 07-08-2024 0 1	0	1
Location by Octet I have a Linux Environment and SSH is a thing here. I need to show SSH log in with location. I got the map to work bu... by sgtwolf1 Explorer in Splunk Search 07-08-2024 0 4	0	4
Query to find records in different events I have thousands of records (events), I would like to search field a if it exists in field b of other event (record).... by mendi Observer in Splunk Search 07-08-2024 0 3	0	3
How obtain the sum of a multivalue field In each of my events, I have a field named watched. The watched multifield contains the array of integers. Is it poss... by cgong New Member in Splunk Search 07-08-2024 0 9	0	9
$1234,000 i need to remove strings from value but value are not change by vareddy Observer in Splunk Search 07-08-2024 0 2	0	2
Run makeresults command through REST API is giving error I receive the following error while trying to execute a simple "makeresults" command by using REST API call:Used endp... by denissotoacc Path Finder in Splunk Search 07-08-2024 0 3	0	3
issue with "_time" after using fit command in DLTK Hihere is the default spl of App: Splunk App for Data Science and Deep Learning (Time Series Anomalies with STUMPY -T... by indeed_2000 Motivator in Splunk Search 07-08-2024 1 2	1	2
Want to filter events based on the existence of a field with the same value in a different log Hello, I'm doing a detection for an event on the same index with 2 logs, I want to filter events of Event A based on ... by Josh1890 Explorer in Splunk Search 07-07-2024 0 3	0	3
Splunk search HI, i am new to Splunk and trying to gain hands-on experience, i am facing trouble to search the data based on this q... by s_unny Loves-to-Learn Lots in Splunk Search 07-06-2024 0 4	0	4
Field exists with multiple hosts I've got two servers providing me temperature data. Host A has Sensor1 and Sensor2. Host B has Sensor1 and Sensor2. ... by scottmkirkland Explorer in Splunk Search 07-06-2024 0 2	0	2
Streamstats time_window current=f error Hello all,I am using steamstats with time_window=60m to calculate the moving average over the past hour. However, wh... by brianmeyer54 New Member in Splunk Search 07-06-2024 0 2	0	2
Missing data in tstats output Hi All, using below query but not getting complete output.If there is no data present for Response time for particul... by Harish2 Path Finder in Splunk Search 07-05-2024 0 1	0	1
How to count the number of times each name is repeated? I have the following csv file: id,name,age,male 1,lily,10,girl 2,bob,12,boy 3,lucy,12,girl 4,duby,10,boy 5,bob,11,bo... by feelcool Explorer in Splunk Search 07-05-2024 0 1	0	1
Some cloudwatch log collection errors I take a log using Python's print statement in lambda and save it in the cloud-watch log group.The log group is being... by junnn0021 New Member in Splunk Search 07-05-2024 0 0	0	0
multifield key between indexes index=db OR index=app \| eval join=if(index="db",processId,pid) \| stats sum(rows) sum(cputime) by join Above is simple... by kp_pl Path Finder in Splunk Search 07-05-2024 0 5	0	5
center align the x axis labels in timechart Hi Is it possible to center align the x axis labels in timechart, instead of them being in the left side of the bar ... by matansocher Contributor in Splunk Search 07-04-2024 0 10	0	10
Drill down with transpose not working as expected to fetch the row and colomn values Drill down with transpose not working as expected to fetch the row and colomn values, as its not giving me the accura... by a508184 Explorer in Splunk Search 07-04-2024 0 5	0	5
Display a custom text when results=0 How do I run a search against a sourcetype (which is very low volume), and display a custom text when there are 0 eve... by Richy_s Path Finder in Splunk Search 07-04-2024 0 13	0	13
Can't Preview Source Type When Uploading Data I am trying to create a props.conf to pass a custom timestamp. To do so I wanted to upload data and use the set sourc... by HankinAlex Explorer in Splunk Search 07-04-2024 0 2	0	2