Splunk Search

Community Activity

Field Extraction from Raw Data Hello, Im new to splunk and just started learning it and im having little issues extracting some fields from a raw d... by Dandanos Engager in Splunk Search 05-19-2020 0 3	0	3
How to search how much bandwidth a forwarder is using? I'm trying to find how much bandwidth a forwarder is using and how many hosts are sending over the forwarder. I want ... by sbattista09 Contributor in Splunk Search 05-19-2020 8 8	8	8
index vs lookup Hello All, Am trying to optimize the performance of a dashboard that was built some time back. The existing dashboar... by johnsasikumar Path Finder in Splunk Search 05-19-2020 0 1	0	1
Using sort 0 to avoid 10000 row limit Sorry for the silly attention-grabbing dancing question mark.  Thanks for any help on this. I've had to dive into t... by leica0000 Engager in Splunk Search 05-19-2020 0 2	0	2
How to rename fields in a subsearch and keep results of the original field name? I have a subsearch query that uses a wildcard keyword list as an inputlookup to find filenames that contain a keyword... by Glasses Builder in Splunk Search 05-19-2020 0 2	0	2
3 Report outputs into one Hi All, I'm fairly new to Splunk. I'm trying to save some time with an automated report on IIS Time Taken. I need ... by n1ckl0ve New Member in Splunk Search 05-19-2020 0 5	0	5
Rename values with regex Hello, I need to delete the numericals values in variables name : CETAT_UGE_11 become CETAT_UGE knowing that I have ... by widad_guerrida Engager in Splunk Search 05-19-2020 0 1	0	1
How to combine the results of two subsearches I would like to find occurences of Name and Prename in email logfiles and only report that ones that match both colum... by dusoldkai New Member in Splunk Search 05-19-2020 0 4	0	4
Can Some One Help With Query Optimization index="ocdm" source IN ("covid_collection.csv","covid_collection_lcpr.csv","covid_collection_cl.csv", "covid_collecti... by rakesh868852914 New Member in Splunk Search 05-19-2020 0 2	0	2
Search for value of FieldA, then search FieldB, Match if contains $FieldA, then pull field_C from event with match. I want to do a search for field_A in index_A. The value of field_A contains a URL minus any http(s), or query terms. ... by ArmbrusterC Explorer in Splunk Search 05-19-2020 0 4	0	4
get count of subsearch and main search Iam trying to get a inner join result which looks some thing like if there are 100 unique fields from subsearch, I wa... by sree6494 New Member in Splunk Search 05-19-2020 0 6	0	6
Different lookup csv depending on field value Hi, I´m trying to lookup different csv-files depending on an field-Value. But it seems to be a problem for the looku... by chrkohm Path Finder in Splunk Search 05-19-2020 0 2	0	2
How to get a report on time range windows from _audit logs? I need to get a report of search windows used in historical search activity. For example, we need to determine how fa... by rleviseur01 New Member in Splunk Search 05-19-2020 0 2	0	2
Last 6 months search using new date field Hello, I am trying to use another field (LAST_FIXED_DATE) as _time in my log search. LAST_FIXED_DATE got dates from ... by utk123 Path Finder in Splunk Search 05-19-2020 0 2	0	2
weekend and weekday calculations i have data on daily basis. Date Number day of the week 2019-05-02 52.55 thursday 2019-05-03 327.... by vinitpathri Path Finder in Splunk Search 05-19-2020 0 2	0	2
regex help {"device":"abcd","host":"1.2.3.4"} {"device":"efgh [ = ILO = ]","host":"2.3.4.5"} {"device":"qrst - [ab cd ef]","host... by surekhasplunk Communicator in Splunk Search 05-19-2020 0 2	0	2
Splunk use case to manage end-to-end access ticket support Hello One of our partners got a request from its customer who wishes to manage end-to-end access Ticket support for... by fneboa_splunk Splunk Employee in Splunk Search 05-19-2020 0 0	0	0
Search for creating a Rolling Report for Daily Raised and Closed Incident Count Hi There, I have got a live feed from DBConnect for incidents data in below format: dateRaised, IncID, Location, St... by madhav_dholakia Contributor in Splunk Search 05-19-2020 0 4	0	4
How to calculate difference between two rows of a table if another field on row is same for both? Hello Everyone, I have a table like this: DVN. Region Name Count 201 SAM Shapes ... by pulkit1997 Engager in Splunk Search 05-18-2020 0 2	0	2
How to change permissions of lookup files?? I have created my lookup file and currently its set to Private. I want to change its permission so that all other use... by sudeep5689 Explorer in Splunk Search 05-18-2020 0 1	0	1
trying to timechart stats I am trying splunk unique visitors from my Akamai Logs. Akamai determine a unique visitor by combining client ip an... by glennstolz New Member in Splunk Search 05-18-2020 0 1	0	1
How to filter search results to group by one of the fields? Hello, I have created the following search to show fieldsummary on 4 fields: devicename, ip, platform, and market... by msrama5 Explorer in Splunk Search 05-18-2020 0 0	0	0
_time and date_hour don't match Yes, I have already checked my user time zone setting. My TZ setting and all my involved servers, forwarder and Splu... by jasonwagner Explorer in Splunk Search 05-18-2020 0 6	0	6
How to combine two searches to compare and find values present in one but not other Hello , I have data from 2 diff source with same fields as shown below : index= sourcetype= source= test.txt device_... by atulitm Path Finder in Splunk Search 05-18-2020 0 5	0	5
cant query data from 2 sources at the same time My set is up 2 sources imported from csv test1.csv test2.csv now both files have fields with dates in them 12_May... by jukiefc New Member in Splunk Search 05-18-2020 0 1	0	1