Splunk Search

Ask a Question

Discussions

Thread Info

problem with "condition match" tokens

Hello, I want to conduct a search, set a token according to the search result and then set another bunch of tokens ...

by Path Finder in

<drilldown> not allowed here

Hello, I want to conduct a search, set a token according to the search result and then set another bunch of tokens ...

by Path Finder in

How to color the columns based on previous column value

MessagesNov 20Dec 20Jan 20Feb 20Messge 00100Messge 11311Messge 211000Messge 31000Messge 49500Messge 51100Messge 6...

by Path Finder in

How achieve a conjunction (AND operator) in a JSON nested Key-value(KV) array

Event Data:{"Debug":[ {"Action":"User-Created","Result":"OK"}, {"Action":"Granted-Permissions","Result":"Failed"}]}...

by New Member in

stats count(eval(recipient="@thing.com*")) not providing results

I have a search I am running, and I am trying to enumerate this one specific email domain's email responses, if it wa...

by Engager in

Concatenating an Arbitrary Number of Fields into Single Field

We log Puppet facts in a large JSON payload, and I want to combine the values of all fields matching a wildcarded exp...

by Path Finder in

How do you display multiple column headers on a table?

hello everyone I'd like to display multiple column headers on the table like the below image. I can create the ...

by Path Finder in

Tracking state changes

I'm trying to track state changes but having a difficult time. Ideally I'd like to know when a state changes from 0 t...

by Engager in

How do I match based on multiple values using eval and like command

Hi, I have a field named operating_system. it can contain multiple values examples being "Windows 10", "Windows Ser...

by Path Finder in

Rex to filter To remove multiline log entry

Please find the below single Log entry with multiple lines: >Validation results Message 1) sucess: true ...

by Observer in

How to get a new line while adding two values

Need to get a new line (\n) after the value, is it possible ?eval check=case( 'value' > 0,'value'+" "+"Good", 'value'...

by Path Finder in

Join searches and make a calculation

I would like to run 2 searches and calculate the difference between 2 fields and plot the result using timechart I...

by Path Finder in

How to fill null values in JSon field

hello community, good afternoonI am trapped in a challenge which I cannot achieve how to obtain the expected result. ...

by Engager in

Differentiate JSON event with multiple fields with the same name

Hello - I have JSON events that have multiple items nested inside them. Each item has fields with the same name. I'...

by Explorer in

ConnectionRefusedError: [Errno 111] Connection refused

Am using splunk-sdk to connect. splunklib.client importing client object = client.connect(host=host, port=8089,...

by New Member in

Get Updates on the Splunk Community!

Splunk Search

Discussions

problem with "condition match" tokens

<drilldown> not allowed here

How to color the columns based on previous column value

How achieve a conjunction (AND operator) in a JSON nested Key-value(KV) array

stats count(eval(recipient="@thing.com*")) not providing results

Concatenating an Arbitrary Number of Fields into Single Field

How do you display multiple column headers on a table?

Tracking state changes

How do I match based on multiple values using eval and like command

Rex to filter To remove multiline log entry

How to get a new line while adding two values

Join searches and make a calculation

How to fill null values in JSon field

Differentiate JSON event with multiple fields with the same name

ConnectionRefusedError: [Errno 111] Connection refused

Announcing the 1st Round Champion’s Tribute Winners of the Great Resilience Quest

We’ve Got Education Validation!

What’s New in Splunk Cloud Platform 9.1.2308?

Users with the same roles, in the same app, and sa...

auto_generated_pool_download-trial

Automatic lookup during data ingestiont (Splunk cl...

Working with OpenTelemetry Cumulative Histogram Bu...

Better PDF report visualization