Splunk Search

Community Activity

	Different lookup csv depending on field value Hi, I´m trying to lookup different csv-files depending on an field-Value. But it seems to be a problem for the looku... by chrkohm Path Finder in Splunk Search 05-19-2020 0 2	0	2
	How to get a report on time range windows from _audit logs? I need to get a report of search windows used in historical search activity. For example, we need to determine how fa... by rleviseur01 New Member in Splunk Search 05-19-2020 0 2	0	2
	Last 6 months search using new date field Hello, I am trying to use another field (LAST_FIXED_DATE) as _time in my log search. LAST_FIXED_DATE got dates from ... by utk123 Path Finder in Splunk Search 05-19-2020 0 2	0	2
	weekend and weekday calculations i have data on daily basis. Date Number day of the week 2019-05-02 52.55 thursday 2019-05-03 327.... by vinitpathri Path Finder in Splunk Search 05-19-2020 0 2	0	2
	regex help {"device":"abcd","host":"1.2.3.4"} {"device":"efgh [ = ILO = ]","host":"2.3.4.5"} {"device":"qrst - [ab cd ef]","host... by surekhasplunk Communicator in Splunk Search 05-19-2020 0 2	0	2
	Splunk use case to manage end-to-end access ticket support Hello One of our partners got a request from its customer who wishes to manage end-to-end access Ticket support for... by fneboa_splunk Splunk Employee in Splunk Search 05-19-2020 0 0	0	0
	Search for creating a Rolling Report for Daily Raised and Closed Incident Count Hi There, I have got a live feed from DBConnect for incidents data in below format: dateRaised, IncID, Location, St... by madhav_dholakia Contributor in Splunk Search 05-19-2020 0 4	0	4
	How to calculate difference between two rows of a table if another field on row is same for both? Hello Everyone, I have a table like this: DVN. Region Name Count 201 SAM Shapes ... by pulkit1997 Engager in Splunk Search 05-18-2020 0 2	0	2
	How to change permissions of lookup files?? I have created my lookup file and currently its set to Private. I want to change its permission so that all other use... by sudeep5689 Explorer in Splunk Search 05-18-2020 0 1	0	1
	trying to timechart stats I am trying splunk unique visitors from my Akamai Logs. Akamai determine a unique visitor by combining client ip an... by glennstolz New Member in Splunk Search 05-18-2020 0 1	0	1
	How to filter search results to group by one of the fields? Hello, I have created the following search to show fieldsummary on 4 fields: devicename, ip, platform, and market... by msrama5 Explorer in Splunk Search 05-18-2020 0 0	0	0
	_time and date_hour don't match Yes, I have already checked my user time zone setting. My TZ setting and all my involved servers, forwarder and Splu... by jasonwagner Explorer in Splunk Search 05-18-2020 0 6	0	6
	How to combine two searches to compare and find values present in one but not other Hello , I have data from 2 diff source with same fields as shown below : index= sourcetype= source= test.txt device_... by atulitm Path Finder in Splunk Search 05-18-2020 0 5	0	5
	cant query data from 2 sources at the same time My set is up 2 sources imported from csv test1.csv test2.csv now both files have fields with dates in them 12_May... by jukiefc New Member in Splunk Search 05-18-2020 0 1	0	1
	How to save search query in a file in Splunk Dashboard Hi , I have a requirement where I want to save the search query after the query has run to a file. Basically i want... by sambit_kabi Path Finder in Splunk Search 05-18-2020 0 1	0	1
	How to calculate Average and Peak day for last 3 months Hi, Is there a simple query to calculate the average and peak day count for last 3 months? For example let's say 3 mo... by Shashank_87 Explorer in Splunk Search 05-18-2020 0 1	0	1
	Transaction on unique field reduces events? Hello, I don't understand the following behaviour and am looking for a solution. The following example is somewhat si... by salokin_ Engager in Splunk Search 05-18-2020 0 1	0	1
	Join 2 lookups match fields Hello, I am looking to join 2 lookups and match the field "AccountName" from lookup1 with user field in lookup 2. I... by nathanluke86 Communicator in Splunk Search 05-18-2020 0 4	0	4
	How to get specified events from 2 indices. SITUATION:- I use indices "A" and "B" to come to answer the same question but for different environments.- Each index... by jsven7 Communicator in Splunk Search 05-18-2020 0 2	0	2
	List of users who searched data of an index How to get users(SAML authenticated) list who searched for data under particular index(_internal) in the last 24hrs. by svelagala Loves-to-Learn in Splunk Search 05-18-2020 0 8	0	8
	Primary search is suppressing results to secondary search . Hi Experts, I am trying to find a string pattern "a word" in the primary search from source="123.log" and then from ... by mukulraghuram New Member in Splunk Search 05-18-2020 0 3	0	3
	Search for field Link if it changed its value and when it changed Date="8 May 2020" Link="X" Status="UP" Date="9 May 2020" Link="Y" Status="DOWN" Date="10 May 2020" Link="X" Status="U... by atulitm Path Finder in Splunk Search 05-18-2020 0 0	0	0
	Regex throwing Mismatch Mismatched ']' in search I am a beginner for Regex and Splunk. I am trying to use regular expression generated during field extraction in onli... by Manoshanni New Member in Splunk Search 05-18-2020 0 10	0	10
	How to only list the columns containing a fail value I want to display the events having a FAIL value in any of the columns. For Eg : Please help me on this! by rajkumarwipro New Member in Splunk Search 05-18-2020 0 3	0	3
	How to do main search with same time frame of each result of subsearch Need to find out suspicious IPs and count of hits (sub search)use those IPs and do outer search in same time frame of... by hariram159 Explorer in Splunk Search 05-18-2020 0 18	0	18