Splunk Search

Community Activity

	How to change permissions of lookup files?? I have created my lookup file and currently its set to Private. I want to change its permission so that all other use... by sudeep5689 Explorer in Splunk Search 05-18-2020 0 1	0	1
	trying to timechart stats I am trying splunk unique visitors from my Akamai Logs. Akamai determine a unique visitor by combining client ip an... by glennstolz New Member in Splunk Search 05-18-2020 0 1	0	1
	How to filter search results to group by one of the fields? Hello, I have created the following search to show fieldsummary on 4 fields: devicename, ip, platform, and market... by msrama5 Explorer in Splunk Search 05-18-2020 0 0	0	0
	_time and date_hour don't match Yes, I have already checked my user time zone setting. My TZ setting and all my involved servers, forwarder and Splu... by jasonwagner Explorer in Splunk Search 05-18-2020 0 6	0	6
	How to combine two searches to compare and find values present in one but not other Hello , I have data from 2 diff source with same fields as shown below : index= sourcetype= source= test.txt device_... by atulitm Path Finder in Splunk Search 05-18-2020 0 5	0	5
	cant query data from 2 sources at the same time My set is up 2 sources imported from csv test1.csv test2.csv now both files have fields with dates in them 12_May... by jukiefc New Member in Splunk Search 05-18-2020 0 1	0	1
	How to save search query in a file in Splunk Dashboard Hi , I have a requirement where I want to save the search query after the query has run to a file. Basically i want... by sambit_kabi Path Finder in Splunk Search 05-18-2020 0 1	0	1
	How to calculate Average and Peak day for last 3 months Hi, Is there a simple query to calculate the average and peak day count for last 3 months? For example let's say 3 mo... by Shashank_87 Explorer in Splunk Search 05-18-2020 0 1	0	1
	Transaction on unique field reduces events? Hello, I don't understand the following behaviour and am looking for a solution. The following example is somewhat si... by salokin_ Engager in Splunk Search 05-18-2020 0 1	0	1
	Join 2 lookups match fields Hello, I am looking to join 2 lookups and match the field "AccountName" from lookup1 with user field in lookup 2. I... by nathanluke86 Communicator in Splunk Search 05-18-2020 0 4	0	4
	How to get specified events from 2 indices. SITUATION:- I use indices "A" and "B" to come to answer the same question but for different environments.- Each index... by jsven7 Communicator in Splunk Search 05-18-2020 0 2	0	2
	List of users who searched data of an index How to get users(SAML authenticated) list who searched for data under particular index(_internal) in the last 24hrs. by svelagala Loves-to-Learn in Splunk Search 05-18-2020 0 8	0	8
	Primary search is suppressing results to secondary search . Hi Experts, I am trying to find a string pattern "a word" in the primary search from source="123.log" and then from ... by mukulraghuram New Member in Splunk Search 05-18-2020 0 3	0	3
	Search for field Link if it changed its value and when it changed Date="8 May 2020" Link="X" Status="UP" Date="9 May 2020" Link="Y" Status="DOWN" Date="10 May 2020" Link="X" Status="U... by atulitm Path Finder in Splunk Search 05-18-2020 0 0	0	0
	Regex throwing Mismatch Mismatched ']' in search I am a beginner for Regex and Splunk. I am trying to use regular expression generated during field extraction in onli... by Manoshanni New Member in Splunk Search 05-18-2020 0 10	0	10
	How to only list the columns containing a fail value I want to display the events having a FAIL value in any of the columns. For Eg : Please help me on this! by rajkumarwipro New Member in Splunk Search 05-18-2020 0 3	0	3
	How to do main search with same time frame of each result of subsearch Need to find out suspicious IPs and count of hits (sub search)use those IPs and do outer search in same time frame of... by hariram159 Explorer in Splunk Search 05-18-2020 0 18	0	18
	Search for variable Link value which changed and when it changed Date="8 May 2020" Link="X" Status="UP"Date="9 May 2020" Link="Y" Status="DOWN"Date="10 May 2020" Link="X" Status="UP"... by atulitm Path Finder in Splunk Search 05-18-2020 0 9	0	9
	Extreme Search Permission Issue Why i can't edit the correlation search or using search in splunk by extreme search such as:exwhere The error (Unknow... by chiholeo New Member in Splunk Search 05-18-2020 0 0	0	0
	Xaxis values not Visible while using transpose command in a query Hi, Please help, I want to get the xaxis values in a bar chart. In the image attached, i have a query which doesnot ... by sarithapguptha Engager in Splunk Search 05-17-2020 0 0	0	0
	How to convert large epoch time to hours minutes and seconds ? I want to get the result of large epoch time to hours minutes and seconds. Ex: Epoch time : 9386717.000000 Ho... by patra966 Path Finder in Splunk Search 05-17-2020 0 3	0	3
	How to search for a pattern in logs using regex or rex I have following lines in logs 1 ADM.ADMX policies Found ADM/ADMX policies How do I search to filter only 1 ADM/ADM... by srinivas0704 New Member in Splunk Search 05-17-2020 0 8	0	8
	Is there a way to have Splunk recognize the nested JSON at index time? I have the following nested JSON logs: {"statementData": {"overview": [{"value": 19.7780744265071, "dataCode": "rps... by aliquori New Member in Splunk Search 05-17-2020 0 5	0	5
	Extract with PairDelim KeyDelim I have the following data in csv format: date,year,quarter,statementType,dataCode,value 2020-03-31,2020,1,balanceShe... by aliquori New Member in Splunk Search 05-17-2020 0 5	0	5
	How to read content of refreshed csv file via lookup Hi, i have configured a csv lookup in splunk. Now i want to change the content of csv file so that it gets updated in... by sudeep5689 Explorer in Splunk Search 05-17-2020 0 3	0	3