Splunk Search

Community Activity

Display a custom text when results=0 How do I run a search against a sourcetype (which is very low volume), and display a custom text when there are 0 eve... by Richy_s Path Finder in Splunk Search 07-04-2024 0 13	0	13
Can't Preview Source Type When Uploading Data I am trying to create a props.conf to pass a custom timestamp. To do so I wanted to upload data and use the set sourc... by HankinAlex Explorer in Splunk Search 07-04-2024 0 2	0	2
indexer has stopped working Hello Splunk community, One of my indexes doesn't seem to have indexed any data for the last two weeks or so. This is... by Orange_girl Loves-to-Learn Everything in Splunk Search 07-04-2024 0 7	0	7
Combining multiple field values for stats/charting I have a field in my data named severity that can be one of five values: 1, 2, 3, 4, and 5.I want to chart on the fol... by DATT Path Finder in Splunk Search 07-04-2024 0 4	0	4
... \| append [ \| makeresults ] makes the search time explode I have a dashboard with multiple line charts showing values over time. I want all charts to have the same fixed time ... by rikinet Path Finder in Splunk Search 07-03-2024 0 5	0	5
Remove results based on subsearch I'm looking to get all failed event log based on a field , and then trying to find the success event log for the same... by RamMur Explorer in Splunk Search 07-03-2024 0 2	0	2
Query to show specified time per day in timechart Hi, I would like to create a time chart for a specified time suppose 8AM to 2PM everyday for last 30 days. I am able ... by Codie Engager in Splunk Search 07-03-2024 0 2	0	2
Tracking user logon (standard and admin account) Windows AD Hello, I am looking to create a report of a search. I have a requirement of tracking user logon to window machines (A... by araiv1998 Engager in Splunk Search 07-02-2024 0 9	0	9
Possibly to alert based on previous sample comparison HiPut simply, I am trying to wrap my head around how I can configure an alert to trigger is a metric is X% higher or ... by Silah Path Finder in Splunk Search 07-02-2024 0 6	0	6
Grouping and counting based on different values HI Team, i am caught in a maze of how to use stats function to get the data in expected format i want. Sample data. ... by neerajs_81 Builder in Splunk Search 07-02-2024 0 4	0	4
Display specific field in log by count I want to write the query which will number of count the event occurred and time taken for that. This is the log -lo... by Bhavika Loves-to-Learn in Splunk Search 07-02-2024 0 7	0	7
Splunk Ingestion Metrics I am trying to get the ingestion per day in Terabytes for each index. I am using the below search which works, howeve... by scout29 Path Finder in Splunk Search 07-01-2024 0 3	0	3
I need to display priority data for 7 days with the percentage, however am unable to display it in 7 days. I need to display priority data for 7 days with the percentage, however am unable to display it in 7 days. My below q... by a508184 Explorer in Splunk Search 07-01-2024 0 7	0	7
Setup an alerts with events from Timestamp format Dear All,I want to setup an alert in an event. The event contains three timestamps, New Event time, Last update, and ... by devsru Explorer in Splunk Search 07-01-2024 0 3	0	3
SOURCE_Key Extraction I Have used the below two events to test the SOURCE_KEY = <132>1 2023-12-24T09:48:05+00:00 DCSECIDKOASV02 ikeyserve... by AliMaher Path Finder in Splunk Search 07-01-2024 0 3	0	3
How to convert CSV lookup to DBXlookup? How to convert CSV lookup to DBXlookup?The lookup using CSV worked just fine.The CSV was moved to the database and wh... by LearningGuy Motivator in Splunk Search 06-30-2024 0 1	0	1
streamstats \| reset_after condition not applied within the scope of each user (field) Hi Team,What I'm trying to achieve: Find the consecutive failure events followed by a success event. \| makeresults \| ... by ralam Explorer in Splunk Search 06-30-2024 0 2	0	2
Modification of query for detecting Successful Logins following Password Spray Attacks in Auth0 Logs Hello,I need some help with adjusting an alert for detecting a password spray attack using Auth0 logs in Splunk. What... by Cozy Loves-to-Learn in Splunk Search 06-30-2024 0 3	0	3
Retrieve service depandancy with splunk entreprise hello i'm beginner in splunk. Currently, i'm working with splunk entreprise i want to retrieve microservices depandan... by Oum New Member in Splunk Search 06-30-2024 0 5	0	5
Join with different field names I have an inputlookup called adexport.csv thats big...trying to join and match two fields in the lookup UserName and ... by jenkinsta Path Finder in Splunk Search 06-29-2024 0 2	0	2
How to combine two searches with common value into one table I need help regarding a join from events based on different sourcetype (same index) that are related by the same valu... by gballanti Explorer in Splunk Search 06-28-2024 1 13	1	13
Working with where clause Hello, I'm fairly new to splunk, trying to search using where clause and filter the results. The query is running lo... by RamMur Explorer in Splunk Search 06-28-2024 0 3	0	3
Transaction Order Out of Sequence Identification Hi All,We have an application that gets events in from an external party but occasionally we see out of sequence even... by Mick_OBrien Path Finder in Splunk Search 06-28-2024 0 3	0	3
Stats for number of days a user was active in time period I am trying to get a table showing the number of days a user was active in the given time period. I currently have a... by ChuckM Engager in Splunk Search 06-28-2024 0 4	0	4
Is it possible to export entire dashboard panel contents to Javascript? As the title suggests I have a dashboard with various panels and wondering if it's possible to export a single panel ... by cherrypick Path Finder in Splunk Search 06-27-2024 0 0	0	0