Splunk Search

Community Activity

Join with different field names I have an inputlookup called adexport.csv thats big...trying to join and match two fields in the lookup UserName and ... by jenkinsta Path Finder in Splunk Search 06-29-2024 0 2	0	2
How to combine two searches with common value into one table I need help regarding a join from events based on different sourcetype (same index) that are related by the same valu... by gballanti Explorer in Splunk Search 06-28-2024 1 13	1	13
Working with where clause Hello, I'm fairly new to splunk, trying to search using where clause and filter the results. The query is running lo... by RamMur Explorer in Splunk Search 06-28-2024 0 3	0	3
Transaction Order Out of Sequence Identification Hi All,We have an application that gets events in from an external party but occasionally we see out of sequence even... by Mick_OBrien Path Finder in Splunk Search 06-28-2024 0 3	0	3
Stats for number of days a user was active in time period I am trying to get a table showing the number of days a user was active in the given time period. I currently have a... by ChuckM Engager in Splunk Search 06-28-2024 0 4	0	4
Is it possible to export entire dashboard panel contents to Javascript? As the title suggests I have a dashboard with various panels and wondering if it's possible to export a single panel ... by cherrypick Path Finder in Splunk Search 06-27-2024 0 0	0	0
Replace Eval Function using Regex When using regex how can I take a field formatted as "0012-4250" and only show the 1st and lat 3 digits? I tried the ... by Substance82 Path Finder in Splunk Search 06-27-2024 0 3	0	3
extract fields I am trying to get DeviceName and DeviceToken to var from 365 logfirst I use eval Device =mvindex('ModifiedProperties... by Didalready Explorer in Splunk Search 06-27-2024 0 3	0	3
SOLVED - Splunk Search Command, Regex, and OR Operator Greetings all,I'm trying to search inside a lookup table and I need to use a search command follow by an OR and regex... by fzuazo Path Finder in Splunk Search 06-27-2024 0 5	0	5
Time difference between 2 results, grouped by day I have a search that returns two results per day (a job's log entry of when it started and when it ended). I want to ... by cs97jb New Member in Splunk Search 06-27-2024 0 1	0	1
New User Looking for help comparing values Hi All! First post, super new user to Splunk. Have a search that i modified from a one a team member previously creat... by chorn3567 Engager in Splunk Search 06-27-2024 0 4	0	4
Total time taken to execute a log I am writing a query which will give total time taken by a log/event for execution in milliseconds :index=xyz cluster... by Bhavika Loves-to-Learn in Splunk Search 06-27-2024 0 1	0	1
instr in Splunk ? Below is one of my fields. Quite complex, I know It could be divided to more atomic values .. but it is not [Auditi... by kp_pl Path Finder in Splunk Search 06-27-2024 0 5	0	5
Need help in listing the time gaps in a multi-value field Hi, I need help in extracting the time gaps in a multi-value field represented as Date.My data output looks like this... by Steve_A200 Path Finder in Splunk Search 06-26-2024 0 3	0	3
Removing FQDN from field values Removing FQDN from field valuesHi all, can anyone help me with framing the SPL query for the below requirement.I have... by RanjiRaje Explorer in Splunk Search 06-26-2024 0 3	0	3
Query to check all apps in lookup that haven't had an event in the last 90 days. I have a lookup that has saved all apps installed on our deployment server. I need a query that checks all apps in th... by Chris_Urman Engager in Splunk Search 06-26-2024 0 2	0	2
How to use aggregates to filter data and join the result to another search? Hello,I have an index with events, where events belong to a transaction (transaction_id). I am interested in transact... by cjoelly Loves-to-Learn in Splunk Search 06-26-2024 0 1	0	1
Ignore time zone in searches Hi, is there a way of ignoring the time zone in the searches? Currently, Splunk will reinterpret the difference in ti... by echalex Builder in Splunk Search 06-26-2024 1 3	1	3
Find an error in 1st system and then find errors close in time in a 2nd system "Find event in one search, get related events by time in another search"Found some related questions but could not fo... by GEB Explorer in Splunk Search 06-26-2024 0 6	0	6
Anomalydetection Hello Splunk team, I was troubleshooting one query with anomalydetection command (https://docs.splunk.com/Documentati... by anna11 New Member in Splunk Search 06-26-2024 0 0	0	0
Extract Field values and plot on time series graph I would like to extract the Message, Timestamp, and serial fieldsThen I would like to plot the target: Temp(315600), ... by nkavouris Path Finder in Splunk Search 06-26-2024 0 4	0	4
How to validate the data before and after the migration? Let's say I have a database that is pulled from an application on a daily basis into Splunk and accessed via DBXquery... by LearningGuy Motivator in Splunk Search 06-25-2024 0 1	0	1
Understand which HF send data to whic index Hi Splunkers, currently we are managing an Enterprise Splunk environment previously managed by another company. As sa... by SplunkExplorer Contributor in Splunk Search 06-25-2024 0 1	0	1
Eval random function. How do I format a returned int into a phone number with the hyphen using the eval random function. What I have so fa... by Substance82 Path Finder in Splunk Search 06-25-2024 0 4	0	4
Joining indexes once again Still it find me difficult to understand logic of joining two indexes. Below the query which is almost suits my needs... by kp_pl Path Finder in Splunk Search 06-25-2024 0 3	0	3