Splunk Search

Community Activity

props.conf to capture specific words from the log files How to capture only the words "successfully sent using abc.def.com" before indexing in splunk from the below log fi... by ashwinipatil007 New Member in Splunk Search 04-16-2020 0 3	0	3
Field Extractions During Search Time Hi Team, I want to do a field extraction during the search time itself so i want the following fields to be extracte... by anandhalagaras1 Contributor in Splunk Search 04-16-2020 0 1	0	1
how i can compare last 5 fields and exclude from result i want to compare if last 5 digits of user ID are same don't show in result how it can be done 0012345 abc0012345 xy... by saghiralmani New Member in Splunk Search 04-16-2020 0 2	0	2
Timechart with dedup of 2 fields For my logs with IP and Vulnerability ID (VID), I have few duplicate values. Which I can easily remove with "dedup IP... by utk123 Path Finder in Splunk Search 04-16-2020 0 9	0	9
timechart call Time Hi, I tried to made a timechart (call duration) , the value I onyl have is the Users and the methods and the call ti... by area34 New Member in Splunk Search 04-16-2020 0 4	0	4
Trellis multi value by date Hi I want to create chart that compare single values daily. for example want to compare (about 30 different product ... by indeed_2000 Motivator in Splunk Search 04-16-2020 0 14	0	14
JMS Modular Input to ActiveMQ using Wildcard We need to monitor multiple dynamic queues, queues are generated and removed. I have tried using "jms://queue/dynamic... by thomas_scheideg Observer in Splunk Search 04-16-2020 0 0	0	0
stats vs eventstats I can't comprehend what 'eventstats' is. I went thru the splunk docs.I wanna use math functions like avg.. etc.. not ... by zacksoft Contributor in Splunk Search 04-16-2020 1 3	1	3
stats count by fieldnames (not field strings) hi all, bit of a strange one... The business has put a descriptor of the product as a field name and it would be ... by stephenreece New Member in Splunk Search 04-15-2020 0 3	0	3
Is there way to group columns of a table? Hello, I have one requirement in which certain columns have to be grouped together on a table. I have XSL sheet da... by praveenkpatidar Explorer in Splunk Search 04-15-2020 0 3	0	3
Checking Host's status as offline or online by comparing data from today vs yesterday Hi, I have vulnerability scanner that scans all device on our network every day. The agent of vulnerability scanner i... by mbasharat Builder in Splunk Search 04-15-2020 0 5	0	5
Hyperlink a incident value to an external URL I have below output from the splunk querry. Hostname INC Number Urgency Time_CST Description 1 CMPS3 ... by jerinvarghese Communicator in Splunk Search 04-15-2020 0 2	0	2
How to achieve a non numeric scatter plot on x and y? Hi, I have two text columns finding_id and device manufacturer, and a count of events containing both. I'd like a s... by keithdriver New Member in Splunk Search 04-15-2020 0 3	0	3
Indexed Fields Search Results and Subsearch I have a field that I know is an indexed field because I can specify on my search myfield::somevalue and get results.... by ryankub New Member in Splunk Search 04-15-2020 0 0	0	0
How to get added count for the fields from previous count over a period of time? I am having a issue tracker for tracking all opened issues and the query for the same is below: search issue_status=... by madhu06 Engager in Splunk Search 04-15-2020 0 1	0	1
Custom logon screen for different groups of users I am working in an environment where there are several different constituencies. Each has different needs in terms o... by Thuan Explorer in Splunk Search 04-15-2020 0 0	0	0
How can i format a table as rows into columns? Hello - I am new to Splunk. I would like to check whether it's feasible to format a table. In the screen shot 1, i ha... by rarangarajanspl Explorer in Splunk Search 04-15-2020 0 5	0	5
How do I display more than one Multivalue fields in a stacked column chart? I have a table having many multi-value fields. For example: items, cp and sp are multivalue fields. Using the followi... by manish095 New Member in Splunk Search 04-15-2020 0 8	0	8
count if two nonconsecutive string occurs in a statement I want to write a query to take the count if two non-consecutive string occurs in a statement. I am trying to do some... by ataunk Explorer in Splunk Search 04-15-2020 0 5	0	5
Issue with field extraction regex Hello plp, I have this problem, i need to extract 2 fields of this event. [14/04/2020 16:17:49][INFO][http-8080-36][a... by tinpelayee Engager in Splunk Search 04-15-2020 0 1	0	1
Count repeated failured logons following a successful logon Here's what I got so far: index="myindex" (host="192.168.0.100" OR host="192.168.0.101") (msg="login OK" OR msg="log... by tmontney Builder in Splunk Search 04-15-2020 0 5	0	5
Extract the fields from below mentioned log in json response Hi, Need help in extracting the values from the below mentioned tags divisionID - Value:... by vijaysubramania Path Finder in Splunk Search 04-15-2020 0 6	0	6
Lookup command not functioning properly Hi all, I have the following command:- \| savedsearch issue_with_lookup team="$token$" team_from_roster="$token$" te... by ayushmaan_22 Explorer in Splunk Search 04-15-2020 0 4	0	4
Calculating Splunk data Compression Size Hi , I looked the daily ingestion for an index i am seeing total data ingested in last 7 days to an index is 800 GB.... by ram254481493 Explorer in Splunk Search 04-15-2020 0 0	0	0
Are there limits for lookups in regards to extracting fields from them? I have a lookup that recently stopped auto extracting fields. What I've noticed is that if I do a join, I can join i... by briancronrath Contributor in Splunk Search 04-14-2020 0 1	0	1