Splunk Search

Community Activity

instr in Splunk ? Below is one of my fields. Quite complex, I know It could be divided to more atomic values .. but it is not [Auditi... by kp_pl Path Finder in Splunk Search 06-27-2024 0 5	0	5
Need help in listing the time gaps in a multi-value field Hi, I need help in extracting the time gaps in a multi-value field represented as Date.My data output looks like this... by Steve_A200 Path Finder in Splunk Search 06-26-2024 0 3	0	3
Removing FQDN from field values Removing FQDN from field valuesHi all, can anyone help me with framing the SPL query for the below requirement.I have... by RanjiRaje Explorer in Splunk Search 06-26-2024 0 3	0	3
Query to check all apps in lookup that haven't had an event in the last 90 days. I have a lookup that has saved all apps installed on our deployment server. I need a query that checks all apps in th... by Chris_Urman Engager in Splunk Search 06-26-2024 0 2	0	2
How to use aggregates to filter data and join the result to another search? Hello,I have an index with events, where events belong to a transaction (transaction_id). I am interested in transact... by cjoelly Loves-to-Learn in Splunk Search 06-26-2024 0 1	0	1
Ignore time zone in searches Hi, is there a way of ignoring the time zone in the searches? Currently, Splunk will reinterpret the difference in ti... by echalex Builder in Splunk Search 06-26-2024 1 3	1	3
Find an error in 1st system and then find errors close in time in a 2nd system "Find event in one search, get related events by time in another search"Found some related questions but could not fo... by GEB Explorer in Splunk Search 06-26-2024 0 6	0	6
Anomalydetection Hello Splunk team, I was troubleshooting one query with anomalydetection command (https://docs.splunk.com/Documentati... by anna11 New Member in Splunk Search 06-26-2024 0 0	0	0
Extract Field values and plot on time series graph I would like to extract the Message, Timestamp, and serial fieldsThen I would like to plot the target: Temp(315600), ... by nkavouris Path Finder in Splunk Search 06-26-2024 0 4	0	4
How to validate the data before and after the migration? Let's say I have a database that is pulled from an application on a daily basis into Splunk and accessed via DBXquery... by LearningGuy Motivator in Splunk Search 06-25-2024 0 1	0	1
Understand which HF send data to whic index Hi Splunkers, currently we are managing an Enterprise Splunk environment previously managed by another company. As sa... by SplunkExplorer Contributor in Splunk Search 06-25-2024 0 1	0	1
Eval random function. How do I format a returned int into a phone number with the hyphen using the eval random function. What I have so fa... by Substance82 Path Finder in Splunk Search 06-25-2024 0 4	0	4
Joining indexes once again Still it find me difficult to understand logic of joining two indexes. Below the query which is almost suits my needs... by kp_pl Path Finder in Splunk Search 06-25-2024 0 3	0	3
Only show fields that has the word Read in them Hello!I have the following search: \| mstats avg() as WHERE index=indexhere host=hosthere span=1 by host \|timechart... by ChristofferK Engager in Splunk Search 06-25-2024 0 1	0	1
Add Secondary search variable in primary search index="ss-stg-dkp" cluster_name="" AND namespace=dcx AND (label_app="composite-" ) sourcetype="kube:container:main"... by rahulmittal2391 New Member in Splunk Search 06-25-2024 0 1	0	1
Calculate VPN duration per user Dears, I am trying to calculate how the total duration each user spends connected through VPN, their total online tim... by ibralah93 Loves-to-Learn Lots in Splunk Search 06-25-2024 0 7	0	7
Multiple Field extraction using regex Hi team,I need to extract the highlighted field in the below messege using regex... I have tried Splunk inbuilt field... by parthiban Path Finder in Splunk Search 06-24-2024 0 6	0	6
Export modal popup panel to pdf? I have a dashboard X consisting of multiple panels (A, B, C) each populated with dynamic tokens. Panel A consists of ... by cherrypick Path Finder in Splunk Search 06-24-2024 0 2	0	2
Data can not be inherited ? Hello everyone, I am a newbie in this field, I am looking forward to your help.I am using Eventgen to create data sam... by OnePiece Loves-to-Learn Lots in Splunk Search 06-24-2024 0 4	0	4
Need to send email notifications to the users and service-ids who are utilizing CPU. index=XXX sourcetype=XXX [\|inputlookup Edge_Nodes_All.csv where Environment="" AND host="" \|fields host] \|fields cl... by bmanikya Loves-to-Learn Everything in Splunk Search 06-24-2024 0 4	0	4
appendcols and streamstats with alltime Hi allI have a search that works for a range of a few days (eg earliest=-7d@d), but when running for alltime it break... by dataisbeautiful Communicator in Splunk Search 06-24-2024 0 3	0	3
regex help, extract time and convert to epoch and show only if epoch time is within 24 hours ago hi, i currently have this data and i would like to see if i can extract the date and time and see if it can display t... by thaghost99 Path Finder in Splunk Search 06-24-2024 0 4	0	4
Default Log format for splunk I see some post about rules for splunk logs.But I don't find a list of rules. My applications logs a lot of lines fo... by mclane41 Explorer in Splunk Search 06-24-2024 0 2	0	2
fetch todays filename and check with last 30 days filename for splunk alert Hi, I want to create alert based on file received. Everyday at randomly we used to receive files. ex. file name: file... by Dharani Path Finder in Splunk Search 06-24-2024 0 6	0	6
Can you help me with my splunk search? I am trying to write a splunk search to pull what rules a particular user is hitting. This search is helping with tha... by smp8644 Loves-to-Learn in Splunk Search 06-22-2024 0 3	0	3