Splunk Search

Community Activity

How to create a bar chart that counts completed tickets and averages Hi guys! I am pretty new to this and in researching I have not found what I am looking for or did not recognize the a... by tmanuel1 New Member in Splunk Search 03-25-2020 0 2	0	2
Splunk search based on header value Is it possible to filter the logs based on http header value? I am conducting a load testing by using Jmeter. While ... by eprince New Member in Splunk Search 03-25-2020 0 0	0	0
Find and compare a value from one event in a subsequent future event Hello, I'm trying to figure out how to search and compare values in subsequent/sequential JSON messages where a user ... by alphanumeric85 Explorer in Splunk Search 03-25-2020 0 8	0	8
Displaying 2 counts (error and total) There is a requirement in which i need to display total count and errors(in total count). error message is in raw tex... by shashankjuloori New Member in Splunk Search 03-25-2020 0 10	0	10
How to find concurrent VPN users per hour? We are using pulse secure as our VPN solution and I'm looking to build a search that tracks concurrent users per hour... by jwalzerpitt Influencer in Splunk Search 03-25-2020 0 9	0	9
How to set time to search Hi am getting the earliest tie through a text box and I want to set the latest time automatically to (earliest+24h). ... by gurkiratsingh Explorer in Splunk Search 03-25-2020 0 2	0	2
How can i create a "key" for two searches and combine them to one search with a new column by "key" Hello community i hope you can help me, I'm new here... The field "moid" for 'folder' has the same values like th... by i17065 Engager in Splunk Search 03-25-2020 0 0	0	0
Regex working on Regex101 but not in splunk I am having below event - Subject: Security ID: EMEA\abc Account Name: XXXXXXX Account Domai... by shugup2923 Path Finder in Splunk Search 03-25-2020 0 3	0	3
query in splunk to check the previous jobs completed Hi All, I am trying to write a query where we have to check all the jobs in success or not built status before the j... by manish_singh_77 Builder in Splunk Search 03-24-2020 0 7	0	7
Squid URL lookups? All, Any service you recommend for doing domain classification and lookups against my Squid proxy logs? Just genera... by daniel333 Builder in Splunk Search 03-24-2020 0 1	0	1
Compare case-sensitivity of fields I'm using a rex to extract a field called field1 from my search... how do I take all the results of field1 and call o... by tb5821 Communicator in Splunk Search 03-24-2020 0 3	0	3
Index time extraction Hi all, I have 10 events containing events from events 1,event2,event 3,....event 10. I need to cobine events2,3,4 an... by bhavneeshvohra9 New Member in Splunk Search 03-24-2020 0 2	0	2
Unable to index data to splunk using add-on builder modular input method though the event shows in output console Hi, Event is successfully getting displayed on AOB output console but it is not getting indexed to splunk and it show... by suryajagarapu Explorer in Splunk Search 03-24-2020 1 1	1	1
how to use a wild card in if condition in eval? I have an eval condition as below which is working good. \| eval Project=if(app=="abc_def_123", "XYZ", "ZXT") Now I... by pavanae Builder in Splunk Search 03-24-2020 0 1	0	1
help with regex for windows event log I'm trying to parse out data from an event log in xml format. I'm posting an example of two logs that are coming fro... by jbandautrgv Engager in Splunk Search 03-24-2020 0 1	0	1
Unable to extract Time in search results Hi All, I have proper timestamp logs in Splunk. I am able to extract time for all the searches except one. index =m... by ramprakash Explorer in Splunk Search 03-24-2020 0 3	0	3
How to configure the number of event rows in the Event Log Collection list. I have some problems with configuring rows in the event log collection list. For now, we use default Splunk data for... by denisdabtist New Member in Splunk Search 03-24-2020 0 0	0	0
Time filtering Current code that am using is below index=opennms "uei.opennms.org/nodes/nodeUp" OR "uei.opennms.org/nodes/nodeDow... by jerinvarghese Communicator in Splunk Search 03-24-2020 0 4	0	4
How to group an event with multiple regular expressions to form a single event Hi, I have the following log format, How can I break this multiline event on condition that "2020-03-23 16:41:08,20... by leandromatperei Path Finder in Splunk Search 03-24-2020 0 2	0	2
changing font size on iframe Hi, I want to embed the outcome of Jenkins latest version(https://updates.jenkins.io/stable-2.204/latestCore.txt) in ... by neluvasilica Explorer in Splunk Search 03-24-2020 0 1	0	1
stats values Hi Splunk Team! i have a query: index=mail sourcetype=webmail \| stats values(time) as time values(severity) as sever... by vumanhtai Path Finder in Splunk Search 03-24-2020 0 5	0	5
possiblity of getting an alarm in terms of sound for an event. Hi All, I am having a working code. index=opennms "uei.opennms.org/nodes/nodeDown" AND "PGPMVCP1-LANRTC001" \| rena... by jerinvarghese Communicator in Splunk Search 03-24-2020 0 1	0	1
Index a small file (2 KB) Hi I need to index a small file (2KB) (on Heavy Forwarder ) the file is not indexed [monitor://\raanana\Tabi4Splu... by rayar Contributor in Splunk Search 03-24-2020 0 5	0	5
Different output in execution of same splunk query. Hello Splunkers, I am writing a simple splunk query to append 2 lookup. \|inputlookup test1.csv \| inputlookup append=t... by sarvesh_11 Communicator in Splunk Search 03-23-2020 0 0	0	0
Subsearch: How can we only see results when they are NOT found? I running a subsearch where i use a ID to find events from the index B in the index A. What I want to do is: list th... by mattheuslima Explorer in Splunk Search 03-23-2020 0 2	0	2