Splunk Search

Community Activity

Unable to extract Time in search results Hi All, I have proper timestamp logs in Splunk. I am able to extract time for all the searches except one. index =m... by ramprakash Explorer in Splunk Search 03-24-2020 0 3	0	3
How to configure the number of event rows in the Event Log Collection list. I have some problems with configuring rows in the event log collection list. For now, we use default Splunk data for... by denisdabtist New Member in Splunk Search 03-24-2020 0 0	0	0
Time filtering Current code that am using is below index=opennms "uei.opennms.org/nodes/nodeUp" OR "uei.opennms.org/nodes/nodeDow... by jerinvarghese Communicator in Splunk Search 03-24-2020 0 4	0	4
How to group an event with multiple regular expressions to form a single event Hi, I have the following log format, How can I break this multiline event on condition that "2020-03-23 16:41:08,20... by leandromatperei Path Finder in Splunk Search 03-24-2020 0 2	0	2
changing font size on iframe Hi, I want to embed the outcome of Jenkins latest version(https://updates.jenkins.io/stable-2.204/latestCore.txt) in ... by neluvasilica Explorer in Splunk Search 03-24-2020 0 1	0	1
stats values Hi Splunk Team! i have a query: index=mail sourcetype=webmail \| stats values(time) as time values(severity) as sever... by vumanhtai Path Finder in Splunk Search 03-24-2020 0 5	0	5
possiblity of getting an alarm in terms of sound for an event. Hi All, I am having a working code. index=opennms "uei.opennms.org/nodes/nodeDown" AND "PGPMVCP1-LANRTC001" \| rena... by jerinvarghese Communicator in Splunk Search 03-24-2020 0 1	0	1
Index a small file (2 KB) Hi I need to index a small file (2KB) (on Heavy Forwarder ) the file is not indexed [monitor://\raanana\Tabi4Splu... by rayar Contributor in Splunk Search 03-24-2020 0 5	0	5
Different output in execution of same splunk query. Hello Splunkers, I am writing a simple splunk query to append 2 lookup. \|inputlookup test1.csv \| inputlookup append=t... by sarvesh_11 Communicator in Splunk Search 03-23-2020 0 0	0	0
Subsearch: How can we only see results when they are NOT found? I running a subsearch where i use a ID to find events from the index B in the index A. What I want to do is: list th... by mattheuslima Explorer in Splunk Search 03-23-2020 0 2	0	2
Unable to get substring from the splunk log I have an requirement to get only the exception related substring from the splunk log, My log will be in the followin... by karthi25 Path Finder in Splunk Search 03-23-2020 0 8	0	8
Splunk query to list all the knowledge objects that use splunk internal indexes(_*) ? Is there any way in splunk to pull all the list of dashboards, macros, saved searches, and data models that uses the ... by pavanae Builder in Splunk Search 03-23-2020 1 1	1	1
Unique number of users Hi , I am running a query to get count of unique users like \| stats dc(user) How do I get list of those unique user... by rashi83 Path Finder in Splunk Search 03-23-2020 0 2	0	2
Host Check-in to Sourcetype Hi, We have a sourcetype type called "WinHostMon" and many hosts report into it. Does anyone have any SPL laying a... by itsmevic Communicator in Splunk Search 03-23-2020 0 2	0	2
Lookup Challenge Hi all, With all this work from home, I'm now pulling logs from the VPN equipment. Now leadership is asking to equa... by gabarrygowin Path Finder in Splunk Search 03-23-2020 0 5	0	5
How to extract three latest values of a field by field? Hi! I have different events and for every event i have a list of reasons. I want to display only three of the reasons... by pomazanelvira New Member in Splunk Search 03-23-2020 0 3	0	3
Unable to extract substring from the string in splunk I have an requirement to get only the exception related substring from the splunk log, My log will be in the followin... by karthikarsmarte New Member in Splunk Search 03-23-2020 0 1	0	1
Join two searches with the latest field Hello, Is it possible to perform a join type=left to another search by combining the also the latest field? Example... by vpaschalidis Loves-to-Learn in Splunk Search 03-23-2020 0 11	0	11
Splunk lookup table info and search Hello Splunkers, Can you help me below case to build splunk search. I have firewall data coming to index=firewall... by Splunk_rocks Path Finder in Splunk Search 03-23-2020 0 1	0	1
How to create a regex to extract data from windows event? I have an event code 33205 which comes from Windows application logs, for which field extraction is not happening eve... by gndivya Explorer in Splunk Search 03-23-2020 0 9	0	9
Extract field on index Hi I’ve create index and want to extract fields on it. is possible through the web interface or i should edit specif... by indeed_2000 Motivator in Splunk Search 03-23-2020 0 3	0	3
exclude results near a match (ie exclude match AND +- 2 seconds) I cant imagine this is possible, but splunk continuously surprises me, so ill ask: Is there anyway to exclude resul... by spunk311z Path Finder in Splunk Search 03-22-2020 0 1	0	1
Why is the number of host values for the same time period different in tstats vs search on wineventlogs? I search the same time period in wineventlogs for host values with tstats (37,558) and with regular search (42,008): ... by landen99 Motivator in Splunk Search 03-22-2020 1 1	1	1
Overlay value in time chart There are multiple programs running every day and I want to visualise the volume and duration of each program by day.... by tanasami New Member in Splunk Search 03-22-2020 0 2	0	2
Multiple value for the same field in one event.How to determine statistics I have an event having 3 errors..I have a regular expression written to capture the error as "ERROR".And now i have a... by prettysunshinez Explorer in Splunk Search 03-22-2020 0 11	0	11