Splunk Search

Community Activity

Log events are being dropped when applying a condition Hello Everyone, I have built a Splunk query (shared below) recently & I noticed that when apply search condition App_... by Rao_KGY Loves-to-Learn in Splunk Search 06-21-2024 0 2	0	2
splunk match between different sourcetypes I'm trying to create a search where I take a small list of IPs from sourcetype A and compare them against a larger se... by kirkj Observer in Splunk Search 06-21-2024 0 3	0	3
Struggling with rex Hoping to find a solution here for my rex query (new to rex) I have an event that looks like this time="2024-06-22T00... by splunkingsid Engager in Splunk Search 06-21-2024 0 1	0	1
Calculate average time taken for transactions. Field1=Start Field2=Finish Field1 and Field2 have multiple events with values Start and Finish for a given uid respe... by newbie77 Engager in Splunk Search 06-21-2024 0 2	0	2
TimeChart Syntax Stuck again and not sure what I'm missing... I have the first two steps, but cannot figure out the syntax to use Time... by Substance82 Path Finder in Splunk Search 06-21-2024 0 2	0	2
Joining and grouping indexes below is my scenario described by Oracle DBA I have two indexesINDEXAfieldAfieldBfieldCINDEXBfieldAfieldXfieldYfield... by kp_pl Path Finder in Splunk Search 06-21-2024 0 3	0	3
index data Hello , How can I know the start time and the latest time coming of data of all index .meaning that when was the fir... by Siddharthnegi Contributor in Splunk Search 06-21-2024 0 3	0	3
How to convert raw csv data into table format Hi Team,We have onboarded csv data into Splunk and each row in csv is ingested into _raw field . I need to bring this... by Splunk_sid Explorer in Splunk Search 06-21-2024 0 5	0	5
Merging two columns as full join using append Hi, I have the results of an append operation as follows:IDCol3col4col5a abcaabcNo axyzYes b abcb xyzbxyzNo bfghYe... by Kadae Splunk Employee in Splunk Search 06-20-2024 0 3	0	3
Splunk Report using outer and inner query for a SessionID & Date/Time I have a logfile like this - 2024-06-14 09:34:45,504 INFO [com.mysite.core.repo.BaseWebScript] [http-nio-8080-exec-4... by runiyal Path Finder in Splunk Search 06-20-2024 0 3	0	3
Join operation doesn't return correct result I have two query tablestable 1index="k8s_main" namespace="app02013" "EConcessionItemProcessingStartedHandler.createRm... by Sophie6 New Member in Splunk Search 06-20-2024 0 1	0	1
Macro expansion via SPL/REST I have a search that returns all of my correlation searches for a given app. \| rest splunk_server=local count=0 /se... by paulcurry Path Finder in Splunk Search 06-20-2024 0 3	0	3
Adding and defining the value for a new Search Field. How do I add a new field and set the value to seven days ago from the current date, snapped to thebeginning of the c... by Substance82 Path Finder in Splunk Search 06-20-2024 0 2	0	2
Conditional Success/Fail Hi all - I am trying to create what I would think is a relatively simple conditional statement in Splunk. Use Case: I... by Memphis Explorer in Splunk Search 06-20-2024 0 4	0	4
rex - Extracting a string I want to exact a string 'GUID" from the log right after "customers". This regex expression works in https://regex101... by jrowland1230 Explorer in Splunk Search 06-20-2024 0 4	0	4
showing chart based on Time and Transaction count this is the log data i want a report like this: my current query is :index="webmethods_prd" source="/apps/WebMethods... by avikc100 Path Finder in Splunk Search 06-20-2024 0 2	0	2
How to get exception data for multiple lines of Get and Update logs Hi community, can anyone help me figure out the log which Get incorrect data after Update(both get and update will lo... by EricMonkeyKing Explorer in Splunk Search 06-20-2024 0 2	0	2
How do I search for all events in the same "request" as a particular log line My application is a backend web service. All events in a request contain the same value for a "req_id" field.I have a... by illuminatedaxis Engager in Splunk Search 06-19-2024 0 2	0	2
How to find difference of the time in days and hours respectively between Event time of the data and current time? How to find difference of the time in days and hours respectively between Event time of the data and current time?For... by akgmail Explorer in Splunk Search 06-19-2024 0 5	0	5
How to count the same values over different fields together? Lets say we have the following data set: Fruit_ID Fruit_1 Fruit_2 1 Apple NULL 2 Apple NULL 3 Apple NULL 4 Oran... by RonWonkers Path Finder in Splunk Search 06-19-2024 0 4	0	4
SPL query help Hi All,Need some help with SPL query to compare the data from same host on 2 different dates and give me a status as ... by KulvinderSingh Path Finder in Splunk Search 06-19-2024 0 1	0	1
How can I group and aggregate and filter all events based on those aggregated attributes? Coming from SQL, I want to do stuff like GROUP BY and HAVING ...The data is available with a transaction identifier.G... by cjoelly Loves-to-Learn in Splunk Search 06-18-2024 0 3	0	3
Why is my search with "where NOT equals this OR this OR this" not filtering out results as expected? \| dedup _raw \| where NOT MsgId=="AUT22673" OR MsgId=="AUT23574" OR MsgId=="AUT20915" OR MsgId=="AUT22886" What am I... by jsven7 Communicator in Splunk Search 06-18-2024 1 9	1	9
Filter a log using regex I need to filter a part of a log using regex, I have the following loglog: {dx.trace_id=xxxxx, dx.span_id=yyyyy, dx.t... by jose_sepulveda Loves-to-Learn in Splunk Search 06-18-2024 0 6	0	6
How to query for MFA and SSO on network Thank you everyone for taking the time to ready this. I am new in Splunk and interested in learning more. I have a pr... by sgtwolf1 Explorer in Splunk Search 06-18-2024 0 1	0	1