Splunk Search

Discussions

Thread Info

Is there a way to pass results of a subsearch to be used in the display and criteria of a parent search?

I've Googled it, but can't find a SOLUTION. I've got a search that pulls Validators remaining per Subject. I wan...

by Engager in

How to compare multivalue field with previous and next event value of _time field ?

Each multi-value field (FiledName: R_time ) which has time value in epoch format should be compared to it previous ev...

by Path Finder in

ldapsearch through map command is blanking out the rest of my table except for it's own output

1st search works (I get all fields in my table including GUID): earliest=-1y index=azuread sourcetype="ms:a...

by Path Finder in

Using Multiple Text Box Input For Searching

I have a dashboard built that views today's events for processes running on systems. To focus on a single event, I h...

by Path Finder in

When no events logged on the 1st of the month add log from the last day they were received

The following search gives me a table that contains the number of lines of code on the first of each month and calcul...

by Explorer in

How to see number of hits on a specific destination IP

Hi All, How can I see number of hits on a specific destination IP by using the search and reporting tab ? ...

by New Member in

I want to freeze (or to block) a row in a Splunk Table

Hi all, I am struggling with an issue about Splunk Developing. Our target is to freeze a row. Every time that anyon...

by New Member in

Require help to create query for table

Hi All, I have the below types of logs in in two different hosts in my index: HOST= abc log1: Tue Feb 2 19:07:2...

by Contributor in

Help with join - Periodically it fails to join a small percentage of records

I have a query to find missing forwarders. It is based on code I received here and it is so very close to working. ...

by Path Finder in

rest jobs runDuration inaccurate values

Hi All... As i am trying to find out the the long running search queries using this rest search, its working fine, bu...

by Ultra Champion in

Find Multiple Users With The Same Unknown Email Subject

Scenario: I have 10 machines infected with malware. The believed infection source is email, I am attempting to create...

by Engager in

excluding a search result

Hello Splunkers ! i have a problem here, that we're running an infra structure change and for that im getting d...

by Path Finder in

Need help to with query to create a table

Hi, I have the below types of logs in in two different hosts in my index: HOST= abc log1: Tue Feb 2 19:07:26 ES...

by Contributor in

Help with improving Regex

Here is the regex to extract message_type based on CIM. Could anyone make this faster than 1387 steps? https://reg...

by Contributor in

I need help on Splunk query

I need help on the query:

by Engager in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Is there a way to pass results of a subsearch to be used in the display and criteria of a parent search?

How to compare multivalue field with previous and next event value of _time field ?

ldapsearch through map command is blanking out the rest of my table except for it's own output

Using Multiple Text Box Input For Searching

When no events logged on the 1st of the month add log from the last day they were received

How to see number of hits on a specific destination IP

I want to freeze (or to block) a row in a Splunk Table

Require help to create query for table

Help with join - Periodically it fails to join a small percentage of records

rest jobs runDuration inaccurate values

Find Multiple Users With The Same Unknown Email Subject

excluding a search result

Need help to with query to create a table

Help with improving Regex

I need help on Splunk query

Announcing the 1st Round Champion’s Tribute Winners of the Great Resilience Quest

We’ve Got Education Validation!

What’s New in Splunk Cloud Platform 9.1.2308?

Users with the same roles, in the same app, and sa...

auto_generated_pool_download-trial

Automatic lookup during data ingestiont (Splunk cl...

Working with OpenTelemetry Cumulative Histogram Bu...

Better PDF report visualization