Splunk Search

Community Activity

Replace all newlines anywhere (beginning, middle, end) on field Hello all, I have a field with data that looks like this: The process has failed. Please review. Dear Team Please... by dojiepreji Path Finder in Splunk Search 02-12-2020 0 6	0	6
How to calculate the value of row for every column and fetch the result in table? I want calculate the row values of every column by error message... I did \| Stats count(host) values(host) values(fu... by marisstella Explorer in Splunk Search 02-12-2020 0 1	0	1
Guarantee startswith when using keepevicted Hi Splunk community, I am trying to make a query that returns all transactions for a starting event and ending event ... by gp2 New Member in Splunk Search 02-12-2020 0 3	0	3
Phantom poling data from splunk I have a playbook that writes data to an index a. And I am polling events which are closed , ie, `notable\|search sta... by ansusabu Communicator in Splunk Search 02-12-2020 0 0	0	0
How abort a search based on a condition? I have a search that writes a lookup file at the end. I also have searches that end in a collect command. And there a... by reed_kelly Contributor in Splunk Search 02-12-2020 1 9	1	9
Splunk returns zero results using REST API I'm trying to search a query and retrieve the results through REST API, and it returns zero results. Below queries, i... by kvmadan Explorer in Splunk Search 02-11-2020 0 1	0	1
Unable to retrieve data from Splunk Hi, In our environment Nagios and Splunk are integrated. We configured an alert in Nagios monitoring tool which f... by pratapa Explorer in Splunk Search 02-11-2020 0 2	0	2
Does Splunk have the ability to sort by month-year? I have data that looks like Jan-19 and I want to sort by it. Except I can't, because strptime("Jan-19","%b-%y") does ... by nick405060 Motivator in Splunk Search 02-11-2020 0 1	0	1
Relative reference to columns There's something I'm just not getting today... I've got a chart command that generates results from a series of sea... by aaron_sakovich Path Finder in Splunk Search 02-11-2020 0 2	0	2
Is there a way to get a True or False match on source IP with Tor exit node list in a timechart? I would like to know if there is a way to get true/false match on source IP to see tor sourced traffic over time in a... by kwhatcher New Member in Splunk Search 02-11-2020 0 3	0	3
How to search from last occurrence of a string Hello Experts, I am trying to read the text from the last square bracket (which is TestModelCompany,en_US) 21:11:31... by benuantony New Member in Splunk Search 02-11-2020 0 10	0	10
How to count for all columns in table based on condition in Splunk Hi, We have nearly 50 columns and we want to extract the count for each column based on condition and represent in b... by Gayathri95 New Member in Splunk Search 02-11-2020 0 19	0	19
We see this error message "Search peer USADC-xxxxx has the following message: Too many streaming errors to target=xx.xx.xxx:8080. We have four indexer and replication factor is 2.replication port is on all indexer is 8080 and is enabled on all ser... by shivanandbm Explorer in Splunk Search 02-11-2020 0 2	0	2
Converting extracted information to 12 hour AM/PM format Hello, I am extract information from logs via rex, and I am currently extra information in military time format. (i.... by harshparikhxlrd Path Finder in Splunk Search 02-11-2020 0 3	0	3
IP Watchlist Lookup Hello, I currently have a search against our firewalls, below is the current search. index=(my index) sourcetype="m... by nlisle New Member in Splunk Search 02-11-2020 0 4	0	4
How to group a multi-regex event to form a single event until you find the date only at the beginning of the interaction Hi, I have the following log format, How can I break this multiline event on condition that "2020-01-23 03:50:49,06... by leandromatperei Path Finder in Splunk Search 02-11-2020 0 1	0	1
Extract field values by eliminating random strings I have field values as below , field1=value1 filed2=server1 field1=service/value2/a1 field2=server2... by Allampally Path Finder in Splunk Search 02-11-2020 0 1	0	1
Using result fields for earliest/latest time in secondary search I have an existing search that finds fields named "RunDate" "StartTime" "EndTime" stored as part of test run summarie... by lukepatrick Explorer in Splunk Search 02-11-2020 0 4	0	4
Is there a way to enable event sampling in a search? Is there any way to enable event sampling in a search? I know this can be enabled in a GUI using dropdown list under ... by jankowsr Path Finder in Splunk Search 02-11-2020 1 4	1	4
help on coloring a threshold number with a unit value hi I use a search wich add a unit value at the end of the result (GB) \| eval FreeSpace=FreeSpace." GB", TotalSpace=... by jip31 Motivator in Splunk Search 02-11-2020 0 4	0	4
Splunk Integration with Power BI Hi, I'm looking at possibly integrating certain of my Splunk dashboards with Power Bi hopefully using a REST API. ... by harrywren86 Observer in Splunk Search 02-11-2020 0 0	0	0
Splunk Get Earliest Data by Index and Sourcetype Hi All, Is it possible to get the Earliest available date of index and source type . I tried "Tstats" and "Metadata"... by jadengoho Builder in Splunk Search 02-11-2020 0 3	0	3
LIcense Usage by Source Type Can someone help me include sourcetype to my search below? I am trying to run a report for the past 60 days and need ... by fmpa_isaac Path Finder in Splunk Search 02-10-2020 0 6	0	6
Need help with rex command Hello I'm trying to run a rex command to extract "is set to expire" Relying party trust 'ButterCup Games - Test' xx... by locose Path Finder in Splunk Search 02-10-2020 0 2	0	2
nslookup TXT queries with Splunk I am trying to see if its possible to run nslookup -q=TXT domain 8.8.8.8 so i can compare the results of the output t... by urana Engager in Splunk Search 02-10-2020 0 3	0	3