Splunk Search

Community Activity

	Need to send email notifications to the users and service-ids who are utilizing CPU. index=XXX sourcetype=XXX [\|inputlookup Edge_Nodes_All.csv where Environment="" AND host="" \|fields host] \|fields cl... by bmanikya Loves-to-Learn Everything in Splunk Search 06-24-2024 0 4	0	4
	appendcols and streamstats with alltime Hi allI have a search that works for a range of a few days (eg earliest=-7d@d), but when running for alltime it break... by dataisbeautiful Communicator in Splunk Search 06-24-2024 0 3	0	3
	regex help, extract time and convert to epoch and show only if epoch time is within 24 hours ago hi, i currently have this data and i would like to see if i can extract the date and time and see if it can display t... by thaghost99 Path Finder in Splunk Search 06-24-2024 0 4	0	4
	Default Log format for splunk I see some post about rules for splunk logs.But I don't find a list of rules. My applications logs a lot of lines fo... by mclane41 Explorer in Splunk Search 06-24-2024 0 2	0	2
	fetch todays filename and check with last 30 days filename for splunk alert Hi, I want to create alert based on file received. Everyday at randomly we used to receive files. ex. file name: file... by Dharani Path Finder in Splunk Search 06-24-2024 0 6	0	6
	Can you help me with my splunk search? I am trying to write a splunk search to pull what rules a particular user is hitting. This search is helping with tha... by smp8644 Loves-to-Learn in Splunk Search 06-22-2024 0 3	0	3
	Log events are being dropped when applying a condition Hello Everyone, I have built a Splunk query (shared below) recently & I noticed that when apply search condition App_... by Rao_KGY Loves-to-Learn in Splunk Search 06-21-2024 0 2	0	2
	splunk match between different sourcetypes I'm trying to create a search where I take a small list of IPs from sourcetype A and compare them against a larger se... by kirkj Observer in Splunk Search 06-21-2024 0 3	0	3
	Struggling with rex Hoping to find a solution here for my rex query (new to rex) I have an event that looks like this time="2024-06-22T00... by splunkingsid Engager in Splunk Search 06-21-2024 0 1	0	1
	Calculate average time taken for transactions. Field1=Start Field2=Finish Field1 and Field2 have multiple events with values Start and Finish for a given uid respe... by newbie77 Engager in Splunk Search 06-21-2024 0 2	0	2
	TimeChart Syntax Stuck again and not sure what I'm missing... I have the first two steps, but cannot figure out the syntax to use Time... by Substance82 Path Finder in Splunk Search 06-21-2024 0 2	0	2
	Joining and grouping indexes below is my scenario described by Oracle DBA I have two indexesINDEXAfieldAfieldBfieldCINDEXBfieldAfieldXfieldYfield... by kp_pl Path Finder in Splunk Search 06-21-2024 0 3	0	3
	index data Hello , How can I know the start time and the latest time coming of data of all index .meaning that when was the fir... by Siddharthnegi Contributor in Splunk Search 06-21-2024 0 3	0	3
	How to convert raw csv data into table format Hi Team,We have onboarded csv data into Splunk and each row in csv is ingested into _raw field . I need to bring this... by Splunk_sid Explorer in Splunk Search 06-21-2024 0 5	0	5
	Merging two columns as full join using append Hi, I have the results of an append operation as follows:IDCol3col4col5a abcaabcNo axyzYes b abcb xyzbxyzNo bfghYe... by Kadae Splunk Employee in Splunk Search 06-20-2024 0 3	0	3
	Splunk Report using outer and inner query for a SessionID & Date/Time I have a logfile like this - 2024-06-14 09:34:45,504 INFO [com.mysite.core.repo.BaseWebScript] [http-nio-8080-exec-4... by runiyal Path Finder in Splunk Search 06-20-2024 0 3	0	3
	Join operation doesn't return correct result I have two query tablestable 1index="k8s_main" namespace="app02013" "EConcessionItemProcessingStartedHandler.createRm... by Sophie6 New Member in Splunk Search 06-20-2024 0 1	0	1
	Macro expansion via SPL/REST I have a search that returns all of my correlation searches for a given app. \| rest splunk_server=local count=0 /se... by paulcurry Path Finder in Splunk Search 06-20-2024 0 3	0	3
	Adding and defining the value for a new Search Field. How do I add a new field and set the value to seven days ago from the current date, snapped to thebeginning of the c... by Substance82 Path Finder in Splunk Search 06-20-2024 0 2	0	2
	Conditional Success/Fail Hi all - I am trying to create what I would think is a relatively simple conditional statement in Splunk. Use Case: I... by Memphis Explorer in Splunk Search 06-20-2024 0 4	0	4
	rex - Extracting a string I want to exact a string 'GUID" from the log right after "customers". This regex expression works in https://regex101... by jrowland1230 Explorer in Splunk Search 06-20-2024 0 4	0	4
	showing chart based on Time and Transaction count this is the log data i want a report like this: my current query is :index="webmethods_prd" source="/apps/WebMethods... by avikc100 Path Finder in Splunk Search 06-20-2024 0 2	0	2
	How to get exception data for multiple lines of Get and Update logs Hi community, can anyone help me figure out the log which Get incorrect data after Update(both get and update will lo... by EricMonkeyKing Explorer in Splunk Search 06-20-2024 0 2	0	2
	How do I search for all events in the same "request" as a particular log line My application is a backend web service. All events in a request contain the same value for a "req_id" field.I have a... by illuminatedaxis Engager in Splunk Search 06-19-2024 0 2	0	2
	How to find difference of the time in days and hours respectively between Event time of the data and current time? How to find difference of the time in days and hours respectively between Event time of the data and current time?For... by akgmail Explorer in Splunk Search 06-19-2024 0 5	0	5