Splunk Search

Community Activity

	Only show fields that has the word Read in them Hello!I have the following search: \| mstats avg() as WHERE index=indexhere host=hosthere span=1 by host \|timechart... by ChristofferK Engager in Splunk Search 06-25-2024 0 1	0	1
	Add Secondary search variable in primary search index="ss-stg-dkp" cluster_name="" AND namespace=dcx AND (label_app="composite-" ) sourcetype="kube:container:main"... by rahulmittal2391 New Member in Splunk Search 06-25-2024 0 1	0	1
	Calculate VPN duration per user Dears, I am trying to calculate how the total duration each user spends connected through VPN, their total online tim... by ibralah93 Loves-to-Learn Lots in Splunk Search 06-25-2024 0 7	0	7
	Multiple Field extraction using regex Hi team,I need to extract the highlighted field in the below messege using regex... I have tried Splunk inbuilt field... by parthiban Path Finder in Splunk Search 06-24-2024 0 6	0	6
	Export modal popup panel to pdf? I have a dashboard X consisting of multiple panels (A, B, C) each populated with dynamic tokens. Panel A consists of ... by cherrypick Path Finder in Splunk Search 06-24-2024 0 2	0	2
	Data can not be inherited ? Hello everyone, I am a newbie in this field, I am looking forward to your help.I am using Eventgen to create data sam... by OnePiece Loves-to-Learn Lots in Splunk Search 06-24-2024 0 4	0	4
	Need to send email notifications to the users and service-ids who are utilizing CPU. index=XXX sourcetype=XXX [\|inputlookup Edge_Nodes_All.csv where Environment="" AND host="" \|fields host] \|fields cl... by bmanikya Loves-to-Learn Everything in Splunk Search 06-24-2024 0 4	0	4
	appendcols and streamstats with alltime Hi allI have a search that works for a range of a few days (eg earliest=-7d@d), but when running for alltime it break... by dataisbeautiful Communicator in Splunk Search 06-24-2024 0 3	0	3
	regex help, extract time and convert to epoch and show only if epoch time is within 24 hours ago hi, i currently have this data and i would like to see if i can extract the date and time and see if it can display t... by thaghost99 Path Finder in Splunk Search 06-24-2024 0 4	0	4
	Default Log format for splunk I see some post about rules for splunk logs.But I don't find a list of rules. My applications logs a lot of lines fo... by mclane41 Explorer in Splunk Search 06-24-2024 0 2	0	2
	fetch todays filename and check with last 30 days filename for splunk alert Hi, I want to create alert based on file received. Everyday at randomly we used to receive files. ex. file name: file... by Dharani Path Finder in Splunk Search 06-24-2024 0 6	0	6
	Can you help me with my splunk search? I am trying to write a splunk search to pull what rules a particular user is hitting. This search is helping with tha... by smp8644 Loves-to-Learn in Splunk Search 06-22-2024 0 3	0	3
	Log events are being dropped when applying a condition Hello Everyone, I have built a Splunk query (shared below) recently & I noticed that when apply search condition App_... by Rao_KGY Loves-to-Learn in Splunk Search 06-21-2024 0 2	0	2
	splunk match between different sourcetypes I'm trying to create a search where I take a small list of IPs from sourcetype A and compare them against a larger se... by kirkj Observer in Splunk Search 06-21-2024 0 3	0	3
	Struggling with rex Hoping to find a solution here for my rex query (new to rex) I have an event that looks like this time="2024-06-22T00... by splunkingsid Engager in Splunk Search 06-21-2024 0 1	0	1
	Calculate average time taken for transactions. Field1=Start Field2=Finish Field1 and Field2 have multiple events with values Start and Finish for a given uid respe... by newbie77 Engager in Splunk Search 06-21-2024 0 2	0	2
	TimeChart Syntax Stuck again and not sure what I'm missing... I have the first two steps, but cannot figure out the syntax to use Time... by Substance82 Path Finder in Splunk Search 06-21-2024 0 2	0	2
	Joining and grouping indexes below is my scenario described by Oracle DBA I have two indexesINDEXAfieldAfieldBfieldCINDEXBfieldAfieldXfieldYfield... by kp_pl Path Finder in Splunk Search 06-21-2024 0 3	0	3
	index data Hello , How can I know the start time and the latest time coming of data of all index .meaning that when was the fir... by Siddharthnegi Contributor in Splunk Search 06-21-2024 0 3	0	3
	How to convert raw csv data into table format Hi Team,We have onboarded csv data into Splunk and each row in csv is ingested into _raw field . I need to bring this... by Splunk_sid Explorer in Splunk Search 06-21-2024 0 5	0	5
	Merging two columns as full join using append Hi, I have the results of an append operation as follows:IDCol3col4col5a abcaabcNo axyzYes b abcb xyzbxyzNo bfghYe... by Kadae Splunk Employee in Splunk Search 06-20-2024 0 3	0	3
	Splunk Report using outer and inner query for a SessionID & Date/Time I have a logfile like this - 2024-06-14 09:34:45,504 INFO [com.mysite.core.repo.BaseWebScript] [http-nio-8080-exec-4... by runiyal Path Finder in Splunk Search 06-20-2024 0 3	0	3
	Join operation doesn't return correct result I have two query tablestable 1index="k8s_main" namespace="app02013" "EConcessionItemProcessingStartedHandler.createRm... by Sophie6 New Member in Splunk Search 06-20-2024 0 1	0	1
	Macro expansion via SPL/REST I have a search that returns all of my correlation searches for a given app. \| rest splunk_server=local count=0 /se... by paulcurry Path Finder in Splunk Search 06-20-2024 0 3	0	3
	Adding and defining the value for a new Search Field. How do I add a new field and set the value to seven days ago from the current date, snapped to thebeginning of the c... by Substance82 Path Finder in Splunk Search 06-20-2024 0 2	0	2