Splunk Search

Community Activity

Got problem with mvexpand and its 500MB memory limit? Try a reverse stats join! Hey,I had discovered you can emulate the mvexpand function to avoid its limitation configured by the limits.conf You ... by ClubMed Path Finder in Splunk Search 06-05-2024 1 2	1	2
Calculating average mean time to remediate across multiple timespans (30d, 90d, 365d) My org is pulling in vuln data using the Qualys TA and I am trying to put together a handful of searches and dashboar... by DATT Path Finder in Splunk Search 06-04-2024 0 2	0	2
Calculated field Hi Team, I need to create 3 calculated fields \| eval action= case(error="invalid credentials", "failure", ((like('re... by VijaySrrie Builder in Splunk Search 06-04-2024 0 1	0	1
main search get index from subsearch Hello Everyone,I would want to ask a question, is there any way for main search get the index return from subsearch? ... by cshihua Engager in Splunk Search 06-04-2024 0 4	0	4
what is the time field for latest after tstats? Trying to understand what is the time field after tstats. We have the _time field for every event, thats how tstats f... by OriP New Member in Splunk Search 06-04-2024 0 2	0	2
Extracting values inside of a [] , which are , separated with spaces trying to use rex to get the contents for the field letterIdAndDeliveryIndicatorMap.For example, Logged string letter... by RamMur Explorer in Splunk Search 06-04-2024 0 4	0	4
Unable to run any search query : WARN: Search filters specified using splunk_server/splunk_server_group do not match any search peer. WARN: Search filters specified using splunk_server/splunk_server_group do not match any search peer. Possibilities :... by splunker12er Motivator in Splunk Search 06-04-2024 1 14	1	14
Sum categories from a main search. Hi Cummunity team, I have a complex query to gather the data below, but a new request came up, it was asked to me to ... by JMPP Explorer in Splunk Search 06-04-2024 0 3	0	3
Perform a cidrmatch against a network CIDR retrieved from an inputlookup Hi All, We run searches against logs that return, as part of the dataset, IP addresses. We basically want to know wha... by seaofdreams1978 Engager in Splunk Search 06-04-2024 0 3	0	3
How to add a dummy row to the table calculating the timings in the Splunk dashboard How to add a dummy row to the table in the Splunk dashboard.We are receiving 2 files everyday 4 times in between 6-7:... by Anud Path Finder in Splunk Search 06-04-2024 0 3	0	3
How to find all alerts reports, and Dashboards using a specific search string Hello, I've been asked to provide a list of all Alerts/Reports/Dashboards that contain the value "You Found a bug!" ... by tdavison76 Path Finder in Splunk Search 06-04-2024 0 3	0	3
How to specific time range in my search results Hi all,How to give the range to that first and last if the date is in between last 3weeks till today which matches to... by AL3Z Builder in Splunk Search 06-04-2024 0 5	0	5
Overview Dashboard Summarize Errors Hello,I've a couple of detailed dashboards, all indicating the health status of my systems. Instead of opening each d... by mclog New Member in Splunk Search 06-04-2024 0 2	0	2
Splunk query to find browsers installed on a machine Hi,can someone help me with splunk search to identify browsers installed on a machine, im looking for a specific fiel... by Roy_9 Motivator in Splunk Search 06-04-2024 0 4	0	4
Rex search for a specific pattern I have a splunk query that has following text in message field - "message":"sypher:[tokenized] build successful -\xxx... by nisheethbaxi Loves-to-Learn in Splunk Search 06-03-2024 0 4	0	4
how to group by transaction type My Log data looks like: i am using this query: index="webmethods_prd" source="/apps/WebMethods/IntegrationServer/ins... by avikc100 Path Finder in Splunk Search 06-03-2024 0 1	0	1
How to filter multivalue null values? Hi All, I want to filter out null values.In my field the ImpCon having null values.Now i want to filter the values wh... by karthi2809 Builder in Splunk Search 06-03-2024 0 11	0	11
Eventstats command Hello, I'm trying to write a Splunk search for detecting unusual behavior in emails sending, here is the spl query: \|... by marco_massari11 Communicator in Splunk Search 06-03-2024 0 8	0	8
Word Cloud Not Showing Hi Everyone!My wordcloud is only showing undefined, I'm following a similar search to \|stats count by word But all i... by michaelsplunk1 Path Finder in Splunk Search 06-03-2024 0 1	0	1
How to build the query for the raw data. Hi Team,Good day!I need to build query in such way that need to get only success payload that are related to particul... by Vamshi1904 Observer in Splunk Search 06-03-2024 0 3	0	3
How to display count as zero when no events are returned I have three lookup files and I am trying to find out which one has a zero count. Below is the query I am using. \| ... by 493600 Explorer in Splunk Search 06-03-2024 0 5	0	5
Extract json values from string json array Hi, my splunk search results in two fields - Time and Event. Inside Event field there are multiple searchable fields,... by mipa04 Engager in Splunk Search 06-03-2024 0 8	0	8
Calculated field Hi Team,How to write a calculated field for below \| eval action=case(like("request.path","auth/ldap/login/names"),"su... by VijaySrrie Builder in Splunk Search 06-02-2024 0 1	0	1
Using wildcards in splunk lookups, can't match second field Hello, I need help with the following scenario:Let's say I have a log source with browser traffic data, one of the av... by Josh1890 Explorer in Splunk Search 06-02-2024 0 10	0	10
Using Splunk for Asset Discovery in Vulnerability Management I am in Vulnerability Management and a novice Splunk user. I want to create a query to quickly determine whether we ... by simuneer New Member in Splunk Search 06-01-2024 0 7	0	7