Splunk Search

Community Activity

AD User logon/Destination host report Hello Community, I am new in splunk. I want to make a report with all AD User logon with the details the source and ... by fgottilu New Member in Splunk Search 11-30-2019 0 3	0	3
How to input a single epoch time from a dashboard URL as a time range inside the time picker Hey gang, I have an external system which can call a dashboard URL - but it can only supply a single epoch time How ... by pkol Explorer in Splunk Search 11-29-2019 1 1	1	1
Is it possible to have a joined search with condition A in the first search OR condition B in the second search? Is it possible to have a joined search with condition A in the first search OR condition B in the second search? by ramsnazz New Member in Splunk Search 11-29-2019 0 4	0	4
Why is the timechart command not working properly? Hi All, Hope you all are good. I was working on displaying the number of machines which are active for last one hou... by niks987 Explorer in Splunk Search 11-29-2019 0 4	0	4
search problem Hello , I'm getting the following error in the Search head. How do I troubleshoot? Search process did not exit cle... by aalaa Path Finder in Splunk Search 11-29-2019 0 6	0	6
add time constraint for web site avilability check condition Referring below query: index=f5 \| rex field=headers "Host: (?<host_url>[a-zA-Z0-9\-\.]+\.[a-zA-Z]{2,3})" \| eval por... by riqbal47010 Path Finder in Splunk Search 11-29-2019 0 2	0	2
Why am I getting error "problem replicating config (bundle) to search peer..." on one search head and am getting no search results? Hi, I see the following error on one of my search heads since yesterday. Tried different things but haven't been ab... by dmenon84 Path Finder in Splunk Search 11-29-2019 1 6	1	6
Custom Command in Splunk I have created a python script and it is taking an argument . I have declared it ,like this` hash = Option( ... by ansusabu Communicator in Splunk Search 11-29-2019 0 0	0	0
search with same field diferent dates into a table side by side i want to verify if there is a difference in 2 counts made that relate to diferent timelines. This is what i've came... by rsaude Path Finder in Splunk Search 11-29-2019 0 3	0	3
Timechart issue Hi all, I have extracted a field (exit_status) in log file. I want to know if a process exit properly. I have 3 us... by clementros Path Finder in Splunk Search 11-29-2019 0 4	0	4
Is it possible to display events of multiple _time-values at once? I am trying to build a decent drilldown option and my current state is the following. I have a timechart with the nu... by MBehm New Member in Splunk Search 11-29-2019 0 5	0	5
refresh for sub set of admin role @MuS I would like to give access to some user to do refresh, i know they need admin role. However admin has 99 capa... by robertlynch2020 Influencer in Splunk Search 11-28-2019 1 2	1	2
index syntax question Within Splunk cloud 7.2.6 - If I run a search without specifying index or sourcetype it will search the main index b... by trojan_81 Path Finder in Splunk Search 11-28-2019 0 4	0	4
legacy notation: populating search for populating a tickbox input. I have the following bit of code that does a search. The results of that search populates a tickbox input. I wrote it... by HattrickNZ Motivator in Splunk Search 11-28-2019 0 3	0	3
duplicate values causing conflict Hi, Im getting this error although I do not have any duplicate values. Below is the screenshot and my xml: <form> ... by sarnagar Contributor in Splunk Search 11-28-2019 9 4	9	4
Drop-down error "Duplicate values causing conflict" - Dedup not working? Hi everyone, I'm trying to dynamically populate a dropdown menu with error codes. Obviously, I don't want duplicat... by Svill321 Path Finder in Splunk Search 11-28-2019 1 6	1	6
Searching for percentage of total count grouped into buckets I have a list of article IDs and their corresponding article view counts for a given day. I want to see what percen... by tmtcollins Explorer in Splunk Search 11-28-2019 0 3	0	3
question about vulnerability? Greetings!! I would like to ask about this vulnerability : https://www.bleepingcomputer.com/news/security/splunk-fac... by pacifikn Communicator in Splunk Search 11-28-2019 0 1	0	1
Is it possible to launch a connector in Splunkbase? Hi All, We have a prediction platform and we have developed a connector that can explore Splunk SDK for search and d... by abhilashr New Member in Splunk Search 11-28-2019 0 4	0	4
help to filter data after a loadjob command hi I use the scheduled search below `winevent` (sourcetype="XmlWinEventLog:Microsoft-Windows-Sysmon/Operational" AND... by jip31 Motivator in Splunk Search 11-27-2019 1 9	1	9
[indexer1] The lookup table 'XXX' does not exist. It is referenced by configuration 'YYY'. I've been investigating this error which is appearing 6 times per search (1 for each indexer in the cluster) for a wh... by stepheneardley Path Finder in Splunk Search 11-27-2019 0 7	0	7
How can I show a list of devices that have been offline for more than a week? New to Splunk and trying to learn it: sorry for the dumb question. So I am trying to filter out a list of POS device... by kourbeh New Member in Splunk Search 11-27-2019 0 1	0	1
Require splunk query to get list of processes running in web server I used sourcetype-perfmon:process and i could get fields - counter/instance/object which refers process name by jeniemmanuel New Member in Splunk Search 11-27-2019 0 2	0	2
Event breaking help with props.conf I have a sourcetype that I'm working with and trying to break up the events by any line that says "Job start time: yy... by joesrepsolc Communicator in Splunk Search 11-27-2019 0 5	0	5
Any way to break this row into two columns? I am setting up a dashboard that monitors count of events on a daily basis and a previous 30 day average by customer.... by bhavlik Path Finder in Splunk Search 11-27-2019 0 5	0	5