Splunk Search

Community Activity

	dedup on Field over time span we have data in Splunk for user sessions in an app and I am trying to produce a line graph to show usage every hour. ... by triva79 Explorer in Splunk Search 05-20-2024 0 5	0	5
	moving CSV to Database and replace lookup with dbxlookup Hello,I am currently correlating an index with CSV file using lookup.I am planning to move CSV file to database and w... by LearningGuy Motivator in Splunk Search 05-19-2024 0 13	0	13
	How to redefine a field definition to one minute character processed or modified Please tell me how to make the output replace some characters in the field definitions.Specifically, the problem is t... by NC_AS Explorer in Splunk Search 05-19-2024 0 2	0	2
	How to find dashboards not in use by the amount of days? Hi guys I need to find all dashboards not used in x days. I saw this has already been asked in this forum but I can'... by mrsplunx New Member in Splunk Search 05-19-2024 0 4	0	4
	Splunk search with wildcard in field name I need to see all events with fields that have "PROD*" in name, e.g. "PROD deploy", "PROD update", etc.`index=myIndex... by kagarlickij Explorer in Splunk Search 05-19-2024 0 19	0	19
	sysmon and Defender search Hi,I am quite new to Splunk, so sorry in advance if I ask silly questions.I have below task to do: "The logs show tha... by Pere New Member in Splunk Search 05-18-2024 0 1	0	1
	Show source failing for 100/1000 events Event Actions > Show sources failing at 100/1000 events with the below 2 errors - [e430ac81-66f7-40b8-8c76-baa24d2813... by kombi Loves-to-Learn Lots in Splunk Search 05-17-2024 0 0	0	0
	Renaming or ordering values used in a stats by query Here's a part of my query, ignoring where the data is coming from: \| eval bucket=case(dur < 30, "Less than 30sec", du... by jrs42 Path Finder in Splunk Search 05-17-2024 0 4	0	4
	Timechart based off of a search and an appended inputlookup I have the following query that gives me a list of pods that are missing based off the comparison of what should be d... by fishn Explorer in Splunk Search 05-17-2024 0 10	0	10
	How to combine two searches with streaming commands? I want to combine two search results, whereby I'm only interested in the last x/y events from each subquery. Somethin... by mgutschelhofer Explorer in Splunk Search 05-17-2024 0 5	0	5
	Remove every occurrence of pattern from _raw event Hi, I would like to remove every occurrence of a specific pattern from my _raw events.Specifically in this case I am ... by tommasoscarpa1 Path Finder in Splunk Search 05-17-2024 0 2	0	2
	Why is loadjob not getting all results? Hi everyone.I am trying to create historical capacity data over some servers. I have 1 search that will return all th... by michaelnorup Communicator in Splunk Search 05-17-2024 0 5	0	5
	How to search for only select users based on a regex extract So I have the following setup and everything is good but I want to kind of do a subsearch In the Event - Sample User-... by LizAndy123 Path Finder in Splunk Search 05-17-2024 0 2	0	2
	how to add calculation result of timechart Hello,I'm trying to new chart as calculate through packet count.I search with query for interface for several device.... by Richard_400 Engager in Splunk Search 05-16-2024 0 2	0	2
	Searches Can i get a query that will find searches that users are running in splunk by whitecat001 Explorer in Splunk Search 05-16-2024 0 6	0	6
	Data used by searches? I want a query that shows the total volume of indexes used for splunk searches. Query on information that has to do ... by whitecat001 Explorer in Splunk Search 05-16-2024 0 2	0	2
	Splunk Searches Pls what is the rest endpoint for searches that users are running by whitecat001 Explorer in Splunk Search 05-16-2024 0 3	0	3
	How to get the last Sunday of each month? Hello,Can I know how to get the last Sunday of each month? For example, 31st is last Sunday of Jan 2021, 28th is last... by ettaly Engager in Splunk Search 05-16-2024 0 4	0	4
	Get the recent event date from a .csv using inputlookup at the same time append a wildcard into the host. Currently, this is my SPL query and it just displays different resultsthis is my hostname_list.csvhosthostname_a*host... by ephraimjoseph New Member in Splunk Search 05-16-2024 0 1	0	1
	Field not being extracted from mainframe event. I have 2 eventa from a mainframe running z/OS (not sure that affects things):1.{"MFSOURCETYPE":"SYSLOG","DATETIME":"2... by SteveIves1 Engager in Splunk Search 05-15-2024 0 10	0	10
	Chart, order, and bins: How to separate a chart according to an imposed order I have some non-time-based data that I'd like to summarize using chart with a small number of bins. For example, <so... by BrentHetherwick Explorer in Splunk Search 05-15-2024 0 4	0	4
	lookup csv but need to the lookup file contains several fields that need to be concatenated to match event field Hi.I have a lookup file with phone numbers broken down into their parts, so:cc,npa,nxx,list1,210,5551234,good1,512,77... by loganramirez Path Finder in Splunk Search 05-15-2024 0 2	0	2
	Problem in parsing Powershell commands Hello Community!I am trying to set up a search to monitor Powershell commands from Windows hosts; specifically, I am ... by valleyman Loves-to-Learn Lots in Splunk Search 05-15-2024 0 6	0	6
	SAML users unable to load reports or alerts SAML authenticated users are unable to access either REPORTS or ALERTS from the search app @ ./app/search/reports or ... by tlmayes Contributor in Splunk Search 05-15-2024 0 0	0	0
	Use each row of a csv as an individual search and return the results in a table Hi all,I've a csv file with 3 columns ip, earliest, latest and over 400 rows. I'm trying to return all evens associa... by tnegun Engager in Splunk Search 05-15-2024 0 3	0	3