Splunk Search

Community Activity

How to combine foreach command with lookup data? Hello, In order to clean our filtering rules we'd like to check if some of our old URL's are still in use (an if yes... by AlexeySh Communicator in Splunk Search 10-14-2019 0 5	0	5
Transposing a table with _time as header and grouping the results Hello all, I currently have a search that produces the following output: This is the result of multiple append an... by dojiepreji Path Finder in Splunk Search 10-14-2019 0 2	0	2
Custom iplocation We are currently the implication command to external IP addresses and it works great. Is it possible to create a cus... by pjohnson1 Path Finder in Splunk Search 10-14-2019 0 1	0	1
split columns with multiple values and make into row Hi, I have a query output which have many fields out of which only 2 fields have more than one values. So when thos... by surekhasplunk Communicator in Splunk Search 10-14-2019 0 3	0	3
Charts over X-days Good Day Team, I started reading on Splunk today and I have began my exercises. I am stuck on how to generate charts... by masambaghost Explorer in Splunk Search 10-14-2019 0 4	0	4
Timechart values using an eval field Hello all, I have a search that goes like this: index="_internal" (ticket_type="Incident") (classification="level-... by dojiepreji Path Finder in Splunk Search 10-14-2019 0 1	0	1
How to search values from stats to output other stats Hi, I'm new to Splunk and I'm trying to make the following search work: Search: \| >= 50 document queries from the ... by n00ber Engager in Splunk Search 10-14-2019 1 3	1	3
How to change alignment of String to right side Hi splunkers, After generating the table the columns having string datatype will automatically aligned to left side ... by SanthoshSreshta Contributor in Splunk Search 10-13-2019 0 3	0	3
How to list all sourcetypes I am trying to list all sourcetypes in an index using dc Using index="test" \| stats dc(sourcetype) as sourcetypesonl... by ialahdal Path Finder in Splunk Search 10-13-2019 1 2	1	2
Only one value from subsearch being used by parent I would like all the results from a field extraction in search "A" to be used as search criteria in search "B". I am ... by 775149 New Member in Splunk Search 10-13-2019 0 2	0	2
How to use regex to look for hosts from /24, /25, and /26 subnets? I have a dozen /24 subnets that I am looking to find any IP addresses on that subnet in my search as well as a addres... by rholm01 Explorer in Splunk Search 10-13-2019 0 2	0	2
How to calculate a value from 2 different sources? I am pretty new to splunk. It would be great if someone can help me with a search command. I have productId as one of... by kirthi_d Engager in Splunk Search 10-13-2019 0 4	0	4
How to merge 2 fields and get unique value We have prod and non prod events and trying to display the environment names in dashboard. The prod events contain ho... by dyapasrikanth Path Finder in Splunk Search 10-13-2019 0 4	0	4
Can one do less than greater than comparisons from fields in a lookup table? I have a lookup table that is composed of beginning IP and ending IP addresses for a location and the name of the ass... by beattiedb New Member in Splunk Search 10-13-2019 0 6	0	6
Count of repeated expression in a field Below is sample field value Response : UX 189000055 - RESPONSE1, BB 10437470 - RESPONSE1, AB 11123345 RESPONSE2 If I... by gjjagadeesh New Member in Splunk Search 10-13-2019 0 4	0	4
Displaying logs last x days for every month Not displaying logs more than the last 3 days. This pattern is the same for the last months as well. for example. If... by Kantsplunk New Member in Splunk Search 10-13-2019 0 4	0	4
Finding the Duration between two timestamps I am currently attempting to create a query that returns the Name of the job, Begin Time, Finish Time, and Duration. ... by tyhopping1 Engager in Splunk Search 10-12-2019 0 8	0	8
How to increase the maximum number of concurrent historical searches? Splunk warns that: The system is approaching the maximum number of historical searches that can be run concurrently.... by perlish Communicator in Splunk Search 10-11-2019 4 4	4	4
Help with field extraction regex - com.texh.servers.policy.assertion.ServerAuditDetailAssertion: com.texh.log.custom.Applications: com.texh.log.cu... by snallam123 Path Finder in Splunk Search 10-11-2019 0 4	0	4
Field Extraction: Regex global flag/modifier Hi Splunkers, I know that it is possible to match multiple times using rex (using max_match=0). Can I apply the sam... by konnex Explorer in Splunk Search 10-11-2019 0 5	0	5
Need help to speed up a search the below search is what I have working now to see what users are not in the first event code. index="wineventlog" ... by lgrachek Explorer in Splunk Search 10-11-2019 0 11	0	11
Expand button in tables Hi all, I tried finding my answer in the existing topics, but I couldn't find it. So I created my own topic. Maybe i... by makstra New Member in Splunk Search 10-11-2019 0 1	0	1
Problem with optimization of the regex: limits.conf Hi I have a problem with the error message of the Splunk: Error in 'rex' command: regex="(?ms)]+^\s\" has exceeded c... by spisiakmi Contributor in Splunk Search 10-11-2019 0 6	0	6
How to delete unwanted special characters in alphanumeric string? I have a string as below, I need to delete the below special character and make the below as a single value. 123asds... by ravimmm Explorer in Splunk Search 10-11-2019 1 6	1	6
Generating custom command not streaming output I have created following custom command: @Configuration(streaming=True) class GenerateTextCommand(GeneratingCommand)... by jakubzak Explorer in Splunk Search 10-11-2019 1 0	1	0