Splunk Search

Community Activity

How to get common values in two different fields in two different searches Hi all, I'd be grateful if you could help me with this. I have read other similar questions but none of them seem to ... by xiantros Engager in Splunk Search 10-08-2019 0 7	0	7
Please help for ssl for splunkd - Splunk runs but cannot log in and is slow Hello I want to secure splunkd DS->clients with self-signed ssl cert but for some reason it doesn't work. From splun... by net1993 Path Finder in Splunk Search 10-07-2019 0 2	0	2
How to sort the result set or remove paging on trellis chart? Hi All, I am trying to create a trellis chart to provide the details of 32 components. Trellis chart is showing just... by mjsplunk_007 New Member in Splunk Search 10-07-2019 0 1	0	1
Is there a way to automate diag to support? All, Silly question - Is there a way to automate the sending of diags to Splunk support? I'd like to know they have... by daniel333 Builder in Splunk Search 10-07-2019 1 2	1	2
What is a Workbook in Splunk Investigate? What is a Workbook in Splunk Investigate? by bjanczer_splunk Splunk Employee in Splunk Search 10-07-2019 0 3	0	3
How to search two Indexes based on matching fields and add fields from both indexes to a table I'm new to splunk And i'm trying to add some logic to reduce false positives. I have two indexes Index=A index=B B... by jrindfleisch Observer in Splunk Search 10-07-2019 0 4	0	4
What's the delay between last event written to disk and now()? All our cyber alerts are now based on the last five minutes of indexed data. Therefore we wondered about a potential ... by danielbb Motivator in Splunk Search 10-07-2019 0 5	0	5
extract uri /hk-zh/shop/buy-phone/phone-1/5.8-%E5%90%8B%E9%A1%AF%E7%A4%BA%E5%99%A8-256gb-%E9%8A%80%E8%89%B2 1059 /hk/shop/buy-pho... by sandeepmakkena Contributor in Splunk Search 10-07-2019 0 2	0	2
How do I access the Splunk Investigate Slack Channel? How do I access the Splunk Investigate Slack Channel? Can you please share the link? by bjanczer_splunk Splunk Employee in Splunk Search 10-07-2019 0 1	0	1
Help extracting alphanumeric string after matching pattern {"line":"2019-10-05 03:58:11.627 ERROR [xxx-csscsc0sssscs-xxxx] 1 --- [nio-8080-exec-2] c.u.f.b.s.registryImpl : \u0... by harishnpandey Explorer in Splunk Search 10-07-2019 0 2	0	2
Best way to format out time field for average time I am using the linux time command to see how long it takes to run a process. My logs show as runtime=0m0.000s So ex... by agentguerry Path Finder in Splunk Search 10-07-2019 0 1	0	1
Problem calculating fields at index time when input csv fields are all quoted I was wondering if anyone knows about the next, and if there’s any solution: I have tried to calculate two fields at... by cajose3pepe New Member in Splunk Search 10-07-2019 0 2	0	2
CSV empty quoted field extraction problem Hi there, I have the next CSV file: "CLM_TIMESTAMP","CLM_DATE","CLM_NUMBER" "1569301200","24/09/2019 00:00:00","389... by cajose3pepe New Member in Splunk Search 10-07-2019 0 3	0	3
System and Nobody had no roles I am trying to get the System access attempts with invalid credentials. Folks with unknown user names. I am using th... by dcrooks_cbp New Member in Splunk Search 10-07-2019 0 4	0	4
Timecharts and Multiple Operating Systems I'm currently attempting to make a 6 month trend of multiple OS' compliance percentages into one timechart, but am ru... by giventofly08 Explorer in Splunk Search 10-07-2019 0 5	0	5
How to search csv for values in a lookup table? I have a large csv with lots of columns and a lookup table below payload .exe .zip *.7z How do I search all fiel... by akke Explorer in Splunk Search 10-07-2019 0 1	0	1
How to use two different search time ranges in one splunk rule? I have the following scenario: I have to find events with certain specifications in the last 15 minutes, and the sear... by veromihaiu Path Finder in Splunk Search 10-07-2019 0 5	0	5
Is it possible to split lines and re-use certain fields? I have thise event: ID=FAKE_ID_NAME,TS=1570441680,F1=1380,F2=60,F3=60,F4=1500 For my analysis it would be very usef... by wvanloon New Member in Splunk Search 10-07-2019 0 4	0	4
How to combine multiple field values to create single field name in eval statement. Hi, I'm trying to combine the values of multiple fields to together form a single field name in an eval if statement... by jurjenterpstra New Member in Splunk Search 10-07-2019 0 3	0	3
Use Kafka Streams to perform Splunk Transaction Hello, My client uses an email solution that produces a log for each step in email processing, hence, we have a vari... by zineddine New Member in Splunk Search 10-07-2019 0 0	0	0
timechart sorting multiple fields I have the following query index="search_index \| timechart avg(time1) as time1_in_mins ,avg(time2) as time2_in_min... by balash1979 Path Finder in Splunk Search 10-07-2019 0 3	0	3
Matching showing incorrect values Hi guys & girls, about the following query: \| makeresults \| eval expectedm="10" \| eval expectedM="1" \| eval match=c... by RobertEttinger8 Explorer in Splunk Search 10-07-2019 0 3	0	3
Using external lookup and mstats together Hi All, I have a search like this: \| mstats span=1d sum(_value) as "ClosedTime" WHERE index=metrics_prod metric_nam... by zahorans New Member in Splunk Search 10-07-2019 0 7	0	7
Count of values in from values() function hello there, I am trying to create a search that will show me a list of ip's for logins. issue is i only want to see... by msmapper Path Finder in Splunk Search 10-07-2019 1 3	1	3
How to use Splunk ODBC driver to import an excel report to splunk? Hi All, I want to import a scheduled excel report generated from one prod system to splunk. When I manually imported... by sara91 Explorer in Splunk Search 10-07-2019 0 1	0	1