Splunk Search

Community Activity

regex to replace numeric value as astreik i want search search level field extraction command to replace all numeric value as astriek Name = Dell vostro 20... by DataOrg Builder in Splunk Search 09-17-2019 0 1	0	1
How to calculate Splunk session for a user ? Hi Experts, I want to create a report for last 24 hours which provides the information like how many hours users was... by vikas_gopal Builder in Splunk Search 09-17-2019 0 4	0	4
Is there any way to use fillnull conditionally I have a requirement, where i need to switch the fillnull value between Excluded and N/A. So is there any way that ... by Maniteja81 New Member in Splunk Search 09-17-2019 0 2	0	2
Retrieve Pevious Work and Queries Hi Splunkers. I'm new on this tool so I'm going to ask you a question. I've worked on a little project and also saved... by WhistlingFawn Engager in Splunk Search 09-17-2019 0 1	0	1
Create a colorPalette that includes NOT LIKE case for fields that are blank Working to create a colored chart that when an alarm is acknowledged, the system generates a new message with the use... by noob4now New Member in Splunk Search 09-17-2019 0 0	0	0
Stats count question I have a requirement to find whether multiple users from the same source IP failed authentication for example. My te... by willadams Contributor in Splunk Search 09-17-2019 0 1	0	1
How can I display an apostrophe in a column title? I'm trying to put an apostrophe in a colunm title into a dashboard I tried with renameand fieldformat but it does'nt ... by usernamejpblais Engager in Splunk Search 09-17-2019 0 1	0	1
search/subsearch using json array I have logs being stored in json that shows accounts being given access to data. I need to validate that the accts ar... by a238574 Path Finder in Splunk Search 09-17-2019 0 1	0	1
How to determine if a group is not used ? Hi all, Here is my problem: on the one hand, I have a lookup which is a list of group names. On the other hand, I ha... by ckieken Engager in Splunk Search 09-17-2019 0 2	0	2
Specific Application Search I am trying to write a query that searches for a particular "application" that is installed to a number of machines. ... by willadams Contributor in Splunk Search 09-16-2019 0 1	0	1
Regex working in Regex101 and not Splunk Hello, I've put together two Regex expressions to capture specific words from a syslog entry. First Regex is to capt... by danielkhouri Engager in Splunk Search 09-16-2019 0 5	0	5
Convert string to command, for dynamic union search TL;DR - Is there a way (without custom scripts or commands) to run a command from a string in the format of a union t... by jlr Explorer in Splunk Search 09-16-2019 0 2	0	2
How to extract fields from the below log and craete a cloumn in a tabular form so that i can create a report?? [2019-09-14 23:55:22,499] [INFO] [goldilocks-Process Finished Successfully Hello All, From the above log I want t... by abhi5803 New Member in Splunk Search 09-16-2019 0 0	0	0
Why is there a delay in applying field extraction updates? Whenever I update a field extraction, both from the search head UI field extraction helper, and via props.conf or tra... by phemmer Path Finder in Splunk Search 09-16-2019 2 10	2	10
order result High to Low I have a simple query, listing event codes by host: index=wineventlog sourcetype=WinEventLog:Security Stats count by... by sdewar83 Path Finder in Splunk Search 09-16-2019 0 2	0	2
How to compare search result for first 15 min and last 45 min? Following is the result we got Action_ Name Time Count ABC 1:15 AM 100 ABC 1:30 AM 200... by salavilli0611 New Member in Splunk Search 09-16-2019 0 2	0	2
Search head core network, Free Disk, CPU used, memory free %... which index I use there are index =os and index=_internal . Index=os, where there all info about OS performance data of servers (host),... by htramtran83 Explorer in Splunk Search 09-16-2019 0 1	0	1
How to get total count of events excluding specific time range for certain days? Can anyone please help? I want to display the total count of events occurred in a week (but excluding specific day/t... by sahil237888 Path Finder in Splunk Search 09-16-2019 0 2	0	2
How to make column headers multi-lined I wish to have a chart where column headers are broken into three lines and row ones into two base search\| \|eval sep... by ChrisCLewis Communicator in Splunk Search 09-16-2019 0 0	0	0
How to count the numbers of occurrence for two value I have the following search: sourcetype="placingOrder" Code=504 host="localhost*" \| stats count by Path The output... by JyotiP Path Finder in Splunk Search 09-16-2019 0 7	0	7
Force users to always use "optional" field with built-in SPL command I'd like to ensure that all users on my search head are forced to include a specific field (along with a specific val... by brinley Path Finder in Splunk Search 09-16-2019 1 0	1	0
RegEx Help Needed Hi guys, I'm a complete newbie when it comes to RegEx, but I was wondering if someone could please advise on how I c... by danfinan Explorer in Splunk Search 09-16-2019 0 6	0	6
Dynamic trim of field at both start and end Hi, i have a field that i need to trim. The field can have a number of different strings, for which i want to trim ev... by ramgnisiv Path Finder in Splunk Search 09-16-2019 0 2	0	2
How to produce a table visualization that spans time? The following SPL returns data for all returns for a day. How can I just return the maximum return for the day? Exam... by sjlaplac Loves-to-Learn Lots in Splunk Search 09-16-2019 0 3	0	3
Total Account lockouts > 2 within 30mins Hi There, I am trying to find where total account lockouts that are greater than 2 within the time frame of 30 mins.... by siddh01r New Member in Splunk Search 09-16-2019 0 4	0	4