Splunk Search

Community Activity

	How to access a property on the last element in an array,accessing last element in json array? Hi I have json events that have an array with objects and i want to extract a property from it Some pseudo search co... by marcovdlinden New Member in Splunk Search 08-30-2019 0 2	0	2
	Why is search not executing? Hello I am using Splunk to analyze results from Qualys Vulnerability Scanning I have noticed that one of my searche... by mmor New Member in Splunk Search 08-30-2019 0 3	0	3
	How to round down time to nearest 10th minute Hi, I want to convert my now() time to round down to nearest 10th minute. For e.g. If now returns 10:02 I want it t... by sammyshinde14 New Member in Splunk Search 08-30-2019 0 3	0	3
	splunk command to repair buckets hi, can i please know the splunk command to rebuild the buckets in a directory . I used splunk rebuild directory_nam... by kteng2024 Path Finder in Splunk Search 08-30-2019 0 4	0	4
	Check if IP address from search not in list of IP address I am still learning Splunk and trying to understand best way to find if IP addresses in my search results are NOT in ... by ashishmgupta Explorer in Splunk Search 08-29-2019 0 2	0	2
	How to access the raw data collected by Splunk? I want to access the log files from Web servers, Micro Services, by protocol (HTTP, SOAP, FTP, etc.) or Databases. Wh... by sc2019 New Member in Splunk Search 08-29-2019 0 2	0	2
	How to get match to work with two sources Okay so here's the problem, 2 sources and I have to rex out a file name and match it to a field within another file i... by rossparfect Path Finder in Splunk Search 08-29-2019 0 13	0	13
	How to get percentage of values for a field based on total number from different search Hi, I have been pulling my hair to get this to work, but couldn't, and any help would be very much appreciated. I h... by fullstackdev New Member in Splunk Search 08-29-2019 0 4	0	4
	Events with Tab Delimited values Hi All, I have some logs which are mostly tab delimited I used props and transforms to set up the delimited extracti... by akshatj2 Path Finder in Splunk Search 08-29-2019 0 3	0	3
	How to search result in data and put it in a table I need to create a table from the results in the query below. where the utilization is greater than or equal to .7. ... by codedtech Path Finder in Splunk Search 08-29-2019 0 5	0	5
	EVAL Total Duration in Minutes Across 2 Indexes ive created a table with monitoring in for our daily checks However I still need to do an eval to get the Total Dura... by lavster Path Finder in Splunk Search 08-29-2019 0 5	0	5
	Why isn't the rename command not renaming fields? I'm currently creating a list that lists top 10 technologies and I'm trying to rename "Red" as "Red Hat" using the re... by payton_tayvion Path Finder in Splunk Search 08-29-2019 0 4	0	4
	Build a parent child relation Hi All, Below is my situation: parentkey childkey b c 0 a a b b d b ... by bharathkumarnec Contributor in Splunk Search 08-29-2019 0 4	0	4
	How to condense names and change to number? This is a very basic question. I have a set of data that gives me a list of groups and the names of each user in each... by darrenaefc Engager in Splunk Search 08-29-2019 0 4	0	4
	How to count errors for only a certain application? Hi, my query returns exceptions thrown by every application. How do I filter this query to display only certain appli... by lsy9891 Engager in Splunk Search 08-29-2019 0 3	0	3
	How to generate the regex to extract distinct values of this field? Hi, I have events with the field WindowsIdentity. Some examples of this field values are: WindowsIdentity: IIS APPP... by lsy9891 Engager in Splunk Search 08-29-2019 0 7	0	7
	zero'ing counter problem (and associated graph spike explosion) Hi Splunk gurus. I have a query problem thats been challenging me for a while. When my polling breaks, or when co... by keiran_harris Path Finder in Splunk Search 08-29-2019 0 2	0	2
	Multivalue input choice box length css Hello there! I am looking for a way to adjust multivalue choice box length to keep them on one line. I have already... by D2SI Communicator in Splunk Search 08-29-2019 0 2	0	2
	Get numbers Hi, I need to get numbers between event. 1) event: Heap: 12.8G(15.0G), and 12.8 all the time is changing, and I nee... by pudanelilita Explorer in Splunk Search 08-29-2019 0 6	0	6
	curl / python api fails on regex - scripted input When i run this in curl curl index=text\|rex field=_raw "ApplicationRegistry-(?.*)" max_match=0 \|table source,sourcety... by 9738078959 Engager in Splunk Search 08-29-2019 0 2	0	2
	Custom Role - Unable to search any indexes I have setup splunk enterprise 7.2.1. Custom roles are created under $SPLUNK_HOME/etc/system/local/ authorize.conf ... by potluri_88 Explorer in Splunk Search 08-29-2019 0 3	0	3
	One field and multiple custom values and get percentages Hi, I need hep to create table, which shows multiple custom values / field count / % example, how it need to look: by pudanelilita Explorer in Splunk Search 08-29-2019 0 2	0	2
	How to troubleshoot error "Search process did not exit cleanly, exit_code=-1, description="exited with code -1"."? I'm getting the following error. How do I troubleshoot? Search process did not exit cleanly, exit_code=-1, descript... by mrtolu6 Path Finder in Splunk Search 08-29-2019 0 6	0	6
	Save results of saved search back into an index. Can we save results of a saved search/ search back into splunk. Something similar to a view in SQL database. Splunk q... by johnsasikumar Path Finder in Splunk Search 08-28-2019 0 1	0	1
	Is the Enterprise Security 'ECSU - Remote Desktop Network Bruteforce - Rule' correlation search incorrect? Hi Splunkers, I was wading through some of the Enterprise Security correlation searches and I noticed that the Remot... by grashupfer Engager in Splunk Search 08-28-2019 0 0	0	0