Splunk Search

Community Activity

Merge two logs to get the desired Dashboard I need to create a dashboard panel merging two different search queries. I have below two queries:Kindly help on this... by shashankk Communicator in Splunk Search 04-19-2024 0 8	0	8
Need to replace null values to space or some other valuefs in output table results My splunk query able to get the required results using below query. After running the query, I get NULL values in on... by ravir_jbp Explorer in Splunk Search 04-19-2024 0 1	0	1
Extract aws service name from source field of metadata Hi All,I want to extract service name from sourcetype="aws:metadata" and source field.Example : 434531263412:eu-centr... by Poojitha Communicator in Splunk Search 04-19-2024 0 7	0	7
How to create new field based on regex? I have a log stream in this format:level=info request.elapsed=100 request.method=GET request.path=/orders/123456 requ... by codewarrior Loves-to-Learn Everything in Splunk Search 04-18-2024 0 5	0	5
How to join or corelate 3 different index/sourcetypes in single query Hi,I have requirement as below, please could you review and suggest ?Need to pick up all client ids from application ... by selvam_sekar Path Finder in Splunk Search 04-18-2024 0 3	0	3
How to convert IP to decimal HelloMy lookup table has fields of src_ip, dst_ip, and description.src_ip=192.168.1.1dst_ip=192.168.1.100description=... by KwonTaeHoon Path Finder in Splunk Search 04-18-2024 0 4	0	4
Need to filter particular job name from the list of job names which were extracted using rex Hi Team,Good day!We have extracted the set of job names from the event using the below rex query.index=app_events_dwh... by Renunaren Loves-to-Learn Everything in Splunk Search 04-18-2024 0 4	0	4
How to get count of continous events of a field Hi All,I have a json event which has test cases and test case status and jenkins build number. There are many test ca... by anooshac Communicator in Splunk Search 04-18-2024 0 1	0	1
Could not have data summary As per the above screenshot I am unable to view the Data summary tab in our Splunk search environment by PoojaChand02 New Member in Splunk Search 04-17-2024 0 3	0	3
Parsing multiple values in fields from JSON key value format I have some JSON output that is in key value structure (protobuf3 formatted--this is OTLP data going into Splunk Ente... by sholl Engager in Splunk Search 04-17-2024 1 2	1	2
Rex has exceeded configured match_limit, consider raising the value in limits.conf. In our log, I'd like to extract statusText and categorize it in table to see how many error response statusCode and s... by ssh Engager in Splunk Search 04-17-2024 0 3	0	3
get single field values from multiple field values Hi All,I have an output from a lookup table in splunk where the team work timings field is coming as::TeamWorkTimings... by avi123 Explorer in Splunk Search 04-17-2024 0 2	0	2
Timechart but based on 2+ more user selections Hi everyone, I have a line chart which works perfectly but only for one single value: index=events ComputerName=* Acc... by redrabbit Observer in Splunk Search 04-17-2024 0 1	0	1
How to convert the Row data into 1 column Hi Can you please let me know how i can display the below 3 rows in a single row : Query : index=events_prod_cdp_pena... by Real_captain Path Finder in Splunk Search 04-17-2024 0 3	0	3
How to exclude alert to trigger during maintenance window Requirement - alert only needs to trigger outside window even if server is down in maintenance window \| tstats count ... by suhanishah Loves-to-Learn Everything in Splunk Search 04-17-2024 0 12	0	12
Matching a field in a string using if/eval command. I have two logs below, log a is throughout the environment and would be shown for all users. log b is limited to spe... by aotuga001 Explorer in Splunk Search 04-16-2024 0 6	0	6
How to convert the below into a tabular format using rex message: Updated Components { "servicechannel": [ { "LastmodifiedBy": "XYZ", "ModifiedDate": "2024-04-15T17:20:09.000... by sowbhagya Loves-to-Learn in Splunk Search 04-16-2024 0 2	0	2
How can I extract field's from given JSON array and display running total of numeric column {"id":"0","severity":"Information","message":[{"TARGET_SYSTEM":"SEQ","FUNCTION_NAME":"CPW_02170","TOTAL":"121257","PR... by gauravkumar85 Path Finder in Splunk Search 04-16-2024 0 2	0	2
Multi value field search \| Unexpected output I need to report hosts that are configured to receive app.log details and also report the ones that are missing. For ... by rahulkawadkar Loves-to-Learn Lots in Splunk Search 04-16-2024 0 3	0	3
Compare inputlookup values and look for partial match with a field from search I have an inputlookup that has a list of pod names that we expect to be deployed to an environment. The list would lo... by fishn Explorer in Splunk Search 04-16-2024 0 6	0	6
Alert Query not working as expected index=app-logs sourcetype=app-data source=app.logs host=appdatajs01 OR host=appdatajs02 OR host=appdatajs03 OR hos... by mahesh27 Communicator in Splunk Search 04-15-2024 0 5	0	5
How to add checkbox using dashboard studio? I don't see checkbox as part of the inputs list. It is possible in simple xml but would like to know how it can be ac... by ashwini_hosbet Loves-to-Learn in Splunk Search 04-15-2024 0 4	0	4
Comparing differences in the same field depending on the row grouping field I'll try to explain it with a basic example. As an output of a stats command I have:detectionquerysearch1google.comya... by jo54 Explorer in Splunk Search 04-15-2024 0 2	0	2
tstats via REST API Greetings folks, and thanks in advance for a little brainpower here. I'm definitely a splunk novice.I'm trying to pu... by ryanstaats New Member in Splunk Search 04-15-2024 0 3	0	3
Error in 'where' command: The expression is malformed. Expected ). So I am creating a dashboard and I keep getting this error: Error in 'where' command: The expression is malformed. E... by sumarri Path Finder in Splunk Search 04-15-2024 0 5	0	5