Splunk Search

Community Activity

	filter using where command with AND & OR operators. I have two fields (lets say.) AA and BB, I am trying to filter our results where AA and BB = 00 OR 10 using something... by man03359 Communicator in Splunk Search 04-24-2024 0 3	0	3
	How can I get a stats count number of events in a field? how to do a - stats count number of events in a field? index=sm auth \| status count(events) by Field. is not worki... by knarayana New Member in Splunk Search 04-24-2024 0 10	0	10
	need to add the respective time for the maximum response time index=abc host IN ()\| stats max(response_time) as "Maximum Response Time" by URL\| sort - "Maximum Response Time"I nee... by Devi13 Path Finder in Splunk Search 04-24-2024 0 4	0	4
	Group and count events within 100ms occurence Hello, I have the following data. I want to return tabled data if the events happened within 100ms, and they match by... by svukov Loves-to-Learn in Splunk Search 04-23-2024 0 2	0	2
	How to extract json field values? Hi All,I have a field called content.payload and the value is like .How to extract these values{fileName=ExchangeRate... by karthi2809 Builder in Splunk Search 04-23-2024 0 1	0	1
	How to calculate size of Index what are the different ways to calculate size of one index ?looking for solutions other than "licence_usage.log".Appr... by Anantha123 Communicator in Splunk Search 04-23-2024 0 3	0	3
	Combine Multiple Queries output and produce the result in table format Hi Team, I require merging three queries originating from the identical index and sourcetypes, yet each query necessi... by anandhalagaras1 Contributor in Splunk Search 04-23-2024 0 11	0	11
	How to separate sets of information with same field values without using JOIN? Hi All,I have field called filename .SO i want to populate the result from the filename field and i created two joins... by karthi2809 Builder in Splunk Search 04-23-2024 0 3	0	3
	Can a calculated value be used for the latest parameter in a following SPL query I am needing to find earlier version number of linux patches. I have to compare many patches, so I was wanting to use... by jlundtristate Loves-to-Learn in Splunk Search 04-22-2024 0 10	0	10
	Conditional Search Hello,I have this search for tabular format. index="webbff" "SUCCESS: REQUEST" \| table _time verificationId code BROW... by mursidehsani Explorer in Splunk Search 04-22-2024 0 2	0	2
	How to retrieve value from lookup for multivalue field I have a lookup like this NameStatusExamIDJohnPass123BobPass345JohnFail234BobPass235SmithFail231 My Events are having... by NAGA4 Engager in Splunk Search 04-22-2024 0 5	0	5
	Help with splunk search query Could someone help me in deriving solution for this case below?Background : We have an app and in which we set all ou... by NAGA4 Engager in Splunk Search 04-22-2024 0 0	0	0
	Search within the search I need to identify hosts with errors, but only in block modeMY SPL--------- index=firewall event_type="error [search ... by bigll Path Finder in Splunk Search 04-22-2024 0 15	0	15
	Deployment client resolving to old deployment server Hi All,I have deployed new deployment server (aws ec2 instance) and updated the existing route53 dns entry to point ... by Poojitha Communicator in Splunk Search 04-22-2024 0 3	0	3
	Want to extract field from JSON from complex json My row data will look like below _row={"id":"0","severity":"Information","message":"CPW Total= 844961,SEQ Total =2448... by gauravkumar85 Path Finder in Splunk Search 04-22-2024 0 8	0	8
	Filed extraction Hi Community,I have a question about regex and extractionI have _raw data in 2 rows/lines (key and value) and I have... by moinoddinyadgir Loves-to-Learn in Splunk Search 04-19-2024 0 5	0	5
	Merge two logs to get the desired Dashboard I need to create a dashboard panel merging two different search queries. I have below two queries:Kindly help on this... by shashankk Communicator in Splunk Search 04-19-2024 0 8	0	8
	Need to replace null values to space or some other valuefs in output table results My splunk query able to get the required results using below query. After running the query, I get NULL values in on... by ravir_jbp Explorer in Splunk Search 04-19-2024 0 1	0	1
	Extract aws service name from source field of metadata Hi All,I want to extract service name from sourcetype="aws:metadata" and source field.Example : 434531263412:eu-centr... by Poojitha Communicator in Splunk Search 04-19-2024 0 7	0	7
	How to create new field based on regex? I have a log stream in this format:level=info request.elapsed=100 request.method=GET request.path=/orders/123456 requ... by codewarrior Loves-to-Learn Everything in Splunk Search 04-18-2024 0 5	0	5
	How to join or corelate 3 different index/sourcetypes in single query Hi,I have requirement as below, please could you review and suggest ?Need to pick up all client ids from application ... by selvam_sekar Path Finder in Splunk Search 04-18-2024 0 3	0	3
	How to convert IP to decimal HelloMy lookup table has fields of src_ip, dst_ip, and description.src_ip=192.168.1.1dst_ip=192.168.1.100description=... by KwonTaeHoon Path Finder in Splunk Search 04-18-2024 0 4	0	4
	Need to filter particular job name from the list of job names which were extracted using rex Hi Team,Good day!We have extracted the set of job names from the event using the below rex query.index=app_events_dwh... by Renunaren Loves-to-Learn Everything in Splunk Search 04-18-2024 0 4	0	4
	How to get count of continous events of a field Hi All,I have a json event which has test cases and test case status and jenkins build number. There are many test ca... by anooshac Communicator in Splunk Search 04-18-2024 0 1	0	1
	Could not have data summary As per the above screenshot I am unable to view the Data summary tab in our Splunk search environment by PoojaChand02 New Member in Splunk Search 04-17-2024 0 3	0	3