Splunk Search

Community Activity

The LDAP connector in splunk is generating a ton of successful logins. The ldap connector that is used to map AD groups is generating a ton of events, is there a way to stop that? Ive tr... by rmontoya746 New Member in Splunk Search 07-11-2019 0 0	0	0
REX Extract and/or separate a single field into 1 or 2 fields based on different patterns Need to extract or split a filed value into different fields based on a condition/irregular pattern(or however it can... by sh254087 Communicator in Splunk Search 07-11-2019 0 3	0	3
Sub-search not yielding results in SQL The search below does not yield results like NOT IN SQL. Any suggestion please. earliest=06/19/2019:23:00:00 latest=... by seemakurthy New Member in Splunk Search 07-11-2019 0 3	0	3
how to change background color on panel log results We have a search on a dashboard that spits out results of some log files that we are monitoring. For charts, we can ... by jmabry New Member in Splunk Search 07-11-2019 0 0	0	0
Too many search jobs found in the dispatch directory error I see the error "Too many search jobs found in the dispatch directory error" many time. I know to clean the directory... by jayannah Builder in Splunk Search 07-11-2019 3 5	3	5
How to use search from summary index as a condition in another search? Hi, I have index="ekra_protokol" which has these events: datum_zeit;meldung 2019-06-19 05:56:26.754: Test Drucken .... by spisiakmi Contributor in Splunk Search 07-11-2019 0 5	0	5
Search Query Hi Team, There is an requirement in writing the search query. i.e. index=xyz host=abc source=mno "Server starting" ... by anandhalagarasa Path Finder in Splunk Search 07-11-2019 0 4	0	4
How to replace hostname with IP in result? Hi, splunkers: I have a puzzle that I need to show host IP in result but not the hostname. E.g. after I ran the sear... by aojie654 Path Finder in Splunk Search 07-11-2019 0 7	0	7
identify which user is doing longest searches Hi Everyone! I need some help to identify which user are running longest/bad searches. Sometimes splunk goes very sl... by amirarsalan Explorer in Splunk Search 07-11-2019 0 7	0	7
Rex multiple strings from field query Morning all, I hope this is an easy one where i am just missing some login somewhere. I have a field called errors... by stephenreece New Member in Splunk Search 07-11-2019 0 3	0	3
Need help in extracting json fields Hi Below is my json data format . organisations: { [-] : { [+] } adbsafegate.com: { [... by Nadhiyaa Path Finder in Splunk Search 07-11-2019 0 1	0	1
How to create trellis timechart with stacked bars Hi, I want to create a timechart as trellis with stacked bars. I have the following columns: Workdate, Duration, B... by tdoSplunk Path Finder in Splunk Search 07-11-2019 1 2	1	2
How to use regex to extract field? I have a field "dimension" with values: dimension=InstanceIdentifier=[aaamcehjcdbp01] dimension=InstanceIdentifier... by shugup2923 Path Finder in Splunk Search 07-11-2019 0 2	0	2
Help with Timechart search Hi there, I am just trying to get my head around a visualization that I want to create. Scenario: To identify outl... by chriscioffi88 New Member in Splunk Search 07-11-2019 0 6	0	6
MLTK Forecast time series assistant Hi, I am using the MLTK and tried to use Forecast time series assistant. I have logs on splunk shows the free space ... by sachinbansal New Member in Splunk Search 07-11-2019 0 0	0	0
How to calculate duration of two events with same fields that contain the same value occurred at different time I have following sample events of a problem having field State open and Resolved. _time ID Title ... by avni26 Explorer in Splunk Search 07-10-2019 0 5	0	5
Chart not displaying unique counts I'm trying to chart the count of how many different methods are detected during a specific search. The methods are in... by sheloaha Path Finder in Splunk Search 07-10-2019 0 1	0	1
apply field value to remaining event till next field found I have below sample events- 7/5/2019 04:24:00 name=test 7/5/2019 04:24:01 dcsdc 7/5/2019 04:24:02 dsac,z="121" 7/5/... by ips_mandar Builder in Splunk Search 07-10-2019 0 12	0	12
How to extract all values from a field with multiple values? Hello, I get the event, IP="127.0.0.1",..., TAG_NAME="GRP_ROOT_MGT", TAG_NAME="GRP_IS_MM_MGT", TAG_NAME="GRP_RB_NN_... by Lindaiyu Path Finder in Splunk Search 07-10-2019 0 7	0	7
Search for first event I would like to write a search of traffic data that will return _time,user,src_ip for the first occurrence. However,... by balcv Contributor in Splunk Search 07-10-2019 0 11	0	11
Output of inner query is returned in a single line Hi Friends, Apologies for my ignorance, but I have a problem formatting the output of the result from a sub-query. ... by kavyadekkata Explorer in Splunk Search 07-10-2019 0 0	0	0
Token reference for TimeChart panel Hi, I am currently trying to do a drill down for my panel when i click on each month. However when I click on the mo... by synastraa Path Finder in Splunk Search 07-10-2019 0 2	0	2
How to find out one of the host of ip adresses? what is the command to find out one of the host name of Ip adress. by phanichintha Path Finder in Splunk Search 07-10-2019 1 4	1	4
Configuring intel_rdt for collectd Hi there, I'm new to collectd and have really been struggling with the documentation and finding necessary files. I'... by shubhaj New Member in Splunk Search 07-10-2019 0 0	0	0
Total Logon Count for Each month Hello Splunk Gurus I need help with the following. I am sure it is pretty simple command but my head stopped working... by carlyleadmin Contributor in Splunk Search 07-10-2019 0 3	0	3