Splunk Search

Thread Info

regroup similar url without using tons of regex

Hi, Is there a way to regroup similar values without defining tons of regex. Let say I do a search that return url...

by New Member in

Get the 10 recent events for each host.

I am trying to write a search that will pull the 10 (or so) most recent events for each host. The tail and head comma...

by Explorer in

complex stats to trigger on count of events

I have this rule, I need it to trigger when results / count of events is greater than 4 but the "Trigger Condition" d...

by Explorer in

How to search all fields from a lookup CSV file in index event log

Hello Splunk members! I have a CSV Lookup file with 2 columns ClientNameHWDetSystem BD-K-027EY VMware I h...

by Explorer in

How to display specific timezone in table results instead of user preference timezone?

I spent a fair amount of time perusing Google and Splunk Answers but couldn't seem to find a solution that made sense...

by Communicator in

Need to convert only MB values to GB leaving GB values as it is.

Hi All, I have logs like below in splunk: Log1: Tue Feb 25 04:00:20 2024 EST 10G 59M 1% /apps Log2: Tue F...

by Contributor in

Issues with event parsing using prop configuration file

Hello, I have some issues with parsing events and a few sample events are given below: {"eventVer":"2.56", "userI...

by Motivator in

Trimming the value of a savedsearch parameter within the savedsearch

I have a saved "MySearch" that takes a parameter "INPUT_SessionId", something like this: index=foo| ... some stuff|...

by Engager in

How to add space on a text on a single value panel?

Hello,How to add space on a text on a single value? Thank you for your helpAdding spaces did not have any affect....

by Motivator in

How to exclude string keyword in same field while using transaction command?

Thanks in Advance. In my scenario i want to club the the result using correlationID .so i used transaction command ...

by Builder in

Sum of the field based on the other field values

Hi Team,how to Sum of the field based on the other field values.Row1 field values will be 0-9 and a-z.Sample one give...

by Path Finder in

SPL: Longest common substring

Hello everyone, I am looking for a SPL-solution to determine how long the longest common substring of two strings i...

by Path Finder in

Passing lookup file contents as individual search strings

Lookup file `tenants.csv` tenant, tenant1, tenant2, tenant3, tenant4, Desired query inde...

by Loves-to-Learn Everything in

Edit CSV file sent through sendemail command

Hi All,I am trying to send email using sendemail command with csv as an attachment . Email is getting sent successful...

by Path Finder in

Splunk Alerts

I have a search that gives me the total number of hits to my website and the average number of hits over a 5 day peri...

by Loves-to-Learn in

Events return blank results

I don't know what happened,pls look the picture and help me! thanks very much

by New Member in

How to derive percentage of expected and actual count from two searches with different count strategies

Hi,I have two separate searches that are working independently (expected count, actual count). I want to combine the...

by Engager in

Load balancing Splunk UF hosts that are also rsyslog receivers

As the titles suggests, I'm looking into whether it's possible or not to load balance Universal Forwarder hosts that ...

by Path Finder in

Retreive list of alerts shared at app level

Can I retrieve list of alerts shared in App level, Is it possible? |rest /services/saved/searches | search eai...

by Observer in

Drill Down and conditional queries

In a drilldown, I have 2 possible queries and they look like:qry1=index=fed:xxx_yyyy sourcetype="aaaaa:bbbbb:cccc" so...

by Explorer in

How to pass Panels XML dynamically to Splunk XML Dashboard using Javascript?

Hi, I would like to have a xml panels code to be passed from Javascript to Splunk XML code dynamically.For instance...

by Explorer in

Filter specific values from a field in main search by values from same field in subsearch

In my search I have a field (ResourceId) that contains various cloud resource values. One of these values is Instance...

by Path Finder in

Custom Search

query: |tstats count where index=new_index host=new-host source=https://itcsr.welcome.com/logs* by PREFIX(status:) ...

by Communicator in

Splunk query to retrieve logs containing empty query_string

Hello team Below are my splunk logs: {body_bytes_sent: 0bytes_sent: 0host: nice_hosthttp_content_type: -http_refe...

by Path Finder in

Example of connecting snow cmdb ci server to service

We are working to link server information to the services in the ServiceNow CMDB. We are looking for example to relat...

by Loves-to-Learn in

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Splunk Search

Discussions

regroup similar url without using tons of regex

Get the 10 recent events for each host.

complex stats to trigger on count of events

How to search all fields from a lookup CSV file in index event log

How to display specific timezone in table results instead of user preference timezone?

Need to convert only MB values to GB leaving GB values as it is.

Issues with event parsing using prop configuration file

Trimming the value of a savedsearch parameter within the savedsearch

How to add space on a text on a single value panel?

How to exclude string keyword in same field while using transaction command?

Sum of the field based on the other field values

SPL: Longest common substring

Passing lookup file contents as individual search strings

Edit CSV file sent through sendemail command

Splunk Alerts

Events return blank results

How to derive percentage of expected and actual count from two searches with different count strategies

Load balancing Splunk UF hosts that are also rsyslog receivers

Retreive list of alerts shared at app level

Drill Down and conditional queries

How to pass Panels XML dynamically to Splunk XML Dashboard using Javascript?

Filter specific values from a field in main search by values from same field in subsearch

Custom Search

Splunk query to retrieve logs containing empty query_string

Example of connecting snow cmdb ci server to service

Detecting Brute Force Account Takeover Fraud with Splunk

Buttercup Games: Further Dashboarding Techniques (Part 9)

Buttercup Games: Further Dashboarding Techniques (Part 8)

Search for triggered save searches and their actio...

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Using Machine Learning Toolkit to detect auth abus...

Proactively stream data to different index after C...

Splunk Search

Are you a member of the Splunk Community?

Discussions