Splunk Search

Community Activity

Dependent Dropdown eroor Hello all, I have 2 dropdown one is parent dropdown and other is the dependent child dropdown. dropdown1 has valu... by ajitshukla61116 Path Finder in Splunk Search 06-27-2019 0 1	0	1
Transaction shows incomplete statistics Hi All, I am trying to group the events using transaction command but looks like some of the data is not visible in t... by sunnyb147 Path Finder in Splunk Search 06-27-2019 0 7	0	7
How to compare same period with timewrap I want to compare statistics of events between 2 weeks, day per day. I count events for every day in real time but w... by faribole Path Finder in Splunk Search 06-27-2019 0 0	0	0
Search lookup rename and use values not in CSV file Wondering can this be done - I'm trying to use IPs (there's 50 of them) from a CSV file for a dashboard to Name ones ... by cdohertypp New Member in Splunk Search 06-27-2019 0 5	0	5
Dots/gaps in timechart when using sum(packets) by destination When I use "(base search) \| timechart sum(packets) by destination useother=f usenull=f", I get gaps in my timechart:... by splunklearner12 Path Finder in Splunk Search 06-27-2019 0 2	0	2
What is browserconfig.xml in Splujnk and why user trying to access? Hi, In our access log of Splunk we found user access to the file browserconfig.xml which is not on the splunk server... by tfechner Path Finder in Splunk Search 06-27-2019 0 1	0	1
How do I match an IP address to a range that spans multiple CIDRs? I am trying to match IP addresses in the block of addresses - 10.120.1.0 through 10.120.13.255. This range spans se... by scottrunyon Contributor in Splunk Search 06-27-2019 1 3	1	3
Mapping data from small sourcetype to another larger sourcetype Hello! I'm having this issue of merging data from one sourcetype to another larger sourcetype. Example: index=ecs_in... by tleduc New Member in Splunk Search 06-26-2019 0 2	0	2
Can I get a count of distinct values in multivalue field? What I'm looking for is a hybrid of the stats list() and values() functions. First, I'd like the list of unique valu... by hulahoop Splunk Employee in Splunk Search 06-26-2019 3 7	3	7
How to create a search that can Event count by Vendor/Product by Day for past 30days? Hey All, I am trying to create an efficient search that I can schedule and run once a month to create some metrics. ... by adalbor Builder in Splunk Search 06-26-2019 0 16	0	16
[INGEST_EVAL] Regex replace stops after 1000 chars Hi, I'm trying to convert a hex string to readable ascii text at index time, inspired by this solution: https://answ... by tobias_stegmann Observer in Splunk Search 06-26-2019 0 3	0	3
How to search partial field names and exclude events that contain no value Hi, I want my search to only return events that have field names matching Feature.Flags* My data currently has the be... by ganon640 New Member in Splunk Search 06-26-2019 0 1	0	1
Regex help extracting session ID 10.249.68.17 0000aJyyyQvMs5xIb7KGdRxRTl98AhhUNq0lMLQ8RQ8szjFp4gtHI:1cq4afaa7 12.119.53.11 - - [26/Jun/2019:13:06:37... by reverse Contributor in Splunk Search 06-26-2019 0 12	0	12
Regex: Help extracting user ID, session ID, and browser 2019.06.26 13.18.18.186 ERROR presentation [WebContainer : 5]: ********Browser information - *********Mozilla/5.0... by reverse Contributor in Splunk Search 06-26-2019 0 5	0	5
Calculating Median of Count over Time Hello, I am trying to find outliers on a graph by using the median absolute deviation on a graph. I know that the ma... by cxr5971 Path Finder in Splunk Search 06-26-2019 0 6	0	6
Regex help - disregard everything after a match I have the following regex that is pulling the sender and receiver domains: "SenderAddress":"\w+.@(?<s_domain>.)",... by jwalzerpitt Influencer in Splunk Search 06-26-2019 0 11	0	11
Copy and Paste search string Hi! I am trying to create a report which I will use as a dashboard panel, to show me who has been copying and pasting... by daviess158 New Member in Splunk Search 06-26-2019 0 3	0	3
excluding weekends and overnights from plotted results I'm trying to plot the average figure from a set of results, however I want to exclude weekends and overnight as the ... by stringbean New Member in Splunk Search 06-26-2019 0 4	0	4
What are the limitations/benefits of using eval inside of stats commands? One of our users is asking the following: -- What are the limitations/benefits of using the eval command inside of t... by ddrillic Ultra Champion in Splunk Search 06-26-2019 0 9	0	9
how to append query ? Hi Guys i have 3 queries query 1 : identity/phones/retrieve AND "[HTTP-STATUS-CODE]" \| stats count as Total query ... by venkat0896 Path Finder in Splunk Search 06-26-2019 0 3	0	3
Lookup table permission cannot be changed to global because of this error : : Cannot move asset lacking a pre-existing asset ID we are getting this error only for during lookup permissionchange in splunk search head cluster : Splunk could not up... by benazir Explorer in Splunk Search 06-26-2019 0 0	0	0
Firewall Log: How to send API calls to abuseIPDB and deal with results in splunk to get threat score? Hi there, I have been dealing with Splunk for two weeks now. My intention was to make firewall drops from an Unifi Se... by hauwech Engager in Splunk Search 06-26-2019 1 2	1	2
How to compare two fields from two different searches and display results with matches and mis-matches? I am running 2 different searches and have to compare the each value in one field with the values in the other field.... by hasham19833 Loves-to-Learn Lots in Splunk Search 06-25-2019 0 6	0	6
Why are special characters replaced with UTF-8 after exporting table to CSV? Hi all, When uploading a .csv file to Splunk, utf-8 is selected as the encoding type. Special characters look fine wh... by dojiepreji Path Finder in Splunk Search 06-25-2019 0 1	0	1
How to count the distinct list values My results look like these: V1 V2 A X Y Z Z X Y Y B X X X Y Z Z X Y Y V2 IS A LIST. I want to add V3 c... by reverse Contributor in Splunk Search 06-25-2019 0 7	0	7