Splunk Search

Community Activity

Aggregated HTTP Status Code per URL per a time bin/bucket Hi,I have the following fields in logs on my proxy for backend services_time -> timestampstatus_code -> http status c... by brokenboard525 Engager in Splunk Search 04-12-2024 0 2	0	2
EPS in flat file with universal forwarder Hi Team,what is the Events-per-second (EPS) in flat file with universal forwarder? by Meet-Patel Loves-to-Learn Lots in Splunk Search 04-12-2024 0 11	0	11
Correlation Search for brute force HI, I need to upgrade my correlation search for Excessive Failed Logins with Username, \| tstats summariesonly=true va... by toporagno Explorer in Splunk Search 04-12-2024 0 3	0	3
Need help using tag in a query HI If I replace, for example, src=10.0.0.1 with my tag containing src=10.0.0.1 in the query, it doesn't work. Please ... by toporagno Explorer in Splunk Search 04-11-2024 0 2	0	2
Fields are missing Here is the sample log:{"date": "1/2/2022 00:12:22,124", "DATA": "[http:nio-12567-exec-44] DIP: [675478-7655a-56778d... by mahesh27 Communicator in Splunk Search 04-11-2024 0 3	0	3
Custom command description field location Hello, I'm using Splunk Enterprise 9.1.2 on my local Linux machine (in a docker container).When documenting a new cus... by tmaoz Loves-to-Learn Everything in Splunk Search 04-11-2024 0 1	0	1
How to compare and calculate comparison flag for two fields Hi, I have below scenario. My brain is very slow at this time of the day!I need an eval to create Status field as in ... by mbasharat Builder in Splunk Search 04-11-2024 0 2	0	2
Macro Expansion - Possible Bug Hi all! I've got an issue with macro expansion taking an excessively long time when you use the keyboard shortcut - ... by etoombs Path Finder in Splunk Search 04-11-2024 0 5	0	5
Not all fields showing up index=test-index (data loaded) OR ("GET data published/data/ui" OR "GET /v8/wi/data/*" OR "GET data/ui/wi/load/succes... by Santosh2 Path Finder in Splunk Search 04-11-2024 0 6	0	6
Compare search results Hello,I have these two results, I need to compare them and tell me when they are different, could you help me.Regards... by Miguel3393 Path Finder in Splunk Search 04-10-2024 0 1	0	1
To find the count of specific fields Hi Team I want to know if it is possible to find the count of specific fields and show them in different columns.Exam... by Real_captain Path Finder in Splunk Search 04-10-2024 0 2	0	2
Join two searches together by host I am trying to join two searches together to table the combined results by host. First search below is showing number... by scout29 Path Finder in Splunk Search 04-10-2024 0 7	0	7
How to extract a value from fields when using stats()? Thanks in AdvanceHi Guys,I need to extract limited values from fields:Query :index="mulesoft" applicationName="s-conc... by karthi2809 Builder in Splunk Search 04-10-2024 1 15	1	15
Search command. - Hi I am not sure about this value risk score. How do i create dashboard tile for this fields by jaibalaraman Path Finder in Splunk Search 04-09-2024 0 8	0	8
Query missing on each host Good Morning, I'm working in a query to see which application is missing on each host. Can you help me, please?For ex... by CarolinaHB Explorer in Splunk Search 04-09-2024 0 1	0	1
Extracting fields from a large text field Currently, I have a field called pluginText which is the following (italicized words are anonymized to what they repr... by psomeshwar Path Finder in Splunk Search 04-09-2024 0 3	0	3
Calculating duration from a number I am trying to find the duration for a time span. The "in" and "out" numbers are included in the data as type: number... by whipstash Engager in Splunk Search 04-09-2024 0 3	0	3
How to find matching data from two indexes Hi all, thank in advance for your time!I have a problem writing a properly working query with this case study:I need ... by BigJohnQ New Member in Splunk Search 04-09-2024 0 4	0	4
Sharding searches / mcollect We have several summary searches that collect data into metric indexes. They run nightly and some of them create quit... by jbuecse New Member in Splunk Search 04-08-2024 0 1	0	1
How to fetch the count with details. Hi All,I have one log that is ABC and it is present in sl-sfdc api and have another log EFG that is present in sl-gcd... by avii7326 New Member in Splunk Search 04-08-2024 0 4	0	4
could not create search - No Search query provided i am using below to load colur in drop downlist . Data loading propertly. but it always shows - Could not create sear... by Jasmine Path Finder in Splunk Search 04-08-2024 0 3	0	3
Data Summary is not showing host at all Data Summary is not showing host at all even I already added UDP with ip address on port 514. by matoulas Path Finder in Splunk Search 04-08-2024 0 1	0	1
Splunk Search to find the list of CIM Mapped indexes Below are the CIM Macros where i am using and there are different indexes mapped in individual macros.I want to get t... by alexspunkshell Contributor in Splunk Search 04-08-2024 0 1	0	1
Timechart removes 0 values when searching for over 2 days Hi,I have this search for example:index=test elb_status_code=200 \| timechart count as total span=1s \| stats count as... by EG1 Engager in Splunk Search 04-08-2024 0 4	0	4
Could you kindly assist me? I'm looking to craft a query (a correlation search) that would trigger an alert in the event that an internal system... by KingUs80 Loves-to-Learn Lots in Splunk Search 04-07-2024 0 1	0	1