Splunk Search

Community Activity

Disabling Splunk Sources Hi, I am trying to disable certain sources (using buttons) such that if they are taking using too much data they can... by jwtracey New Member in Splunk Search 05-29-2019 0 0	0	0
Help with search Hi everyone! I have this serach: index=_internal [set_local_host] source=license_usage.log type="Usage" \| eval h=i... by amirarsalan Explorer in Splunk Search 05-29-2019 0 13	0	13
Bluecoat proxy query Hello. I'm trying to create a query that will show total traffic to a url. Showing total traffic by top users per d... by shandman Path Finder in Splunk Search 05-29-2019 0 1	0	1
How to add a search bar in a column of a table in splunk dashboard? Hi All, Hope you are doing well. I created a table with a stats command which gives me a the avg of cpu and memory... by niks987 Explorer in Splunk Search 05-28-2019 0 10	0	10
Why are we unable to evaluate a field obtained from rex? Using below query: index="incident" sourcetype="csv" \| rex max_match=0 "(?(?i)(order))" \| stats count by classifica... by nilbak1 Communicator in Splunk Search 05-28-2019 0 8	0	8
How to sort columns values(Desc) for a column chart in decreasing order? Hello, I wanna know if it's possible to sort columns in decreasing order in a column chart. Thanks in advance for y... by rahhali22 New Member in Splunk Search 05-28-2019 0 13	0	13
How do you table multiple interesting fields values side by side? I would like to create a table that shows a list of all computers that have specific apps installed and those that do... by talaveralino New Member in Splunk Search 05-28-2019 0 3	0	3
How do I extract fields with Rex? Hello I have these events : copy and upload completed for day: 2019-05-27 Tue May 28 12:24:40 UTC 2019 going to cop... by sarit_s Communicator in Splunk Search 05-28-2019 0 14	0	14
Does using dedup improve performance? And where to place it in search? I just finished the Splunk Fundamentals 1 course and in one of the videos they said: For best performance we place... by kamryn Explorer in Splunk Search 05-28-2019 1 1	1	1
regular expression to transformation Hello, In my linux data, two versions of the same hostname have turned up. and .local. Now I have been able to chan... by tdthorwald Explorer in Splunk Search 05-28-2019 1 0	1	0
Eval results compared to Total counts I would like to display all Bot and Crawler activity compared to the total amount of events. index="Web" \| eval Web... by jon_marcum New Member in Splunk Search 05-28-2019 0 3	0	3
Extract a substring and filter the results based on the extracted substring from incoming logs I am pretty new to Splunk and finding a way to figure out below: My incoming logs have a field message which contains... by nagar57 Communicator in Splunk Search 05-28-2019 0 1	0	1
how can I get a deviation from a specific IP? Good afternoon, I have this query to get global deviations in the number of connections. index=cisco_asa sourcetype... by christianubeda Path Finder in Splunk Search 05-28-2019 0 0	0	0
Can someone suggest few ways of correlation of two or more fields I have a ticket dump with following fields. Transaction ID Transaction Type Description Priority urgency Created On ... by asm_coe Explorer in Splunk Search 05-28-2019 0 7	0	7
is a multi-line value possible for dedicated key-value pairs of an event? dear splunk communitiy, we create events of an own format and everything principally works well: for example, an e... by DrFedtke Explorer in Splunk Search 05-28-2019 0 1	0	1
Output Lookup command sending less results I have a output lookup command which returns 4 rows via saved search when ran independently. However,on running the ... by architkhanna Path Finder in Splunk Search 05-28-2019 0 1	0	1
Splunk Maps what is the difference between cluster and cheograph maps in splunk? and can i use cluster maps with coordinates not... by alaaelbahrawy Explorer in Splunk Search 05-28-2019 1 8	1	8
compare results in different days Good day! I have two requests for different dates. I need to compare the results of the queries. The following com... by stevesmith08 Explorer in Splunk Search 05-28-2019 0 5	0	5
Null results on timechart using base search Hello, im making a dashboard with a timechart and some filters, I can't make it to work, my filter gives no results a... by 3DGjos Communicator in Splunk Search 05-27-2019 0 4	0	4
nomv similar values with count I have data like below, TaskName - Status Task 1 - New Task 1 - Running Task 1 - ... by niyaz006 Path Finder in Splunk Search 05-27-2019 0 2	0	2
How to edit regex for existing fields Hi! need to edit existing fields using regex as its not giving proper values. e.g. there is field called "IP" (auto e... by jas0049 New Member in Splunk Search 05-27-2019 0 3	0	3
Splunk Query Help I have a table like below Test_ID Test_Name Status 123 Test1 ... by NAVEEN_CTS Path Finder in Splunk Search 05-27-2019 0 4	0	4
Unusually high volume detection with respect to the same day of the previous week per server It would be possible to detect an increase in volume per server. This is my current search that looks global but wou... by christianubeda Path Finder in Splunk Search 05-27-2019 0 1	0	1
how to whitelist using lookup table we have threat logs from firewall. That log contains a signature, which is captured under signature field. my require... by ajayrejin Explorer in Splunk Search 05-27-2019 0 2	0	2
Splunk 7.2.1 Automatic language translation Hi. The following problems occurred after upgrading to splunk 7.2.1. English automatically changes to Korean. How can... by spl109 Explorer in Splunk Search 05-27-2019 0 2	0	2