Splunk Search

Community Activity

How to generate alerts programmatically? Hi, I want to achieve this, Whenever we search something in Splunk, I want to return the search url along with the s... by deshpandevikasv New Member in Splunk Search 05-27-2019 0 11	0	11
Could you advise me please, how to exclude IP subnet? Hello, Could you advise me please, how to exclude IP subnet not using each of them NOT 141.8.142.220 etc. As example,... by smokerman New Member in Splunk Search 05-27-2019 0 4	0	4
split the filed with a hyphen "-" separator Hi Team, I have a index below and i want to split the index values and create a new field with it. Example index=a... by Allampally Path Finder in Splunk Search 05-27-2019 0 3	0	3
how to find the total time taken by a search to finish the run for both adhoc and saved searches Hi, i want to find out the total run time of both ad-hoc and saved searches. I checked in _audit index to find ou... by manjuase Explorer in Splunk Search 05-27-2019 0 1	0	1
Average of value during last running state I am having data as shown in the below image, Is there a way i can get the avg of output considering the data for ... by aseadmin Explorer in Splunk Search 05-27-2019 0 3	0	3
How to get the earliest _time of each column hit 100% Hi , i have produced output below using predict command . _time Prediction(hostA) Prediction(HostB) ... by jienlim2 New Member in Splunk Search 05-26-2019 0 0	0	0
How to run searches based on lookup table details Hi I'm trying to match a table list of tasks for a client with a task run result. The table task shows if the task is... by falkienltd New Member in Splunk Search 05-26-2019 0 1	0	1
Splunk help I want to \|search sourcetype=syslog \| eval DATA=[search tratata \| eval ip=somedata \| return $ip] \| search DATA Exampl... by borisk95 New Member in Splunk Search 05-26-2019 0 5	0	5
rex pattern to create a field Hi, I have this string in the log. 439 XObk5g6CUI62-gr3UIKfXAAAAAs 1@43465473@A and I want to create a field out th... by iamtrying New Member in Splunk Search 05-26-2019 0 4	0	4
Normalise the values of a field and joining the event count of the field values Hi, I have a list of Tenants and the data is being pulled from Jira labels. Some of the labels have not been spelled... by sumaitasiddiky1 New Member in Splunk Search 05-25-2019 0 1	0	1
how to extract multiple values into one field I have windows logs in below format, and not able to extract single field for merged text value. I want to create a f... by utk123 Path Finder in Splunk Search 05-25-2019 0 3	0	3
How to extract a field using rex? This is the string in the log I 2019-05-23 18:22:38.984Z 7881 216 XObk7A6CU-I62gr3UIKfXQAAAAs 1@43465473@A WPB-Log: ... by iamtrying New Member in Splunk Search 05-24-2019 0 3	0	3
How to create transaction based on event data? So I'm trying to build a transaction based on events I am getting from a log. I'm struggling how to set the transacti... by joesrepsolc Communicator in Splunk Search 05-24-2019 0 1	0	1
how remove extra new line? i need that all lines will be one line, without newline by alina_mandarina New Member in Splunk Search 05-24-2019 0 1	0	1
How to create a search to get a list of Indices? Hello Splunkers, I am relatively new with Splunk and was wondering if someone out there can please tell me which qu... by cosmo360 New Member in Splunk Search 05-24-2019 0 1	0	1
how to write splunk query for watching abuse of a service account? Hello, I want to write a detection for watching abuse of a service being used. How to do i start writing the logic. ... by lakshmikolli201 New Member in Splunk Search 05-24-2019 0 6	0	6
How to sort a column chart to view the top 10 values? Hi, I try to make a column chart using this search: index=webtrafic \| rename ProcessName AS RootObject.ProcessName... by bogdan_nicolesc Communicator in Splunk Search 05-24-2019 0 2	0	2
Splunk SDK - Search String with parameter having Spaces By using Splunk SDK, able to use the below search string and get the results from SPlunk String searchQuery_string = ... by duddukuri Explorer in Splunk Search 05-24-2019 0 1	0	1
In a datamodel search why are tstats and stats results not the same? hello splunker. i changed search to datamodel search(tstats) for speed up. but, stats and tstats result are slight... by YUNHYEONG Explorer in Splunk Search 05-24-2019 0 5	0	5
Rex to parse key/value tags in splunk Hello all, Please help me with some regular expression. This is the text: {"Value": "arn:aws:cloudformation:us-west-2... by braicu New Member in Splunk Search 05-23-2019 0 3	0	3
Avg Day of Week does not show up, when no result found Hello, I`m trying to find a solution for this problem. The result of the following SPL query should show every day o... by Silmarillion197 Explorer in Splunk Search 05-23-2019 0 6	0	6
Can I execute several functions with a single (perhaps custom) command? Based on the statistical data we have to generate, we normally have to type out many functions like so: search strin... by kamryn Explorer in Splunk Search 05-23-2019 0 2	0	2
Why does WinNetMon report Protocol ID=58 as SIP? WinNetMon maps protocol #58 to "SIP", but according to IANA, #58 is "IPv6-ICMP"? Seems fine for others: 17=UDP,6=TCP... by templets Path Finder in Splunk Search 05-23-2019 0 0	0	0
list all fields within a sourcetype Hi, Is there a way to display all fields being used by a sourcetype, without the values? by a212830 Champion in Splunk Search 05-23-2019 2 5	2	5
How to attain a list with all the fields in which a certain string appears? For example, given the fields and values: field1=A123 field2=baba field3=A123B field4=bA123 I want a list with the... by msolgonza New Member in Splunk Search 05-23-2019 0 4	0	4