Splunk Search

Community Activity

How extract dynamic json keys recursively and condition based add data to table? Hi, I am new to Splunk and I have been trying to generate report table format using json data, I am able to spath an... by pradiprwt New Member in Splunk Search 05-29-2019 0 1	0	1
Why are we unable to find any results when running the transaction command? Hi, I have ingested a ticket dump csv file. Transaction ID is one of the fields. Unable to find any events when I ru... by asm_coe Explorer in Splunk Search 05-29-2019 0 1	0	1
How to split a column into multiple columns? Hi, I have a table that looks like this: name \| count score1and2 \| 1 score1 \| 2 score2 \| 2 missed1and... by dojiepreji Path Finder in Splunk Search 05-29-2019 0 1	0	1
My 2nd indexer in Join case is giving only the latest values where I require value Matching with Time and 1st index Hi I created a join search for my environment where my 1st index is for my IPS and 2nd Index is for DHCP. DHCP inde... by hosniadnan New Member in Splunk Search 05-29-2019 0 0	0	0
How to join the result of an inputlookup and the output of a search? I have the following inputlookup \| inputlookup ad_identities \|search sAMAccountName=unetho \|table sAMAccountName, di... by kemnean2001 New Member in Splunk Search 05-29-2019 0 2	0	2
Is there setting to always enable auto_pause option? In 2010, the following Answers refered that there isn't a setting to always enable the auto_pause option, and that it... by yutaka1005 Builder in Splunk Search 05-29-2019 0 4	0	4
Disabling Splunk Sources Hi, I am trying to disable certain sources (using buttons) such that if they are taking using too much data they can... by jwtracey New Member in Splunk Search 05-29-2019 0 0	0	0
Help with search Hi everyone! I have this serach: index=_internal [set_local_host] source=license_usage.log type="Usage" \| eval h=i... by amirarsalan Explorer in Splunk Search 05-29-2019 0 13	0	13
Bluecoat proxy query Hello. I'm trying to create a query that will show total traffic to a url. Showing total traffic by top users per d... by shandman Path Finder in Splunk Search 05-29-2019 0 1	0	1
How to add a search bar in a column of a table in splunk dashboard? Hi All, Hope you are doing well. I created a table with a stats command which gives me a the avg of cpu and memory... by niks987 Explorer in Splunk Search 05-28-2019 0 10	0	10
Why are we unable to evaluate a field obtained from rex? Using below query: index="incident" sourcetype="csv" \| rex max_match=0 "(?(?i)(order))" \| stats count by classifica... by nilbak1 Communicator in Splunk Search 05-28-2019 0 8	0	8
How to sort columns values(Desc) for a column chart in decreasing order? Hello, I wanna know if it's possible to sort columns in decreasing order in a column chart. Thanks in advance for y... by rahhali22 New Member in Splunk Search 05-28-2019 0 13	0	13
How do you table multiple interesting fields values side by side? I would like to create a table that shows a list of all computers that have specific apps installed and those that do... by talaveralino New Member in Splunk Search 05-28-2019 0 3	0	3
How do I extract fields with Rex? Hello I have these events : copy and upload completed for day: 2019-05-27 Tue May 28 12:24:40 UTC 2019 going to cop... by sarit_s Communicator in Splunk Search 05-28-2019 0 14	0	14
Does using dedup improve performance? And where to place it in search? I just finished the Splunk Fundamentals 1 course and in one of the videos they said: For best performance we place... by kamryn Explorer in Splunk Search 05-28-2019 1 1	1	1
regular expression to transformation Hello, In my linux data, two versions of the same hostname have turned up. and .local. Now I have been able to chan... by tdthorwald Explorer in Splunk Search 05-28-2019 1 0	1	0
Eval results compared to Total counts I would like to display all Bot and Crawler activity compared to the total amount of events. index="Web" \| eval Web... by jon_marcum New Member in Splunk Search 05-28-2019 0 3	0	3
Extract a substring and filter the results based on the extracted substring from incoming logs I am pretty new to Splunk and finding a way to figure out below: My incoming logs have a field message which contains... by nagar57 Communicator in Splunk Search 05-28-2019 0 1	0	1
how can I get a deviation from a specific IP? Good afternoon, I have this query to get global deviations in the number of connections. index=cisco_asa sourcetype... by christianubeda Path Finder in Splunk Search 05-28-2019 0 0	0	0
Can someone suggest few ways of correlation of two or more fields I have a ticket dump with following fields. Transaction ID Transaction Type Description Priority urgency Created On ... by asm_coe Explorer in Splunk Search 05-28-2019 0 7	0	7
is a multi-line value possible for dedicated key-value pairs of an event? dear splunk communitiy, we create events of an own format and everything principally works well: for example, an e... by DrFedtke Explorer in Splunk Search 05-28-2019 0 1	0	1
Output Lookup command sending less results I have a output lookup command which returns 4 rows via saved search when ran independently. However,on running the ... by architkhanna Path Finder in Splunk Search 05-28-2019 0 1	0	1
Splunk Maps what is the difference between cluster and cheograph maps in splunk? and can i use cluster maps with coordinates not... by alaaelbahrawy Explorer in Splunk Search 05-28-2019 1 8	1	8
compare results in different days Good day! I have two requests for different dates. I need to compare the results of the queries. The following com... by stevesmith08 Explorer in Splunk Search 05-28-2019 0 5	0	5
Null results on timechart using base search Hello, im making a dashboard with a timechart and some filters, I can't make it to work, my filter gives no results a... by 3DGjos Communicator in Splunk Search 05-27-2019 0 4	0	4