Splunk Search

Community Activity

how can I get a deviation from a specific IP? Good afternoon, I have this query to get global deviations in the number of connections. index=cisco_asa sourcetype... by christianubeda Path Finder in Splunk Search 05-28-2019 0 0	0	0
Can someone suggest few ways of correlation of two or more fields I have a ticket dump with following fields. Transaction ID Transaction Type Description Priority urgency Created On ... by asm_coe Explorer in Splunk Search 05-28-2019 0 7	0	7
is a multi-line value possible for dedicated key-value pairs of an event? dear splunk communitiy, we create events of an own format and everything principally works well: for example, an e... by DrFedtke Explorer in Splunk Search 05-28-2019 0 1	0	1
Output Lookup command sending less results I have a output lookup command which returns 4 rows via saved search when ran independently. However,on running the ... by architkhanna Path Finder in Splunk Search 05-28-2019 0 1	0	1
Splunk Maps what is the difference between cluster and cheograph maps in splunk? and can i use cluster maps with coordinates not... by alaaelbahrawy Explorer in Splunk Search 05-28-2019 1 8	1	8
compare results in different days Good day! I have two requests for different dates. I need to compare the results of the queries. The following com... by stevesmith08 Explorer in Splunk Search 05-28-2019 0 5	0	5
Null results on timechart using base search Hello, im making a dashboard with a timechart and some filters, I can't make it to work, my filter gives no results a... by 3DGjos Communicator in Splunk Search 05-27-2019 0 4	0	4
nomv similar values with count I have data like below, TaskName - Status Task 1 - New Task 1 - Running Task 1 - ... by niyaz006 Path Finder in Splunk Search 05-27-2019 0 2	0	2
How to edit regex for existing fields Hi! need to edit existing fields using regex as its not giving proper values. e.g. there is field called "IP" (auto e... by jas0049 New Member in Splunk Search 05-27-2019 0 3	0	3
Splunk Query Help I have a table like below Test_ID Test_Name Status 123 Test1 ... by NAVEEN_CTS Path Finder in Splunk Search 05-27-2019 0 4	0	4
Unusually high volume detection with respect to the same day of the previous week per server It would be possible to detect an increase in volume per server. This is my current search that looks global but wou... by christianubeda Path Finder in Splunk Search 05-27-2019 0 1	0	1
how to whitelist using lookup table we have threat logs from firewall. That log contains a signature, which is captured under signature field. my require... by ajayrejin Explorer in Splunk Search 05-27-2019 0 2	0	2
Splunk 7.2.1 Automatic language translation Hi. The following problems occurred after upgrading to splunk 7.2.1. English automatically changes to Korean. How can... by spl109 Explorer in Splunk Search 05-27-2019 0 2	0	2
How to generate alerts programmatically? Hi, I want to achieve this, Whenever we search something in Splunk, I want to return the search url along with the s... by deshpandevikasv New Member in Splunk Search 05-27-2019 0 11	0	11
Could you advise me please, how to exclude IP subnet? Hello, Could you advise me please, how to exclude IP subnet not using each of them NOT 141.8.142.220 etc. As example,... by smokerman New Member in Splunk Search 05-27-2019 0 4	0	4
split the filed with a hyphen "-" separator Hi Team, I have a index below and i want to split the index values and create a new field with it. Example index=a... by Allampally Path Finder in Splunk Search 05-27-2019 0 3	0	3
how to find the total time taken by a search to finish the run for both adhoc and saved searches Hi, i want to find out the total run time of both ad-hoc and saved searches. I checked in _audit index to find ou... by manjuase Explorer in Splunk Search 05-27-2019 0 1	0	1
Average of value during last running state I am having data as shown in the below image, Is there a way i can get the avg of output considering the data for ... by aseadmin Explorer in Splunk Search 05-27-2019 0 3	0	3
How to get the earliest _time of each column hit 100% Hi , i have produced output below using predict command . _time Prediction(hostA) Prediction(HostB) ... by jienlim2 New Member in Splunk Search 05-26-2019 0 0	0	0
How to run searches based on lookup table details Hi I'm trying to match a table list of tasks for a client with a task run result. The table task shows if the task is... by falkienltd New Member in Splunk Search 05-26-2019 0 1	0	1
Splunk help I want to \|search sourcetype=syslog \| eval DATA=[search tratata \| eval ip=somedata \| return $ip] \| search DATA Exampl... by borisk95 New Member in Splunk Search 05-26-2019 0 5	0	5
rex pattern to create a field Hi, I have this string in the log. 439 XObk5g6CUI62-gr3UIKfXAAAAAs 1@43465473@A and I want to create a field out th... by iamtrying New Member in Splunk Search 05-26-2019 0 4	0	4
Normalise the values of a field and joining the event count of the field values Hi, I have a list of Tenants and the data is being pulled from Jira labels. Some of the labels have not been spelled... by sumaitasiddiky1 New Member in Splunk Search 05-25-2019 0 1	0	1
how to extract multiple values into one field I have windows logs in below format, and not able to extract single field for merged text value. I want to create a f... by utk123 Path Finder in Splunk Search 05-25-2019 0 3	0	3
How to extract a field using rex? This is the string in the log I 2019-05-23 18:22:38.984Z 7881 216 XObk7A6CU-I62gr3UIKfXQAAAAs 1@43465473@A WPB-Log: ... by iamtrying New Member in Splunk Search 05-24-2019 0 3	0	3