Splunk Search

Community Activity

How to Regex the second occurrence of Account Name in AD logs I need to filter AD logs with Event Code 4725 "A user account was disabled". I need to regex and filter the second oc... by Log_wrangler Builder in Splunk Search 05-16-2019 0 3	0	3
Help identifying fast growing indexes Hi fellow Splunkers. I am the Splunk admin at my org, however that is mainly more from the Infrastructure side of th... by jwpoore New Member in Splunk Search 05-16-2019 0 3	0	3
Lookup File data retention Question Hi Team, I have requirement to show last 90 days worth of app login stats broken by day. I have a lookup table/defn... by newbie2tech Communicator in Splunk Search 05-16-2019 0 2	0	2
Stitching all Search (stats) Fields into new_raw Field (need foreach assistance) Hi all, i tried get rid of my workaround solution with adding \| collect index=test testmode=true to my searches.... by ssteinmann Explorer in Splunk Search 05-16-2019 0 0	0	0
Extract Area Code From Phone Numbers Hi, I wonder whether someone may be able to help me please. I have a list of telephone numbers of varying length, b... by IRHM73 Motivator in Splunk Search 05-16-2019 0 5	0	5
Adding Can delete Role to User LDAP Hi , i have admin privileges in splunk when i am trying to delete some data it says insufficient privileges and we ar... by ram254481493 Explorer in Splunk Search 05-16-2019 0 1	0	1
Rename field by using one of multiple wildcards I have a query that counts by source and leaves me with fields that are named like /logs/containers/3198058471-5mdkn_... by maartendhondt Explorer in Splunk Search 05-16-2019 0 1	0	1
Is it possible using rex to create field names that contain a period (.)? Hello! I'm parsing strings using rex and I'd like to define a set of field names that contain the period (.) charact... by andrewtrobec Motivator in Splunk Search 05-16-2019 0 1	0	1
how to remove spaces in xml data after field extraction I am trying to make a field extraction from xml data and but I am having a problem with special ascii characters bein... by michaelrosello Path Finder in Splunk Search 05-16-2019 0 3	0	3
Running a prediction and anomaly detection in parallel I want to build a query that can do the following. a. Monitor about 10-15 metrics from the different kinds of system... by zkn9ce6 New Member in Splunk Search 05-16-2019 0 0	0	0
Decouple a process in windows So, I want to detach a process in windows using python code. What I want to do is, I am spawning a process from Splun... by pratik97 Engager in Splunk Search 05-15-2019 1 0	1	0
Display a time chart for the distinct count of values in a field I am beginner to Splunk and could you help me with the following scenario. Lets take I have a table with the field n... by veerappan New Member in Splunk Search 05-15-2019 0 4	0	4
How do I combine and filter searches on a common field Hello, my data look like this: { correlationId: "1", field1: "something flagged", field2: "alkjsd" }... by jrjrjrjrjr Explorer in Splunk Search 05-15-2019 0 4	0	4
Default _time I have an example log file with the following format: Nov 05 10:33:37 servername applicationserver: instance,ipaddre... by camah4 New Member in Splunk Search 05-15-2019 0 3	0	3
Appending a static lookup Hi all, I'm looking for a way to append the contents of a CSV table to any search I make as an additional column. Fo... by ivan128 Explorer in Splunk Search 05-15-2019 0 2	0	2
Transaction how can i define a transaction end based an extracted value? the value of terminal during the transaction start shou... by rmathur3 New Member in Splunk Search 05-15-2019 0 5	0	5
How to setup dynamic resize with SVG Hi, I made very good looking (well, to me ...) svg panels. The svg items were created with inkscape. Everything work... by vinzent New Member in Splunk Search 05-15-2019 0 1	0	1
Search multiple fields from one lookup field I'm trying to format a search in which I have a lookup with one column, this column includes malicious email addresse... by nicholascurley Engager in Splunk Search 05-15-2019 0 2	0	2
Can't we use a Custom Search Command with stats in fast or smart mode ? Hi everyone! I had to write a script that solves the IP address from a field to the corresponding BGP AS Number. At ... by simond_vr Explorer in Splunk Search 05-15-2019 1 5	1	5
How to calculate Total Bandwidth Usage using bytes,bytes_in and bytes_out my proxy is capturing three fields such as bytes,bytes_in and bytes_out out of which in need to calculate total bandw... by vellas78 New Member in Splunk Search 05-15-2019 0 4	0	4
How create line chart using Time and Date Hi Guys, I need your help. I have this structured log: SERVICE,END_TIME,DATA,TIME Job_Name,10/12/2018 07:14,10/12/2... by kingwaras Engager in Splunk Search 05-15-2019 0 1	0	1
Compare value in each row from column B with all values in column A Hi, it probably very simple problem but looks like I am using wrong queries on Google and can't find a solution. I ne... by seva98 Path Finder in Splunk Search 05-15-2019 0 5	0	5
Map command to append value Hello all, I have a lookup table with saved searches names, search strings, time range and some other values. I am t... by astatrial Contributor in Splunk Search 05-15-2019 0 2	0	2
How to fetch next row value to a separate field Hi, I am new to Splunk and I want to perform some calculation here. I have a data like: WeeK RFS1 RFS2 ... by mnarmada Path Finder in Splunk Search 05-15-2019 0 8	0	8
Subsearch filter In an index for a specific host I have log lines like this: 2019-05-15T06:09:56+00:00\|6eb44e3c-d93e-4a43-b3f0-560a03... by maartendhondt Explorer in Splunk Search 05-15-2019 0 1	0	1