Splunk Search

Community Activity

How to find event status changed Hello everyone! We have a log file contains the following information, status 0 means server is up, 1 means down: Da... by atpsplunk11 Explorer in Splunk Search 05-16-2019 0 2	0	2
How to display several time ranged search results in one dashboard panel? Hi guys, Is it possible to create several searches on data, differing in time range, and then display them in one das... by eriketro Engager in Splunk Search 05-16-2019 0 0	0	0
How to Regex the second occurrence of Account Name in AD logs I need to filter AD logs with Event Code 4725 "A user account was disabled". I need to regex and filter the second oc... by Log_wrangler Builder in Splunk Search 05-16-2019 0 3	0	3
Help identifying fast growing indexes Hi fellow Splunkers. I am the Splunk admin at my org, however that is mainly more from the Infrastructure side of th... by jwpoore New Member in Splunk Search 05-16-2019 0 3	0	3
Lookup File data retention Question Hi Team, I have requirement to show last 90 days worth of app login stats broken by day. I have a lookup table/defn... by newbie2tech Communicator in Splunk Search 05-16-2019 0 2	0	2
Stitching all Search (stats) Fields into new_raw Field (need foreach assistance) Hi all, i tried get rid of my workaround solution with adding \| collect index=test testmode=true to my searches.... by ssteinmann Explorer in Splunk Search 05-16-2019 0 0	0	0
Extract Area Code From Phone Numbers Hi, I wonder whether someone may be able to help me please. I have a list of telephone numbers of varying length, b... by IRHM73 Motivator in Splunk Search 05-16-2019 0 5	0	5
Adding Can delete Role to User LDAP Hi , i have admin privileges in splunk when i am trying to delete some data it says insufficient privileges and we ar... by ram254481493 Explorer in Splunk Search 05-16-2019 0 1	0	1
Rename field by using one of multiple wildcards I have a query that counts by source and leaves me with fields that are named like /logs/containers/3198058471-5mdkn_... by maartendhondt Explorer in Splunk Search 05-16-2019 0 1	0	1
Is it possible using rex to create field names that contain a period (.)? Hello! I'm parsing strings using rex and I'd like to define a set of field names that contain the period (.) charact... by andrewtrobec Motivator in Splunk Search 05-16-2019 0 1	0	1
how to remove spaces in xml data after field extraction I am trying to make a field extraction from xml data and but I am having a problem with special ascii characters bein... by michaelrosello Path Finder in Splunk Search 05-16-2019 0 3	0	3
Running a prediction and anomaly detection in parallel I want to build a query that can do the following. a. Monitor about 10-15 metrics from the different kinds of system... by zkn9ce6 New Member in Splunk Search 05-16-2019 0 0	0	0
Decouple a process in windows So, I want to detach a process in windows using python code. What I want to do is, I am spawning a process from Splun... by pratik97 Engager in Splunk Search 05-15-2019 1 0	1	0
Display a time chart for the distinct count of values in a field I am beginner to Splunk and could you help me with the following scenario. Lets take I have a table with the field n... by veerappan New Member in Splunk Search 05-15-2019 0 4	0	4
How do I combine and filter searches on a common field Hello, my data look like this: { correlationId: "1", field1: "something flagged", field2: "alkjsd" }... by jrjrjrjrjr Explorer in Splunk Search 05-15-2019 0 4	0	4
Default _time I have an example log file with the following format: Nov 05 10:33:37 servername applicationserver: instance,ipaddre... by camah4 New Member in Splunk Search 05-15-2019 0 3	0	3
Appending a static lookup Hi all, I'm looking for a way to append the contents of a CSV table to any search I make as an additional column. Fo... by ivan128 Explorer in Splunk Search 05-15-2019 0 2	0	2
Transaction how can i define a transaction end based an extracted value? the value of terminal during the transaction start shou... by rmathur3 New Member in Splunk Search 05-15-2019 0 5	0	5
How to setup dynamic resize with SVG Hi, I made very good looking (well, to me ...) svg panels. The svg items were created with inkscape. Everything work... by vinzent New Member in Splunk Search 05-15-2019 0 1	0	1
Search multiple fields from one lookup field I'm trying to format a search in which I have a lookup with one column, this column includes malicious email addresse... by nicholascurley Engager in Splunk Search 05-15-2019 0 2	0	2
Can't we use a Custom Search Command with stats in fast or smart mode ? Hi everyone! I had to write a script that solves the IP address from a field to the corresponding BGP AS Number. At ... by simond_vr Explorer in Splunk Search 05-15-2019 1 5	1	5
How to calculate Total Bandwidth Usage using bytes,bytes_in and bytes_out my proxy is capturing three fields such as bytes,bytes_in and bytes_out out of which in need to calculate total bandw... by vellas78 New Member in Splunk Search 05-15-2019 0 4	0	4
How create line chart using Time and Date Hi Guys, I need your help. I have this structured log: SERVICE,END_TIME,DATA,TIME Job_Name,10/12/2018 07:14,10/12/2... by kingwaras Engager in Splunk Search 05-15-2019 0 1	0	1
Compare value in each row from column B with all values in column A Hi, it probably very simple problem but looks like I am using wrong queries on Google and can't find a solution. I ne... by seva98 Path Finder in Splunk Search 05-15-2019 0 5	0	5
Map command to append value Hello all, I have a lookup table with saved searches names, search strings, time range and some other values. I am t... by astatrial Contributor in Splunk Search 05-15-2019 0 2	0	2