Splunk Search

Community Activity

	Matching a field in a string using if/eval command. I have two logs below, log a is throughout the environment and would be shown for all users. log b is limited to spe... by aotuga001 Explorer in Splunk Search 04-16-2024 0 6	0	6
	How to convert the below into a tabular format using rex message: Updated Components { "servicechannel": [ { "LastmodifiedBy": "XYZ", "ModifiedDate": "2024-04-15T17:20:09.000... by sowbhagya Loves-to-Learn in Splunk Search 04-16-2024 0 2	0	2
	How can I extract field's from given JSON array and display running total of numeric column {"id":"0","severity":"Information","message":[{"TARGET_SYSTEM":"SEQ","FUNCTION_NAME":"CPW_02170","TOTAL":"121257","PR... by gauravkumar85 Path Finder in Splunk Search 04-16-2024 0 2	0	2
	Multi value field search \| Unexpected output I need to report hosts that are configured to receive app.log details and also report the ones that are missing. For ... by rahulkawadkar Loves-to-Learn Lots in Splunk Search 04-16-2024 0 3	0	3
	Compare inputlookup values and look for partial match with a field from search I have an inputlookup that has a list of pod names that we expect to be deployed to an environment. The list would lo... by fishn Explorer in Splunk Search 04-16-2024 0 6	0	6
	Alert Query not working as expected index=app-logs sourcetype=app-data source=app.logs host=appdatajs01 OR host=appdatajs02 OR host=appdatajs03 OR hos... by mahesh27 Communicator in Splunk Search 04-15-2024 0 5	0	5
	How to add checkbox using dashboard studio? I don't see checkbox as part of the inputs list. It is possible in simple xml but would like to know how it can be ac... by ashwini_hosbet Loves-to-Learn in Splunk Search 04-15-2024 0 4	0	4
	Comparing differences in the same field depending on the row grouping field I'll try to explain it with a basic example. As an output of a stats command I have:detectionquerysearch1google.comya... by jo54 Explorer in Splunk Search 04-15-2024 0 2	0	2
	tstats via REST API Greetings folks, and thanks in advance for a little brainpower here. I'm definitely a splunk novice.I'm trying to pu... by ryanstaats New Member in Splunk Search 04-15-2024 0 3	0	3
	Error in 'where' command: The expression is malformed. Expected ). So I am creating a dashboard and I keep getting this error: Error in 'where' command: The expression is malformed. E... by sumarri Path Finder in Splunk Search 04-15-2024 0 5	0	5
	How to exclude null values in mv fields? In my mv field nameas errortype.In the error type the counts shows file not found as 4 and empty as 2 .I want to exc... by karthi2809 Builder in Splunk Search 04-15-2024 0 3	0	3
	Error in 'EvalCommand': Type checking failed. '/' only takes numbers. I am getting this error: Error in 'EvalCommand': Type checking failed. '/' only takes numbers. Here is lines of SPL:\|... by sumarri Path Finder in Splunk Search 04-15-2024 0 2	0	2
	Calculate network address Hello everyoneI want to calculate the network address from an IP and a mask:IP = 192.168.1.10Mask = 255.255.255.0Desi... by Nico99 Explorer in Splunk Search 04-15-2024 0 4	0	4
	Blank Content While Using REST API Python Why I get empty results while I using REST API (results) Search on python?And when I using REST API (events) in Pytho... by NatanS Explorer in Splunk Search 04-15-2024 0 3	0	3
	Search for peers with status=down What search can I do to find peers with status=down. Looking to form an alert when this happens but can't find it wit... by pc1 Path Finder in Splunk Search 04-15-2024 0 4	0	4
	Heavy forwarder with httpout to indexer cluster Hello everyone, Quick question : I need to forward data from HF to Indexer cluster.Right now, I'm using S2S tcpout fu... by j01am Explorer in Splunk Search 04-14-2024 0 6	0	6
	Addcoltotals Command Issue Hi Splunkers, I am facing weird issue with addcoltotals command. While it is working perfectly fine if i open a new s... by manpreetsingh29 Loves-to-Learn Lots in Splunk Search 04-13-2024 0 5	0	5
	Splunk Query stats with time intervals Hello All, I want to build a splunk query using stats to get count of messages for last 5 min, last 10min and last 15... by Satyapv Engager in Splunk Search 04-13-2024 0 8	0	8
	Finding when difference between servers greater than 50% I am using the below query (server names replaced) to find when there is a greater than 50% difference in volume betw... by Adacats Engager in Splunk Search 04-13-2024 0 3	0	3
	Splunk rest api services/search/v2/jobs/export to search multiline command Hi ,i am trying to execute multiline splunk commands as below using rest endpointservices/search/v2/jobs/export https... by gopal New Member in Splunk Search 04-12-2024 0 2	0	2
	Need help to combine queries Query1: index=app-index source=application.logs "Initial message received with below details" \|rex field= _raw "RampD... by mahesh27 Communicator in Splunk Search 04-12-2024 0 7	0	7
	Splunk containerized. I receive: "Error while sending public key to search peer" when i try to add a search peer hi everybody.I have three Splunk instances in three docker containers on the same subnet . I have mapped port 8089 on... by massimo_ciceri New Member in Splunk Search 04-12-2024 0 0	0	0
	Adding and average into a simple Dashboard. I assume this is difficult. index=mainframe sourcetype=BMC:DEFENDER:RACF:bryslog host=s0900d OR host=s0700d \| timechart limit=50 count(event... by Jgreiner Engager in Splunk Search 04-12-2024 0 6	0	6
	Aggregated HTTP Status Code per URL per a time bin/bucket Hi,I have the following fields in logs on my proxy for backend services_time -> timestampstatus_code -> http status c... by brokenboard525 Engager in Splunk Search 04-12-2024 0 2	0	2
	EPS in flat file with universal forwarder Hi Team,what is the Events-per-second (EPS) in flat file with universal forwarder? by Meet-Patel Loves-to-Learn Lots in Splunk Search 04-12-2024 0 11	0	11