Splunk Search

Community Activity

Metrics and real time searches? How should I approach RT aka real-time searches from metrics data and indexes? Should approach with the same caution... by jackgordon New Member in Splunk Search 04-24-2019 0 0	0	0
With a new user I cannot see app logos Hi team With my admin user I can see all app logos. I just create a new user. With read only role. He have apps bu... by christianubeda Path Finder in Splunk Search 04-24-2019 0 0	0	0
What does stats partitions do? What does stats partitions do? How would you use this? Sample query: \|stats partitions=1 latest(Insert_Text) ... by ryhluc01 Communicator in Splunk Search 04-24-2019 1 6	1	6
Integrity Check for Unauthorized Log Deletion Is there a query that I can use that will check for unauthorized deletion of event and security logs? by krussellffgbank New Member in Splunk Search 04-24-2019 0 2	0	2
Searches are returning no events in search head cluster Hi, We are encountering this no results issue for any index logs in only search head cluster, but we can search the ... by sathishkompelly Explorer in Splunk Search 04-24-2019 0 3	0	3
Find a results between two dates (initial date and limit date) . Hi Splunkers , I've tried this query to return events between two specific dates. Here is the query: index="db_rsa_... by lucasdc New Member in Splunk Search 04-24-2019 0 6	0	6
How to create a search for lookup to get results in single search? Hi, I have uploaded a csv file with fields User Name, A, B, C. First I need to perform lookup with another file wit... by vineeth_jain Explorer in Splunk Search 04-24-2019 0 6	0	6
Can a PDF table be more than 1000 rows? I'm in the process of building some high-priority dashboards for my management (time critical), and I'm having a prob... by adamsmith47 Communicator in Splunk Search 04-24-2019 0 12	0	12
How do I change the color of a table when I modify the value of a text type filter? I have a table with 2 filters: 1. Dropdown that selects the column 2. Text box (numeric) The functionality I want i... by HectorPena New Member in Splunk Search 04-24-2019 0 6	0	6
Input fields pre-filled with old data Hi Community, I am playing around with the KV Store tutorial (http://dev.splunk.com/view/SP-CAAAEZT) and all is wel... by brahimm New Member in Splunk Search 04-24-2019 0 0	0	0
anomalydetection and anomalousvalues on 4 different hosts Hello, We are planning to do some linux patching on some of our Prod servers and were thinking of setting some splun... by abdulwsu New Member in Splunk Search 04-24-2019 0 0	0	0
horse shoe meter for visualisation Hi I have a query to see the success and failure rate. The query will give the fields success and failure rate as out... by Deepz2612 Explorer in Splunk Search 04-24-2019 0 3	0	3
Time taken by multiple events in a distributed transaction Hi , We have a audit log with the information of different event types and their execution time for different custome... by sathishthangara New Member in Splunk Search 04-24-2019 0 0	0	0
How to pass multiple search field into new search with AND/OR conditions? Hi im currently having a search that result multiple field, and i wish to pipe those values into a new search that m... by totaro Explorer in Splunk Search 04-24-2019 0 1	0	1
How to get timechart value even if splunk contain no data for this "_time" field ? Hi, I'm tryin to get the number of alerts by day. When i have alerts i see the number in statistics. But when i d... by clementros Path Finder in Splunk Search 04-23-2019 0 2	0	2
How to get the where condition from a lookup source, work? Hello I dont understand why my "where" condition doesnt work could you help me please? \| inputlookup host.csv \| lo... by jip31 Motivator in Splunk Search 04-23-2019 0 10	0	10
REST API Modular Input Custom Response Handler for unbroken json event (EMC UNITY) Hi, Can anyone pls assist with a custom response handler for the following data - it's being recognised as JSON usi... by jarrodbirang New Member in Splunk Search 04-23-2019 0 0	0	0
Real Time Search Issues We're running into an issue where are RT searches are being delayed due to the amount of concurrent searches being ra... by shanecifaldi Loves-to-Learn Everything in Splunk Search 04-23-2019 0 2	0	2
subsearch and timerange Hello, I just have a question regarding subsearches and the time range picker. I am trying to run a subsearch that wi... by arlombar1 Explorer in Splunk Search 04-23-2019 0 2	0	2
How Do I Get A Unique User IP Logged For EVERY EVENT, Using MVJoin? Acceptance Criteria: 1) distinct count of user agents, and referrer url grouped by session id 2) distinct count of us... by jac_iv_ New Member in Splunk Search 04-23-2019 0 0	0	0
Importing a CSV file as a threat intelligence lookup list, how can I test that this file is being parsed against my data? I just completed importing a CSV file as a threat intelligence lookup list. I followed Splunk documentation (6.2) and... by santorof Communicator in Splunk Search 04-23-2019 0 8	0	8
strange problem：com.splunk.hecclient.HecException: All channels have back pressure I am trying input data to splunk from kafka,but i met this problem. i tried the answer of this link: https://gith... by fangyingw New Member in Splunk Search 04-23-2019 0 0	0	0
How to find the difference of two query results? Hi team, I have two queries as follows query1: \|inputlookup abc.csv \|table file sla_time query2: index=xxx ... by pench2k19 Explorer in Splunk Search 04-23-2019 0 3	0	3
How to define field alias on extracted fields? I extracted some fields from raw log , and I want to define field alias for them , but on specific field which is use... by sabaKhadivi Path Finder in Splunk Search 04-23-2019 0 6	0	6
How to sort a table based on two columns in order of priority? Hello dear Splunkers, I have a table showing the amount of downloaded data per website by user on my network. Is it... by DavidHourani Super Champion in Splunk Search 04-22-2019 0 7	0	7