Splunk Search

Community Activity

Log searching Splunk I am searching some logs in an application for the last 24 hours (or any time range the user has selected). Is it pos... by av_ Path Finder in Splunk Search 03-21-2024 0 4	0	4
Issue using rex to replace string Hello world,I'm trying to use rex to rename the part of the strings below where it says "g0" to "GRN". So the output ... by Scharf Explorer in Splunk Search 03-21-2024 0 5	0	5
Setting a date range as a field for the chargeback app I have a question regarding how to properly extract the time ranges between the Events to use as a field value for a ... by Abass42 Communicator in Splunk Search 03-21-2024 0 1	0	1
Collect command with federated searches I have a use case where I'm trying to collect events from a federated search. I can run and search results using the ... by MJAITEH Engager in Splunk Search 03-21-2024 1 0	1	0
How to exclude field values in the query? Hi Guys,I am try to exclude field value . need to exclude message=""API:START: /v1/Journals_outbound" index="mulesof... by karthi2809 Builder in Splunk Search 03-21-2024 0 1	0	1
mutiple search Hello everyone, i need solution for this.my data :userID=text123 , login_time="2024-03-21 08:04:42.201000", ip_addr=1... by riposans Explorer in Splunk Search 03-20-2024 0 1	0	1
Facing issue with my Serach Hello All, Below is my alert script, and I dont want to have any alerts during night 11:50 to 00:25 midnight, however... by Amit79 Loves-to-Learn Everything in Splunk Search 03-20-2024 0 2	0	2
Where field count is less than, but not stats count by I run a Splunk query to see events from my web application firewall. I filter out certain violations by name, using a... by LatchJohnson Explorer in Splunk Search 03-20-2024 0 5	0	5
Filtering a weekly timewrap timechart by a specific time window each day. I have the following query that gives me week-over-week comparisons for the past month: index="myIndex" earliest=-1mo... by jbrenner Path Finder in Splunk Search 03-20-2024 0 1	0	1
Streamed Search Execute Failed Because: Error in 'lookup' command Good morning, I am having issues with admon and running into this error: Streamed Search Execute Failed Because: Erro... by JoshuaJJ Path Finder in Splunk Search 03-20-2024 0 1	0	1
Date difference in months on my search index=raw_fe5_autsust Aplicacao=HUB Endpoint="*/" \| eval RefUser=if(Mes!="", Mes, substr("0" + tostring... by vinihei_987 New Member in Splunk Search 03-20-2024 0 1	0	1
Prevent users from table sorting (when clicking on its headers) The question is really simple, not that sure about the answer though. I'm using Splunk 5.0.6 + Advanced XML panels to... by kikexclusive Path Finder in Splunk Search 03-20-2024 1 7	1	7
Display only weekdays in Time chart Hi,Is it possible to display only weekdays in Time chart ? PS: I am not looking to discard the data for weekend. Just... by AKG11 Path Finder in Splunk Search 03-20-2024 0 1	0	1
Syntax/use of subsearches I have a query …index=blah "BAD_REQUEST" \| rex "(?i) requestId (?P<requestId>[^:]+)" \| table requestId \| dedup reques... by Mick_OBrien Path Finder in Splunk Search 03-20-2024 0 9	0	9
How to search based on variable? \| search no = variable Hello,How to search based on variable? If select contains "many", then search no IN (1 to 30), else search NO 7\| e... by LearningGuy Motivator in Splunk Search 03-20-2024 0 5	0	5
Dedup within span Hi!I have an issue with a query and the dedup command. \| eval service=case( (method="GET" AND match(uri, "/v1/[a-zA-... by erkin Engager in Splunk Search 03-20-2024 0 1	0	1
Dedup is not working with mstats We are streaming Dynatrace metric data into Splunk, for some reason we are seeing duplicate 'MessageDeduplicationId'.... by sabari80 Explorer in Splunk Search 03-20-2024 0 3	0	3
How to extract fields from a json in _raw? I have an application which logs data in the following form:2023-06-30T12:21:08Z DEBUG scalehandler Getting metrics f... by Adisharma Engager in Splunk Search 03-20-2024 0 3	0	3
How to filter out a specific phrase in a Splunk search I'm trying to search for a specific phrase with the search below but I only want result1, not result2. The issue here... by frodelauka Observer in Splunk Search 03-20-2024 0 4	0	4
changing addtime=false on scheduled summary index - advanced edit has no effect Hello,Why does changing addtime=false on scheduled summary index - advanced edit has no effect?Thank you for your hel... by LearningGuy Motivator in Splunk Search 03-20-2024 0 1	0	1
How to return a single value from a subsearch into eval Hi, I'm trying to calculate a value through some lookup statements and then put that value into a variable using eva... by Sloefke Path Finder in Splunk Search 03-20-2024 1 8	1	8
Find a common field with _introspection and _internal or _auit Hi All,our SVC calculation is in _introspection and and our search name is in _internal and _audit. We need a common ... by sairajkiran Observer in Splunk Search 03-20-2024 0 1	0	1
How to search based on drop-down condition? Hello,How to search based on drop-down condition?Thank you in advance! index = test \| eval week_or_day_token = "w" ... by LearningGuy Motivator in Splunk Search 03-20-2024 0 2	0	2
How to run 2 queries on an index and then merge it on a column I have a single index which logs incoming request and completed request related details. There is a common indicator ... by jinishshah Explorer in Splunk Search 03-20-2024 0 1	0	1
How to dynamically change background color of pie based on drop-down selection? Hi.How can I change the background color of pie dynamically through drop-down selection ？Is it okay to look like this... by danliu Loves-to-Learn Everything in Splunk Search 03-20-2024 0 4	0	4