Splunk Search

Community Activity

In a subsearch, retrieve last-logged-on-user, for IPs in a search for most-blocked connections from Firewall I have a search that returns the IPs that have recently been blocked the most, and I want to add the "Last Logged On ... by VexenCrabtree Path Finder in Splunk Search 04-09-2019 0 2	0	2
Handle 0 Count, No results found & when no data is being indexed I was displaying the count of certain type of locks using the query below. index=A sourcetype="source" LOCK_MODE!="... by njohnson7 Path Finder in Splunk Search 04-09-2019 0 2	0	2
How to extract values "good" and "bad" from my sample data into a new field named STATUS? Hi I have a log file in which all the events has this below lines as common; 04:03:28 04/12/2016 good 201961028 ... by roopeshetty Path Finder in Splunk Search 04-09-2019 0 5	0	5
how to match a specific field in 2 different csv file and 2 different index Hi I use the search below in order to display in a table a specific EventCode by host I am matching the host with th... by jip31 Motivator in Splunk Search 04-08-2019 0 2	0	2
When I use \| spath \| search \| table search commands I am getting duplicate entries When parsing information from a _json file when using \|spath \|search \|table I am receiving duplicates. I'm not sur... by bzsplunk54 New Member in Splunk Search 04-08-2019 0 1	0	1
Regex in Splunk Hi, I have the following column: CVSSv2 CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N I want to do something like this: sourc... by hjsabdjahbd Observer in Splunk Search 04-08-2019 0 3	0	3
Show an area under a chart I have a line chart and have to calculate area under this chart. The calculated area must be presented on a chart pan... by kvaga Explorer in Splunk Search 04-08-2019 0 3	0	3
How to schedule PDF report and save locally instead of sending e-mail ? I have a PDF report scheduled and sending daily e-mail with the PDF report in attachment. I need to automatically sav... by dvmodeste New Member in Splunk Search 04-08-2019 0 0	0	0
Generate PDF file but NOT email it Hi, I need to be able to generate PDF files of views, which I can get working, but I don't want them emailed. I want... by philyeo Explorer in Splunk Search 04-08-2019 1 7	1	7
Having issues reporting information from inner searches in a nested query Hello all, I will try to explain my issue as concisely as possible. I suspect the issue is attributed to me misunder... by nickcardenas Path Finder in Splunk Search 04-08-2019 0 5	0	5
Create line graph with multiple series Need assistance creating a line graph with 3 series. I have 1 field with 3 different values. I've tried to do this i... by clarkedayne New Member in Splunk Search 04-08-2019 0 3	0	3
Having a % to follow number on gauge chart Current: \| search MachineNumber="01" \| eval PercentComplete= round(((CountSinceLastTaskCompletion)/MaintenanceFrequen... by pglover12 New Member in Splunk Search 04-08-2019 0 1	0	1
Splunk - Object is not iterable Afternoon Guys, Currently get a strange issue. I noticed we were not ingesting logs from one of our s3 buckets and i... by brewster88 New Member in Splunk Search 04-08-2019 0 0	0	0
How to remove third Thursday from Splunk results We would like to remove our monthly patching window from our error report that we receive from Splunk on some of our ... by blisowski New Member in Splunk Search 04-08-2019 0 2	0	2
Splunk Maintenance Window Hello Splunkers, In my organization Patching activity has been scheduled and under that all my splunk components wil... by ramprakash Explorer in Splunk Search 04-08-2019 0 0	0	0
get AD Computer with PowerShell Hello, i have a powershell script that give me ad computer objects back. it works perfect. The Script run every 24h.... by TheOnlyOne Observer in Splunk Search 04-08-2019 0 0	0	0
Can you help me do an outputlookup with a condition? Hello I use the code below. I'm doing an outputlookup at the end of the query, but I want to do it with a condition... by jip31 Motivator in Splunk Search 04-08-2019 1 3	1	3
comparing multivalue fields Good day! I need to compare the results of a search query that contains multivalued fields. My search query looks l... by stevesmith08 Explorer in Splunk Search 04-08-2019 0 2	0	2
How to join two searches based on two different formatted fields I have an index which contains field - TXN_ID = "24, 25 " index=index1 TXN_ID ="24,25" I have another event in diff... by sangs8788 Communicator in Splunk Search 04-08-2019 0 2	0	2
Adding donut chart for a single value Hi , I need to have a exact full donut chart for a single value . Below is the image https://imgur.com/a/O5tex30 ... by Nadhiyaa Path Finder in Splunk Search 04-08-2019 0 2	0	2
COnvert week number to the 1st date in that week Below is the data. Weeknum is the number of week where 01-05 are week numbers from 2019 and 40-44 are week numbers fr... by nikita012 New Member in Splunk Search 04-08-2019 0 4	0	4
I am looking for replacing all the numbers in a field to *. Can anyone help. Input field value: "this error occured for member123456. While making a payment of 60" Desired input field value:"thi... by Tejagorantla New Member in Splunk Search 04-07-2019 0 2	0	2
How to capture only string and remove optional digits with regex I have a field which has values like below. there are 100+ values for this field, but i just posted 3 sample values. ... by ncrs5699 Explorer in Splunk Search 04-07-2019 1 7	1	7
Issue with date and time for indexed csv data I am facing date time issue while indexing csv data . I do have a date field in my CSV file but i want to consider s... by darshini2790 Explorer in Splunk Search 04-07-2019 0 3	0	3
How to create multiple reports/pdf output from a single search? hi folks, we got a requirement to create xx number of reports based on a filter. For example the lookup file has fil... by koshyk Super Champion in Splunk Search 04-07-2019 0 2	0	2