Splunk Search

Community Activity

How to show two json response in single field? Hi Guys,I want to show two field values into single column in a table .query and sample logs given below. index="mule... by karthi2809 Builder in Splunk Search 04-02-2024 0 7	0	7
Using input file but only want select results returned I have a dashboard where I have 4 multi select boxes and a input file with all possible results for each app. When t... by bullbasin Explorer in Splunk Search 04-02-2024 0 4	0	4
How can I use login and logout events for specific UserIDs to determine concurrent users at a given time? These are the fields I'm using - Body, ATNVersion, operatingsystem, osversion, MID by purcell12491 Loves-to-Learn in Splunk Search 04-02-2024 0 3	0	3
How to create graph based on Std deviation & Avg Hi Can anyoine suggest me how to create Avg & Std Dev graph from the fields by jaibalaraman Path Finder in Splunk Search 04-02-2024 0 5	0	5
Need help to calculate percentage. \|mstats sum(Transactions) as Transaction_count where index=metrics-logs application=login services IN(get, put, delet... by Ash1 Communicator in Splunk Search 04-02-2024 0 5	0	5
All Time Search Earliest Workload <search> <query>index="ourIndex" sourcetype=$stype$ABC AND Is_Service_Account="True" OR Is_Service_Account="False" ... by sle Engager in Splunk Search 04-02-2024 0 2	0	2
extract part from url https://www.nike.com/in/t/air-max-90-lv8-shoes-5KhTdP/FD4328-102https://www.nike.com/in/t/air-max-dn-shoes-FtLNfm/DV3... by kreddykotla New Member in Splunk Search 04-02-2024 0 1	0	1
Splitting a field after combining fields So, I have two indexes and sourcetypes with the following fields: index1 and sourcetype1: aip = 34.465.45.234 AppVend... by psomeshwar Path Finder in Splunk Search 04-01-2024 0 8	0	8
How to detect xz-lib CVE-2024-3094 with Splunk® Enterprise How to detect CVE-2024-3094 with Splunk? by jkat54 SplunkTrust in Splunk Search 04-01-2024 0 3	0	3
How to find out failed durable searches Good day All, We have enabled the searches as durable searches. In our environment due to any one or other activity t... by NAGA4 Engager in Splunk Search 04-01-2024 0 0	0	0
How to covert numbers into date Hi Experts, I have a list of dates in the field called my_date like below:451234512745130How can I convert this? Than... by Muthu_Vinith Path Finder in Splunk Search 04-01-2024 0 14	0	14
The lookup table '...' does not exist or is not available. Hi!,This is a contrived example, but could you help me understand why this completes (and functions as expected): \| m... by khsewell Engager in Splunk Search 04-01-2024 0 2	0	2
Search result count I have 10 indexes starts with "ep_winevt_ms" . So i am using * here "index=ep_winevt_ms*".But while taking the \| stat... by alexspunkshell Contributor in Splunk Search 04-01-2024 0 3	0	3
Please help with splunk query to get pass and fail count from jsonarray Please help with splunk query to get pass and fail count in table format from below jsonarray\| Group \| Pass \| Fail ... by Thulasiraman Explorer in Splunk Search 03-30-2024 0 1	0	1
Unable to get expected computed result while joining second query on different index I'm attempting to compute the total number of API calls from our backend engine. Initially, I process API identificat... by splunkbeginner1 Engager in Splunk Search 03-30-2024 0 8	0	8
How to identify the hosts (Primary or Secondary) that have stopped reporting to Splunk using lookup table All,I am looking for a solution to identify the hosts that have stopped reporting to Splunk using lookup table. Howev... by gauravu_14 Explorer in Splunk Search 03-30-2024 0 3	0	3
Calculating data throughput for cloud I'm trying to calculate the data throughput for a cloud computing solution that will be charging based on outgoing da... by taijusoup64 Loves-to-Learn Lots in Splunk Search 03-30-2024 0 3	0	3
How to generate output/report from unstructured log records in splunk Hi,I have following log data that are in splunk. Below is example data taken from splunk:2024-02-04T00:15:15.209Z [jf... by RS Engager in Splunk Search 03-30-2024 0 7	0	7
splunk search lookup help Hello,I have a splunk query returning my search results index="demo1" source="demo2" \| rex field=_raw "id_num \{ dat... by MVK1 Path Finder in Splunk Search 03-29-2024 0 14	0	14
How to list _key value pairs for all entities in ITSI ? Hello all ! Can anyone help me in editing the below SPL so it can only list the _key - value paris for the entities ?... by Suara Explorer in Splunk Search 03-29-2024 0 2	0	2
How to break out a column and append it to the bottom of another column? From the Subject Title, what I mean is it will increase the row count and decrease the column count - that is my inte... by ClubMed Path Finder in Splunk Search 03-29-2024 0 2	0	2
Query to return events when all the objects of an array where a field value is equal to a certain value I need help with a splunk query to return events where an array of object contains certain value for a key in all th... by rajesh143rs Engager in Splunk Search 03-28-2024 0 5	0	5
Facing issue while extracting required fields and while using mvexpand command Hi Team,The below is the event which we have received into the splunk,Dataframe row : {"_c0":{"0":"{","1":" \"0\": {"... by Renunaren Loves-to-Learn Everything in Splunk Search 03-28-2024 0 7	0	7
cron schedule we are trying to set up a cron schedule on alert to run only on weekends(sat and sun) at 6am, 12pm, 8pm , 10pmi tired... by mahesh27 Communicator in Splunk Search 03-28-2024 0 3	0	3
fillnull for all the field names with a pattern I need to use fillnull command but I don't have the exact field names before hand. All my fields starts (which I want... by asingla Communicator in Splunk Search 03-28-2024 1 3	1	3