Splunk Search

Discussions

Thread Info

How do we restrict the users to see only the dashboards but the same time the user should not able to run any searches

We have to restrict the users to access only dashboards that too read only access ? How to achieve this

by Explorer in

Can't get lookup tables to function - Refuse to copy file from unsafe

OK, so I've spent a good bit of time trying to implement lookup tables according to the docs, and I'm getting no luck...

by Explorer in

Could not read event. Results may be incomplete

Hello, I am seeing the following error while running Splunk search. "idx=##INDEX NAME HERE## Could not read event:...

by Explorer in

How do I use lookups where field has two formats?

Owing to the way exchange outputs log files, for some reason we get two versions of the cs_username field username...

by Path Finder in

Why isn't table column formatting working for some rows in the following search?

Can anyone tell me why coloring on these true/false values is not working for all the rows?

by Explorer in

Can you help me with my subsearch?

Hello I try to combine the 2 queries below QUERY 1 index="ai-wkst-wineventlog-fr" sourcetype=XmlWinEvent...

by Motivator in

After building a regex for transforms.conf and props.conf, why am I unable to see correctly extracted fields?

I need help. I am unable to see the correct value after extracting a field with this regex. Why is the parser not ...

by New Member in

While clicking on object of dashboard, I am getting 404

404 Not Found Return to Splunk home page Page not found! View more information about your request (request ID =...

by Loves-to-Learn in

Online [realtime] integration with WebApp

Hello, We have WebApp within a Company. It is necessary to receive Authorization Requests (AR) from WebApp for onl...

by New Member in

how to get custom table from logs

Hi, I am having trouble in my queries. My logs are as below: 18/11/2018 12:00:41 IISYS export of Server 1 successfull...

by New Member in

Please Help a"search depends" and "search rejects" not working

ISSUE Hi All I have two-drop down boxes with a 1 –many relationship with tokens “service family” and “feature” as be...

by New Member in

Can you help me fix my search which detects and alerts on campaign spikes from partners?

Hi, The following is my query to list the API ingress flow of traffic from each of the partners. I would like to ...

by Explorer in

In a table format, how can I color a field if its value is greater than a certain number?

Hello Splunkers, I have data in the following format: /dev/mapper/splunkcisvg-auditlv 8.0G 353M 7.7G 5% /...

by Communicator in

ReplicationStatus failed . Search returning no results.

Hi we have two searchheads s1 and s2 and two indexers i1 and i2. I am getting below error Unable to distrib...

by Engager in

Can you help me get this table from the following query?

HI All, Below Query: | convert ctime(_time) AS Date timeformat="%d/%m/%y" | eval File_Copied=case(File_Copied=...

by Contributor in

How do I append columns to a search via inputlookup where the field names do not match?

I'm relatively new to Splunk and I'm trying to use an existing lookup table to append columns to a search where the f...

by Explorer in

How do you calculate the total disk size in MB?

hello, I use this query in order to calculate the remaining space in percent. I also need to calculate the disk...

by Motivator in

Count of zero and non zero values in a table?

I have a search which generates a table as below. The column value is epoch time. IP 1542682800 1542684600 1542686...

by New Member in

Configure a Vsphere VM for Splunk

Hello, How do I configure a vSphere VM (Windows Server 2016) for a SPLUNK deployment? So far I have done the fo...

by Engager in

Using a lookup to translate an IP to host name which can then be used in a search where only hostnames populate the field

Hi, I am trying to create a dashboard where a user can use either a hostname or IP address to search through Windo...

by Path Finder in

How do we include our "app" assets on every page within an application?

How do we include our "app" assets on every page within an application, we can pre-compile the components to use in a...

by Path Finder in

Accessing data become slow over time

Hello, I am uploading few logs to Splunk and accessing the data using complex tstat query. After few minutes of up...

by Builder in

Why won't my multiple "eval if match" expressions work?

Hi I'm trying to check a field for an OS. If Windows, then replace the entire field with "Windows". If mac is foun...

by Communicator in

How to get the values for time_hour?

I have a below query, which displays the Success, Failure, Total and Failure_Percent by time_hour. It only displays t...

by Communicator in

Generating statistics from combined fields using rex

Hi, I'm having difficulty creating a splunk query which generates an overview of field combinations using regular ...

by New Member in

Get Updates on the Splunk Community!

Splunk Search

Discussions

How do we restrict the users to see only the dashboards but the same time the user should not able to run any searches

Can't get lookup tables to function - Refuse to copy file from unsafe

Could not read event. Results may be incomplete

How do I use lookups where field has two formats?

Why isn't table column formatting working for some rows in the following search?

Can you help me with my subsearch?

After building a regex for transforms.conf and props.conf, why am I unable to see correctly extracted fields?

While clicking on object of dashboard, I am getting 404

Online [realtime] integration with WebApp

how to get custom table from logs

Please Help a"search depends" and "search rejects" not working

Can you help me fix my search which detects and alerts on campaign spikes from partners?

In a table format, how can I color a field if its value is greater than a certain number?

ReplicationStatus failed . Search returning no results.

Can you help me get this table from the following query?

How do I append columns to a search via inputlookup where the field names do not match?

How do you calculate the total disk size in MB?

Count of zero and non zero values in a table?

Configure a Vsphere VM for Splunk

Using a lookup to translate an IP to host name which can then be used in a search where only hostnames populate the field

How do we include our "app" assets on every page within an application?

Accessing data become slow over time

Why won't my multiple "eval if match" expressions work?

How to get the values for time_hour?

Generating statistics from combined fields using rex

Enterprise Security Content Update (ESCU) | New Releases

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

Index This | What are the 12 Days of Splunk-mas?

Proactively stream data to different index after C...

Write Splunk log with Laminas

Issues in multiselect input dropdown

Using splunk-sdk in user-defined functions in Spar...

Verification of SAML assertion using IDP's cert fa...