Splunk Search

Community Activity

Calculating stdev by individual users Hi, I'm trying to build the following logic and failing: For each user in my Windows Event Logs, calculate the stdev... by danataylor Engager in Splunk Search 01-17-2019 0 14	0	14
Extracting fields based on eventtype? It is currently possible to setup field extractions based on an eventtype definition, but it sounds like this may not... by Lowell Super Champion in Splunk Search 01-17-2019 2 5	2	5
SendEmail command to send to different emails Hello all. New to splunk. How can I perform a SendEmail for each log that comes in, which will have a different ema... by nols76 New Member in Splunk Search 01-17-2019 0 3	0	3
Is the automatic lookup table used by the indexer? When an automatic lookup table is defined, is that used by the indexer to add the new fields or is it the search head... by rxdeleon Explorer in Splunk Search 01-17-2019 0 7	0	7
Display submenus in the Dashboard title ? Hi All, I have a requirment of showing the submenu on the dashboard page, so that I can know that from which Main Me... by pgadhari Builder in Splunk Search 01-17-2019 0 4	0	4
Splunk 7 shows Splunk version as 4 Hi, Sometimes when I open my Splunk 7 web interface, it shows splunk version as 4. All the functionalities and featu... by jet1276 Path Finder in Splunk Search 01-17-2019 2 5	2	5
Reindex file with same data but different timestamp There is a file which has same data but file is deleted after few hours and placed again with same data but different... by AnmolKohli Explorer in Splunk Search 01-17-2019 0 1	0	1
Prevent users from creating private searches Is there a way to not allow users to create private searches (and other knowledge objects) in an app? by jthunnissen Path Finder in Splunk Search 01-17-2019 0 9	0	9
How to retrieve IPs of forwarders for respective host names from the Monitoring Console? Hi, I have a requirement of pulling a list of all Splunk instances and the forwarders with their host names, IPs a... by MousumiChowdhur Contributor in Splunk Search 01-17-2019 0 9	0	9
Extract data from JSON array I have some data which is along the following format; {"event": { "Timestamp":"2019-01-16 22:20:26.123" ... by karlbosanquet Path Finder in Splunk Search 01-17-2019 0 2	0	2
Why do I have empty columns when using map in my search Hello, I have created a search using the map command to retrieve fields from another source. Both searches run seper... by gesa_behrens Path Finder in Splunk Search 01-16-2019 0 4	0	4
The current splunk cloud version is 7.1.3 and our environment is 7.0.3 we are planning to upgrade which should we go with 7.1.3 or 7.2.1 ? The current splunk cloud version is 7.1.3 and our splunk environment is 7.0.3 we are planning to upgrade which shoul... by srampally Path Finder in Splunk Search 01-16-2019 1 1	1	1
Can you help me with the following error in my 'rex' command?: "The regex '' does not extract anything. It should specify at least one named group. Format: (?...)" Hi, I need to generate a graph that gives me the count of all different type of exceptions occurred during the last ... by bipin_tiwari New Member in Splunk Search 01-16-2019 0 4	0	4
Need help with regex index=...\| search MESSAGE="CommonAsyncGETController.execute() : scope :S01234"\| Table MESSAGE Above is my string, I ... by ppanchal Path Finder in Splunk Search 01-16-2019 0 3	0	3
Average count based on day index="apigee" sourcetype="apigee:hec" \| search DeveloperAppName="someappname" \| convert timeformat="%A" ctime(_time)... by th1agarajan Path Finder in Splunk Search 01-16-2019 0 5	0	5
Using stats dc with stats list and count I have the following search looking for external hosts that are trying to brute force multiple WordPress or Drupal si... by jwalzerpitt Influencer in Splunk Search 01-16-2019 0 3	0	3
Read contents of a file in GIT based version control Bitbucket Hi, I need help/advice on how to read contents of a file that is version controlled in GIT based application Bitbuck... by sendilprakash Explorer in Splunk Search 01-16-2019 0 0	0	0
How to compare two field values from one index to another index Hello Experts, We are having an issue where we are having two indexes named monitor and poll. Below is the structure ... by praveenm00 New Member in Splunk Search 01-16-2019 0 1	0	1
How to add custom field to event? I want to add custom fields to specific index and have them log accordingly. Currently there are only a few default ... by mnoster Engager in Splunk Search 01-16-2019 0 1	0	1
Two queries in one - SearchParser Subsearch error hi apologies but i'm not very verse in splunk. i'm trying to run two separate queries in one search but i get the fo... by jaj Path Finder in Splunk Search 01-16-2019 0 5	0	5
how to take multiple lines of single event data automatically My event has like this data ip = 10.60.11.170 , value = 46 ip = 10.60.11.168 , value = 47 ip = 10.60.11.171 , valu... by prathapkcsc Explorer in Splunk Search 01-16-2019 0 9	0	9
Issue with the input.config file We are currently working to get the %Committed bytes in use to get into Splunk as a counter as we need to create an a... by rahulnarang2107 New Member in Splunk Search 01-16-2019 0 0	0	0
How to Avoid alphabetical sorting on xyseries command? Hello Everyone Below is my search query: base search \| fillnull TimesRan value=1 \| bucket span=1mon _time \| stat... by maria2691 Path Finder in Splunk Search 01-16-2019 0 7	0	7
Filtering windows security event logs with Regex Hi there. We've been having issues with our DC's sending to much information across to Splunk and require assistance... by andrewdidone Path Finder in Splunk Search 01-16-2019 0 26	0	26
In appendcols if input search does not fetch anything what happens to the fields of sub search? Hi, I have a query, the definition of appendcols is as below. "Appends the fields of the subsearch results with the... by zeespl Explorer in Splunk Search 01-16-2019 0 3	0	3