Splunk Search

Community Activity

How to extract data using rex ? Hi,I want to extract value c611b43d-a574-4636-9116-ec45fe8090f8 from below.Could you please let me know how I can do ... by anil1219 Engager in Splunk Search 03-14-2024 0 2	0	2
Create Dynamic Drop-down I am trying to create a dashboard to examine group policy processing errors. I would like to create a drop-down base... by CoryC Engager in Splunk Search 03-14-2024 0 4	0	4
Not receiving data in internal index From last two days I am not receiving data in my Splunk internal index. Please help me understand this issue . by uagraw01 Motivator in Splunk Search 03-14-2024 0 16	0	16
How do I set a token to an html search string <row> <panel depends="$tok_tab_1$"> <table> <title>Alerts Fired</title> <search> ... by jeradb Explorer in Splunk Search 03-14-2024 0 1	0	1
Issue with Send Alert and updating Notable "Splunk cant figure it out" Can you Hello, Looking for some real guidance here. We just implemented Splunk with an Implementation team. We are pulling ou... by cjharmening Loves-to-Learn Lots in Splunk Search 03-14-2024 0 1	0	1
Format with commas an \|appendpipe [stats sum() as by Number ... Good afternoon everyone, I need your help in this way. I have a stats sum with the wild card *\|appendpipe [stats sum(... by BeautyData Explorer in Splunk Search 03-14-2024 0 7	0	7
All Time searches best practices/exceptions I'm trying to create a workload management rule to prevent users from searching with "All Time". After researching, i... by sle Engager in Splunk Search 03-14-2024 0 2	0	2
Optimizing the search Hi All, How can I optimize the below query? Can we convert it to tstats? index=abc host=def* stalled \| rex field=... by abhi04 Communicator in Splunk Search 03-13-2024 0 3	0	3
Using Parameter in Search I am trying to use parameter into the search using IN condition. Query is retuning results if I put data directly in... by splunkuser320 Path Finder in Splunk Search 03-13-2024 0 8	0	8
Splunk query to skip alphanumeric string I've below 3 different types of API logs where I've to treat all 3 as same and get the count of the API.There are mul... by Deprasad Path Finder in Splunk Search 03-13-2024 0 5	0	5
How to calculate statistics for using PC Hello!I have a log that shows locking/unlocking PCs:1710320306,u09,unlocked1710320356,u09,locked1710320360,u10,unlock... by ipoluda Explorer in Splunk Search 03-13-2024 0 1	0	1
having exclamation symbol and showing warning message:indicates problems with underlying storage performance We have a Splunk Dashboard for our Team in Splunk Cluster. Almost every report item is having exclamation symbol and... by Splunk-Star Loves-to-Learn Lots in Splunk Search 03-13-2024 0 2	0	2
Prerequisites of Splunk if i had to write a document for myself on basic learning of splunk: to create a dashboard i can either use inputs li... by Tron-spectron47 Loves-to-Learn in Splunk Search 03-13-2024 0 3	0	3
user is getting the following error:Could not load lookup=LOOKUP-h_vms On splunk user is getting the following error:Could not load lookup=LOOKUP-pp_vms but admin is not getting any such ... by Splunk-Star Loves-to-Learn Lots in Splunk Search 03-13-2024 0 2	0	2
Merge numberous data in a field Good Morning i have a field that i've called problem_detail in our Helpdesk index. it contains all the types of prob... by PaulaCom Path Finder in Splunk Search 03-13-2024 0 2	0	2
How to extract two fields using regex? How to extract the two fields from the message ?In this need to extract after API: START: /v1/expense/extract/demand/... by karthi2809 Builder in Splunk Search 03-13-2024 0 3	0	3
Separate the array value in the different event. Hi team,I mentioned that the payload field contains the entity-internal-id and lead-id in an array format. I want to ... by parthiban Path Finder in Splunk Search 03-13-2024 0 5	0	5
Datas are not getting parsed after giving table name on splunk query. Please let me know the correct data extraction? index=* "Unknown message for StatusConsumer" topicId marshall \| rex f... by Splunk-Star Loves-to-Learn Lots in Splunk Search 03-12-2024 0 3	0	3
Grouping data based off a single field I have all the relevant data I need from a single source but I am wanting to present it in a way that I can't get it ... by 1tiger105 Engager in Splunk Search 03-12-2024 0 2	0	2
Is it possible to call lookup within case statement? I want to call lookup within case statement. if possible, please share sample query. by RSS_STT Explorer in Splunk Search 03-12-2024 0 6	0	6
Modify a date field value using SED I have a weird date/time value: 20240307105530.358753-360I would like to make it more user friendly 2024/03/07 10:5... by jason_hotchkiss Communicator in Splunk Search 03-12-2024 0 3	0	3
How to search and filter by a field that contains spaces? Hello Team, I could see a lot of discussions on this forum, but none solving my issue. I have a log with content li... by teknet7 Engager in Splunk Search 03-12-2024 1 3	1	3
Geostats Cluster Map Help Any reason why this can't be visualized in a geo cluster map?source="udp:514" index="syslog" NOT src_ip IN (10.0.0.0/... by ChocolateRocket Explorer in Splunk Search 03-12-2024 0 7	0	7
How to use the REST API to fetch and filter results from a saved search? I am using REST service - my requirement is to use Splunk REST URL to fetch details from a saved search .. but I want... by samkaj Explorer in Splunk Search 03-12-2024 1 4	1	4
How to use wildcard in case like condition? Hi Guys, Thanks in Advance. So i have case conditions to be match in my splunk query.below the message based on corre... by karthi2809 Builder in Splunk Search 03-12-2024 0 5	0	5