Splunk Search

Community Activity

Question on how to prevent an event from being reindexed I have a web application that produces a fairly complicate log structure that looks something like the following. { ... by dsadowski New Member in Splunk Search 01-17-2019 0 0	0	0
Difference between time fields in different events based off of the value of another field I would like to find the difference of time where based on the value of field "disposion", I choose the time value fo... by fmatera Explorer in Splunk Search 01-17-2019 0 4	0	4
Can we run multiple saved queries over the same periods at once? Hi, I have 79 reports and I want to run those reports over last 30 days. Can I run 79 reports all at once and saved ... by y2kbcm Explorer in Splunk Search 01-17-2019 0 4	0	4
Can you help me with my field extractions? I have logs from the same source type called log4j in Splunk. The format for the logs is a little different. For exam... by pdantuuri0411 Explorer in Splunk Search 01-17-2019 0 3	0	3
What is the correct URI to logOn with .NET SDK LogOnAsync? I am trying to write a simple app that will login to Splunk and retrieve some events. I'm using the .NET SDK Splunk.... by tbomgardner New Member in Splunk Search 01-17-2019 0 0	0	0
Is it possible to use POST and DELETE with "rest" search command? There is a nice search command for interacting with REST API: http://docs.splunk.com/Documentation/Splunk/latest/Sear... by npichugin Path Finder in Splunk Search 01-17-2019 0 6	0	6
How do I iterate through a result set and fetch the data for each result? I have a query to retrieve "Item_Number " in table. The results will be as below... ..\| table Item_Number Item_N... by Anantha123 Communicator in Splunk Search 01-17-2019 0 8	0	8
Calculating stdev by individual users Hi, I'm trying to build the following logic and failing: For each user in my Windows Event Logs, calculate the stdev... by danataylor Engager in Splunk Search 01-17-2019 0 14	0	14
Extracting fields based on eventtype? It is currently possible to setup field extractions based on an eventtype definition, but it sounds like this may not... by Lowell Super Champion in Splunk Search 01-17-2019 2 5	2	5
SendEmail command to send to different emails Hello all. New to splunk. How can I perform a SendEmail for each log that comes in, which will have a different ema... by nols76 New Member in Splunk Search 01-17-2019 0 3	0	3
Is the automatic lookup table used by the indexer? When an automatic lookup table is defined, is that used by the indexer to add the new fields or is it the search head... by rxdeleon Explorer in Splunk Search 01-17-2019 0 7	0	7
Display submenus in the Dashboard title ? Hi All, I have a requirment of showing the submenu on the dashboard page, so that I can know that from which Main Me... by pgadhari Builder in Splunk Search 01-17-2019 0 4	0	4
Splunk 7 shows Splunk version as 4 Hi, Sometimes when I open my Splunk 7 web interface, it shows splunk version as 4. All the functionalities and featu... by jet1276 Path Finder in Splunk Search 01-17-2019 2 5	2	5
Reindex file with same data but different timestamp There is a file which has same data but file is deleted after few hours and placed again with same data but different... by AnmolKohli Explorer in Splunk Search 01-17-2019 0 1	0	1
Prevent users from creating private searches Is there a way to not allow users to create private searches (and other knowledge objects) in an app? by jthunnissen Path Finder in Splunk Search 01-17-2019 0 9	0	9
How to retrieve IPs of forwarders for respective host names from the Monitoring Console? Hi, I have a requirement of pulling a list of all Splunk instances and the forwarders with their host names, IPs a... by MousumiChowdhur Contributor in Splunk Search 01-17-2019 0 9	0	9
Extract data from JSON array I have some data which is along the following format; {"event": { "Timestamp":"2019-01-16 22:20:26.123" ... by karlbosanquet Path Finder in Splunk Search 01-17-2019 0 2	0	2
Why do I have empty columns when using map in my search Hello, I have created a search using the map command to retrieve fields from another source. Both searches run seper... by gesa_behrens Path Finder in Splunk Search 01-16-2019 0 4	0	4
The current splunk cloud version is 7.1.3 and our environment is 7.0.3 we are planning to upgrade which should we go with 7.1.3 or 7.2.1 ? The current splunk cloud version is 7.1.3 and our splunk environment is 7.0.3 we are planning to upgrade which shoul... by srampally Path Finder in Splunk Search 01-16-2019 1 1	1	1
Can you help me with the following error in my 'rex' command?: "The regex '' does not extract anything. It should specify at least one named group. Format: (?...)" Hi, I need to generate a graph that gives me the count of all different type of exceptions occurred during the last ... by bipin_tiwari New Member in Splunk Search 01-16-2019 0 4	0	4
Need help with regex index=...\| search MESSAGE="CommonAsyncGETController.execute() : scope :S01234"\| Table MESSAGE Above is my string, I ... by ppanchal Path Finder in Splunk Search 01-16-2019 0 3	0	3
Average count based on day index="apigee" sourcetype="apigee:hec" \| search DeveloperAppName="someappname" \| convert timeformat="%A" ctime(_time)... by th1agarajan Path Finder in Splunk Search 01-16-2019 0 5	0	5
Using stats dc with stats list and count I have the following search looking for external hosts that are trying to brute force multiple WordPress or Drupal si... by jwalzerpitt Influencer in Splunk Search 01-16-2019 0 3	0	3
Read contents of a file in GIT based version control Bitbucket Hi, I need help/advice on how to read contents of a file that is version controlled in GIT based application Bitbuck... by sendilprakash Explorer in Splunk Search 01-16-2019 0 0	0	0
How to compare two field values from one index to another index Hello Experts, We are having an issue where we are having two indexes named monitor and poll. Below is the structure ... by praveenm00 New Member in Splunk Search 01-16-2019 0 1	0	1