Splunk Search

Community Activity

	how to pass the time range to input text fields for search data, when i select the time range through input=time if select 24 hours in time filter, is there any automatic way to pass the 24hrs time rage to start date and end date?... by Dattasri Loves-to-Learn in Splunk Search 02-28-2024 0 1	0	1
	How to get sum of all columns into a new column? Hi I need to do a sum of all columns into new column EVNT COL1 COL2 COL3 SUM 1 22 22 22 66 2 ... by paullt12345 Explorer in Splunk Search 02-28-2024 0 5	0	5
	Passing lookup value to search I have users.csv as a lookup file with almost 20K users. I'm writing a query for authentication events for a specifi... by atul9771 Engager in Splunk Search 02-28-2024 0 4	0	4
	Extract and/or add numbers from a string I have string field:provTimes: a=10; b=15; c=10;it basically has semicolon separated sub-fields in the value. Each su... by apoorvaaccount New Member in Splunk Search 02-28-2024 0 2	0	2
	Converting Splunk Curl API to Windows Powershell I have a working script that allows me to retrieve the job ID of a search in Splunk. This is working in Windows usin... by qcjacobo2577 Path Finder in Splunk Search 02-28-2024 0 3	0	3
	Log alerts - Alert that tell when a log source stops sending logs to Splunk I'm trying to build an alert that looks at the number of logs from the past three days and then compares it to the nu... by BTB Explorer in Splunk Search 02-28-2024 0 9	0	9
	regroup similar url without using tons of regex Hi, Is there a way to regroup similar values without defining tons of regex. Let say I do a search that return urls. ... by BenSI New Member in Splunk Search 02-28-2024 0 1	0	1
	Get the 10 recent events for each host. I am trying to write a search that will pull the 10 (or so) most recent events for each host. The tail and head comma... by allen_hunter Explorer in Splunk Search 02-28-2024 0 3	0	3
	complex stats to trigger on count of events I have this rule, I need it to trigger when results / count of events is greater than 4 but the "Trigger Condition" d... by dm2 Explorer in Splunk Search 02-28-2024 0 5	0	5
	How to search all fields from a lookup CSV file in index event log Hello Splunk members!I have a CSV Lookup file with 2 columnsClientNameHWDetSystemBD-K-027EY VMwareI have an index... by m4jk3l Explorer in Splunk Search 02-28-2024 0 11	0	11
	How to display specific timezone in table results instead of user preference timezone? I spent a fair amount of time perusing Google and Splunk Answers but couldn't seem to find a solution that made sense... by michael_sleep Communicator in Splunk Search 02-28-2024 0 4	0	4
	Need to convert only MB values to GB leaving GB values as it is. Hi All, I have logs like below in splunk:Log1: Tue Feb 25 04:00:20 2024 EST 10G 59M 1% /apps Log2: Tue Feb 25 04:00:2... by Mrig342 Contributor in Splunk Search 02-27-2024 0 4	0	4
	Issues with event parsing using prop configuration file Hello,I have some issues with parsing events and a few sample events are given below:{"eventVer":"2.56", "userId":"A0... by SplunkDash Motivator in Splunk Search 02-27-2024 0 1	0	1
	Trimming the value of a savedsearch parameter within the savedsearch I have a saved "MySearch" that takes a parameter "INPUT_SessionId", something like this:index=foo\| ... some stuff\| se... by jeffmartin Engager in Splunk Search 02-27-2024 0 1	0	1
	How to add space on a text on a single value panel? Hello,How to add space on a text on a single value? Thank you for your helpAdding spaces did not have any affect.... by LearningGuy Motivator in Splunk Search 02-27-2024 0 9	0	9
	How to exclude string keyword in same field while using transaction command? Thanks in Advance.In my scenario i want to club the the result using correlationID .so i used transaction command .Be... by karthi2809 Builder in Splunk Search 02-27-2024 0 2	0	2
	Sum of the field based on the other field values Hi Team,how to Sum of the field based on the other field values.Row1 field values will be 0-9 and a-z.Sample one give... by Anud Path Finder in Splunk Search 02-27-2024 0 2	0	2
	SPL: Longest common substring Hello everyone,I am looking for a SPL-solution to determine how long the longest common substring of two strings is.I... by jroedel Path Finder in Splunk Search 02-27-2024 0 3	0	3
	Passing lookup file contents as individual search strings Lookup file `tenants.csv` tenant, tenant1, tenant2, tenant3, tenant4, Desired query index=index1 (tenant1xxx OR tenan... by deepdive100 Loves-to-Learn Everything in Splunk Search 02-26-2024 0 12	0	12
	Edit CSV file sent through sendemail command Hi All,I am trying to send email using sendemail command with csv as an attachment . Email is getting sent successful... by Poojitha Communicator in Splunk Search 02-26-2024 0 5	0	5
	Splunk Alerts I have a search that gives me the total number of hits to my website and the average number of hits over a 5 day peri... by bgill0123 Loves-to-Learn in Splunk Search 02-26-2024 0 6	0	6
	Events return blank results I don't know what happened,pls look the picture and help me! thanks very much by kalilinux0011 New Member in Splunk Search 02-26-2024 0 6	0	6
	How to derive percentage of expected and actual count from two searches with different count strategies Hi,I have two separate searches that are working independently (expected count, actual count). I want to combine the... by alexa Engager in Splunk Search 02-26-2024 0 3	0	3
	Load balancing Splunk UF hosts that are also rsyslog receivers As the titles suggests, I'm looking into whether it's possible or not to load balance Universal Forwarder hosts that ... by Skeer-Jamf Path Finder in Splunk Search 02-26-2024 0 14	0	14
	Retreive list of alerts shared at app level Can I retrieve list of alerts shared in App level, Is it possible? \|rest /services/saved/searches \| search eai:acl.a... by rupasri Observer in Splunk Search 02-26-2024 0 1	0	1