Splunk Search

Community Activity

How to display specific timezone in table results instead of user preference timezone? I spent a fair amount of time perusing Google and Splunk Answers but couldn't seem to find a solution that made sense... by michael_sleep Communicator in Splunk Search 02-28-2024 0 4	0	4
Need to convert only MB values to GB leaving GB values as it is. Hi All, I have logs like below in splunk:Log1: Tue Feb 25 04:00:20 2024 EST 10G 59M 1% /apps Log2: Tue Feb 25 04:00:2... by Mrig342 Contributor in Splunk Search 02-27-2024 0 4	0	4
Issues with event parsing using prop configuration file Hello,I have some issues with parsing events and a few sample events are given below:{"eventVer":"2.56", "userId":"A0... by SplunkDash Motivator in Splunk Search 02-27-2024 0 1	0	1
Trimming the value of a savedsearch parameter within the savedsearch I have a saved "MySearch" that takes a parameter "INPUT_SessionId", something like this:index=foo\| ... some stuff\| se... by jeffmartin Engager in Splunk Search 02-27-2024 0 1	0	1
How to add space on a text on a single value panel? Hello,How to add space on a text on a single value? Thank you for your helpAdding spaces did not have any affect.... by LearningGuy Motivator in Splunk Search 02-27-2024 0 9	0	9
How to exclude string keyword in same field while using transaction command? Thanks in Advance.In my scenario i want to club the the result using correlationID .so i used transaction command .Be... by karthi2809 Builder in Splunk Search 02-27-2024 0 2	0	2
Sum of the field based on the other field values Hi Team,how to Sum of the field based on the other field values.Row1 field values will be 0-9 and a-z.Sample one give... by Anud Path Finder in Splunk Search 02-27-2024 0 2	0	2
SPL: Longest common substring Hello everyone,I am looking for a SPL-solution to determine how long the longest common substring of two strings is.I... by jroedel Path Finder in Splunk Search 02-27-2024 0 3	0	3
Passing lookup file contents as individual search strings Lookup file `tenants.csv` tenant, tenant1, tenant2, tenant3, tenant4, Desired query index=index1 (tenant1xxx OR tenan... by deepdive100 Loves-to-Learn Everything in Splunk Search 02-26-2024 0 12	0	12
Edit CSV file sent through sendemail command Hi All,I am trying to send email using sendemail command with csv as an attachment . Email is getting sent successful... by Poojitha Communicator in Splunk Search 02-26-2024 0 5	0	5
Splunk Alerts I have a search that gives me the total number of hits to my website and the average number of hits over a 5 day peri... by bgill0123 Loves-to-Learn in Splunk Search 02-26-2024 0 6	0	6
Events return blank results I don't know what happened,pls look the picture and help me! thanks very much by kalilinux0011 New Member in Splunk Search 02-26-2024 0 6	0	6
How to derive percentage of expected and actual count from two searches with different count strategies Hi,I have two separate searches that are working independently (expected count, actual count). I want to combine the... by alexa Engager in Splunk Search 02-26-2024 0 3	0	3
Load balancing Splunk UF hosts that are also rsyslog receivers As the titles suggests, I'm looking into whether it's possible or not to load balance Universal Forwarder hosts that ... by Skeer-Jamf Path Finder in Splunk Search 02-26-2024 0 14	0	14
Retreive list of alerts shared at app level Can I retrieve list of alerts shared in App level, Is it possible? \|rest /services/saved/searches \| search eai:acl.a... by rupasri Observer in Splunk Search 02-26-2024 0 1	0	1
Drill Down and conditional queries In a drilldown, I have 2 possible queries and they look like:qry1=index=fed:xxx_yyyy sourcetype="aaaaa:bbbbb:cccc" so... by emilep Explorer in Splunk Search 02-26-2024 0 3	0	3
How to pass Panels XML dynamically to Splunk XML Dashboard using Javascript? Hi,I would like to have a xml panels code to be passed from Javascript to Splunk XML code dynamically.For instance, b... by ericaooi Explorer in Splunk Search 02-26-2024 0 0	0	0
Filter specific values from a field in main search by values from same field in subsearch In my search I have a field (ResourceId) that contains various cloud resource values. One of these values is Instance... by ea-2023 Path Finder in Splunk Search 02-25-2024 0 5	0	5
Custom Search query:\|tstats count where index=new_index host=new-host source=https://itcsr.welcome.com/logs* by PREFIX(status:) _ti... by Ash1 Communicator in Splunk Search 02-25-2024 0 4	0	4
Splunk query to retrieve logs containing empty query_string Hello teamBelow are my splunk logs:{<!-- -->body_bytes_sent: 0bytes_sent: 0host: nice_hosthttp_content_type: -http_referer: -... by super_edition Path Finder in Splunk Search 02-25-2024 0 1	0	1
Example of connecting snow cmdb ci server to service We are working to link server information to the services in the ServiceNow CMDB. We are looking for example to relat... by twadeus Loves-to-Learn in Splunk Search 02-25-2024 0 1	0	1
Transaction with start & end with the same time in _raw ? I am trying to create a Transaction where my starting and ending 'event' have exactly the same time.In _raw the time ... by sjringo Contributor in Splunk Search 02-24-2024 0 7	0	7
Can you use now() in eval-based macros? Is it possible to use the now() function in an macro? And if so, are there any specific limitations? <p>Example mac... by Lowell Super Champion in Splunk Search 02-23-2024 3 11	3	11
mperva WAF Security Use Cases - SEARCH QUERY Advanced Bot Detected on Imperva WAF Backdoor Detected on Imperva WAF Bot Access Control Detected on Imperva WAF Can... by RANUJAN New Member in Splunk Search 02-23-2024 0 1	0	1
Need to search IP address in a list of IP/CIDR list and if matched need to return the Name associated with it. I have a lookup table with 2 fields IP and NameIP Name['1.2.3.4', '2.3.5.0/24'] -> name1['1.2.3.4',.6.7.8.9/31, 4.5.6... by sahastrabuddhe Engager in Splunk Search 02-23-2024 0 3	0	3