Splunk Search

Community Activity

Java SDK send data directly to Splunk (web) Hi, I'm attempting to implement a direct connection to Splunk in my Java application so I can send data straight to S... by tomspring5000 New Member in Splunk Search 08-08-2018 0 0	0	0
How to query and extract value fra Json array Having the json data/array below, how do I create a new (single value) field with only the TargetVersion that has IsP... by thoj New Member in Splunk Search 08-08-2018 0 1	0	1
I have two field values(a,b) in one field name(c). How can i show those two values(a,b) as two fields on Sankey visualization in a sequential way in two different nodes(one after another node) I have two field values a, b, those are encapsulated in one field name called "c". I would like to show those two val... by saicool Engager in Splunk Search 08-07-2018 0 0	0	0
Need help in create a search to detect malicious activity from a terminated employee employee was terminated and we would like to fire an event when we see the user log on to any systems. by Ghanayem1974 Path Finder in Splunk Search 08-07-2018 0 2	0	2
How to filter out the account name ending with "$"? I have data looks like below AccountName account1-abc$ account2-abc$ account3-xyz$ account4 I ... by samlinsongguo Communicator in Splunk Search 08-07-2018 0 2	0	2
Hello, We are trying to ingest TIBCO logs in to the splunk. Here is the environment type. One appliction server where the TIBCO application is hosted and the application server... by splunkaspirant New Member in Splunk Search 08-07-2018 0 0	0	0
Removing empty bins in timechart Hello, I am unable to eliminate empty buckets using the timechart command since moving to Splunk 7.0. For example i... by dtow1 Path Finder in Splunk Search 08-07-2018 0 11	0	11
Extract all the URl's present in the log into a field and count number of times each url is called . I have couple of URL 's present in the logs . so I wanted to extract them all into a field ,but when I extract them I... by navd New Member in Splunk Search 08-07-2018 0 1	0	1
How to edit my search to join two indexes and two sourcetypes together and include data from one sourcetype into another? Hello Splunkers! I'm scratching my head trying to find out how to join two different indexes and two different sourc... by ebaums5467 Engager in Splunk Search 08-07-2018 0 3	0	3
Add/change comments and descriptions into objects' fields in an existing data model How do you add comments and descriptions into objects' fields in an existing data model WITHOUT manually edit the da... by ntttmttoro New Member in Splunk Search 08-07-2018 0 0	0	0
How to extract multiple key value pairs from the logs We have a requirement where we need to extract the multiple key value pairs from the log files Ex: places= multipl... by knr26 New Member in Splunk Search 08-07-2018 0 10	0	10
How to use ldap search to get computers from multiple groups? I would like to use an LDAP search to find computers located in multiple groups. I tried something like this, but I c... by chadman Path Finder in Splunk Search 08-07-2018 0 7	0	7
How to get a dc on 2 fields? I have two fields, "sender" and "recipient". I want to create a table that lists distinct sender-recipient pairs and ... by mgao Engager in Splunk Search 08-07-2018 0 2	0	2
Why would a time filter working in search but not in the dashboard? I built a dashboard and am trying to include a time filter on Purchase Date and not the default _time field. At first... by cromm Explorer in Splunk Search 08-07-2018 0 4	0	4
How to map index in active directory to splunk instance? Hello guys I have an index, stored in active directory. Is there a possibility to make my splunk instance extract da... by denys_k Explorer in Splunk Search 08-07-2018 0 2	0	2
How to create a rex for search? I have the below log line: Slow GraphQL query [8447ms] How can I grab only the value "8447"? by super_virus New Member in Splunk Search 08-06-2018 0 2	0	2
Search from web UI not working We are in a process of setting up new splunk env on CentOS 7. As part of it we have configured 1 search head and 1 in... by aksharp Explorer in Splunk Search 08-06-2018 0 3	0	3
How to extract one field from the data listed? How would I go about performing a field extraction when the data is structured as follows: ->Message.[some random nu... by chrisschum Path Finder in Splunk Search 08-06-2018 0 5	0	5
In PDF generation why are the bar columns too small? When I generate a pdf of a dashboard, the columns on the chart are too narrow. The values that are shown on each bar ... by rajindurbal Path Finder in Splunk Search 08-06-2018 1 3	1	3
Specify More Than One Host? Hey everyone! I have a pretty simple question. Below is a sample search string: index=os sourcetype=df mount="/etc" ... by eboniebutler New Member in Splunk Search 08-06-2018 0 3	0	3
How to get stats based on multiple values for a single source? I have 3 sources source1, source2, source3 and 5 sourcetypes sourcetype1, sourcetype2, sourcetype3, sourcetype4, sour... by Nidheesh Explorer in Splunk Search 08-06-2018 0 6	0	6
Why is [REGEX] Transforms.conf not able to apply a global flag? Hi Splunkies, I have configured a transforms.conf below: [ABCD] REGEX = (?m)^(.)("ABCD":")(\w+(\w{4}["].)) FORMAT... by qinghaogoh New Member in Splunk Search 08-06-2018 0 1	0	1
How to display field values in a dropdown? I have a field extracted called "IP" , I want to display the values of IP in a dropdown . But I want to do it based ... by navd New Member in Splunk Search 08-06-2018 0 7	0	7
How to read middle events from the event list? I am having n number of events but want to read 3 and 4th record. Eg: 2018-02-09 ABCD 1234 5678 2018-02-09 EFGH 133... by Rajkumarkbm Engager in Splunk Search 08-06-2018 0 6	0	6
Calculating utilization of nodes connected in Tree network topology I have been busting my brain on this for a few weeks with no clear solution, turning to the brainiacs in the Splunk c... by adlireza Path Finder in Splunk Search 08-06-2018 0 4	0	4