Splunk Search

Community Activity

How to change font size of texts inside table using dashboard xml source Hi, I have a splunk dashboard with different panels i.e. pie chart, table etc. I need to increase the font size of te... by ggangwar Path Finder in Splunk Search 02-22-2024 2 10	2	10
change the color of a column based on other column Hi i have stats table with following by deepthi5 Path Finder in Splunk Search 02-22-2024 0 1	0	1
How to filter search results from query Hi, I am looking to grab all windows events of successful NTLM logins without using Kerberos. Here is my query so far... by kodyrubida Engager in Splunk Search 02-22-2024 0 1	0	1
how to get the event time and _time difference in alert triggering time delay how to show the how long alert took triggered from the time the event occurred. To calculate the "diff" in times, to ... by harishsplunk7 Explorer in Splunk Search 02-22-2024 0 6	0	6
How to use timechart span=30m to start with the exact time Hi,My requirement is to find 30 mins result using timechart span=30m from the start time that I have mentioned.Start ... by anil1219 Engager in Splunk Search 02-22-2024 0 2	0	2
how group a field values with the maxevents of 4, without using transaction command Hi everyone,i need an alternative for the transaction command, bcoz its taking to much time to load the dashboard,thi... by vinod743374 Communicator in Splunk Search 02-22-2024 0 1	0	1
"Sort 0 desc" vs "sort 0 -" for data over 10,000 Hello,I don't know how to simulate this using makeresults, but I have data over 10,000 (let say 50,000)If I sort desc... by LearningGuy Motivator in Splunk Search 02-21-2024 0 1	0	1
compare two result HiI have a query that need to compare count of PF field for two log file:on splunk I have two query that create this ... by indeed_2000 Motivator in Splunk Search 02-21-2024 0 4	0	4
how to keep sender name with space in search result I am using Splunk Enterprise Version: 9.1.0.1.my search query is :index="webmethods_prd" source="/apps/webmethods/int... by avikc100 Path Finder in Splunk Search 02-21-2024 0 5	0	5
Search event Can an event be searched using the transaction without any index or source values?Yes or Nobreif answer on selection by Tron-spectron47 Loves-to-Learn in Splunk Search 02-21-2024 0 3	0	3
Rex not stopping capture after match I'm not sure why rex is properly matching the beginning of the value I am looking for (NameofTeam), but it also match... by ea-2023 Path Finder in Splunk Search 02-21-2024 0 4	0	4
How can I count events by location with a list of SERVERNAME's? Our splunk implementation has SERVERNAME as a preset field, and there are servers in different locations, but there i... by GEB Explorer in Splunk Search 02-21-2024 0 4	0	4
Search to check if request duration search has recovered index=my_index source="/var/log/nginx/access.log" \| stats avg(request_time) as Average_Request_Time \| where Average... by guywood13 Path Finder in Splunk Search 02-21-2024 0 7	0	7
case-sensitive on subsearch hiI have this situationindex="idx" [\| inputlookup name.csv \| table id name ]idx=idname1a2aaa1A2aaa12abbb lookupidname... by simo Path Finder in Splunk Search 02-21-2024 0 1	0	1
Regex Help to extract fields Can some one please help with the regex that can be used to view the below event in tabular format.EventINFO > 2024-0... by Harikiranjammul Explorer in Splunk Search 02-21-2024 0 1	0	1
Splint date/time filed in multiple fields for calculations Hi.I have a single filed for date and time of event - 2024-02-19T11:16:58.930104ZI would like to have to fields Date ... by bigll Path Finder in Splunk Search 02-21-2024 0 3	0	3
How to populate a single column with dynamic field values? HelloI have a working dashboard where I have various fields that can be defined (field1 and field2 in the example), a... by ea-2023 Path Finder in Splunk Search 02-20-2024 0 11	0	11
How to manage multiple regex using same field name We have application data coming from Apache Tomcat's and have a regex in place to extract exception name. But there a... by att35 Builder in Splunk Search 02-20-2024 0 3	0	3
query returned field passed to another query I need help to write a search query where the result from the one query is passed onto the second query1 we import th... by atul9771 Engager in Splunk Search 02-20-2024 0 2	0	2
How to calculate time difference b/w multiple events and sum for a field I have requirement to calculate total time a user has been connected to system, for that I have logs as below which s... by ramnaresh2051 Engager in Splunk Search 02-20-2024 0 3	0	3
Searching for "-" in IIS logs? In Microsoft IIS logs, when a field is empty, a dash ( - ) is used instead of leaving the value blank. Presumably th... by DaClyde Contributor in Splunk Search 02-20-2024 0 4	0	4
How to retain fields from base search to use after a map command? We have a search where one of the fields from base search is passed onto a REST API using map command. <Base Search>... by att35 Builder in Splunk Search 02-20-2024 0 2	0	2
Extract a part of field Hi all,I'm trying to extract a part of a field. The field named Computer and is like MySrv.MyDomain.MySubDom1.comMySu... by Olivier2024 Explorer in Splunk Search 02-20-2024 0 4	0	4
map search question I'm using a modified search from splunksearches.com to get the events from the past two days and returning the differ... by ITSplunk117 Path Finder in Splunk Search 02-20-2024 0 2	0	2
Extracting a composite variable and comparing it with the rows of an index. "I have an issue with creating a field named 'Path' which should be populated with 'YES' or 'NO' based on the followi... by omcollia Engager in Splunk Search 02-20-2024 0 3	0	3