Splunk Search

Community Activity

How to pass data from a report to another report? Hello,How to pass data/token from a report to another report? Thank you for your helpI am trying to run a weekly re... by LearningGuy Motivator in Splunk Search 01-27-2024 0 3	0	3
Need Help with REGEX for this raw data We need to extract the value behind "<Computer>" I have underlined it to make it easier. It would also be beneficial... by zach-keener Explorer in Splunk Search 01-26-2024 0 2	0	2
tstats and inputlookup My current search is - \| tstats count AS event_count WHERE index=* BY host, _time span=1h\| append [ \| inputlookup Do... by jeradb Explorer in Splunk Search 01-26-2024 0 1	0	1
How do I create column chart using two fields and keep more fields in the statistical table? Hello,How do I create bar chart using two fields and keep all fields in the statistical table?The column chart automa... by LearningGuy Motivator in Splunk Search 01-26-2024 0 8	0	8
Password storage during setup of an app Hi all,Very new to Splunk so apologies if this is a very basic question. I've looked around and haven't found a concl... by nlloyd Engager in Splunk Search 01-26-2024 0 2	0	2
voulme data comparison Hi, I have below SPL, which return todays count vs yesterday count and difference between them. I want to see, if i r... by selvam_sekar Path Finder in Splunk Search 01-26-2024 0 3	0	3
How to correlate index with dbxquery with condition or interation? How to correlate index with dbxquery with condition or interation?See the sample below. Thank you for your help.ind... by LearningGuy Motivator in Splunk Search 01-25-2024 0 2	0	2
How to filter values returned from an array field? I have events with an array field named "tags". The tags array has 2 fields for each array object named "name" and "... by splguy Engager in Splunk Search 01-25-2024 0 2	0	2
Splunk Query not working as expected HiUsing following query:`mbp_ocp4` kubernetes.container.name =service level=NG_SERVICE_PERFORMANCE SERVICE!=DPTDRet... by Sunny Observer in Splunk Search 01-25-2024 0 3	0	3
Finding hostname where one result is present but not some other results over time Hey everyone, I'm stumped trying to put together a query to find specific hosts that return some value but not some o... by armaddon Loves-to-Learn in Splunk Search 01-25-2024 0 1	0	1
Radial Gauge valu/max from stats query I have a query that returns 2 values. . . \| stats max(gb) as GB by metric_namemetric_nameGBstorage_current99storage_l... by astockmeister_s Explorer in Splunk Search 01-25-2024 0 1	0	1
Fetching out ISP , domain info for an IP address Hi All, We are a Splunk Cloud customer having ES. Is there a way to fetch the ISP, domain info for an IP address ... by neerajs_81 Builder in Splunk Search 01-25-2024 0 1	0	1
Creating a SPL using tstats for Multiple Failed Logins Followed by Success? Hello Splunk Community, I'm currently working on creating a search using the tstats command to identify user behavior... by randqm Loves-to-Learn Everything in Splunk Search 01-25-2024 0 2	0	2
Field Extraction did not work Oct 30 06:55:08 Server1 request-default Cert x.x.x.x - John bank_user Viewer_PIP_PIP_env vu01 Appl Test [30/Oct/2023:... by gnshah12345 Observer in Splunk Search 01-25-2024 0 2	0	2
How to use the REST API to just run a search and stream the results back? Hi, I have a question about using the REST API to run a search. The doc seems to indicate that you need to follow 3... by a212830 Champion in Splunk Search 01-24-2024 5 15	5	15
how to see the data in table command which is showing empty cells i see the splunk query index="sample" "log_processed.env"=prod "log_processed.app"=sample "log_processed.traceId"=90c... by venugoski Explorer in Splunk Search 01-24-2024 0 3	0	3
trying to compare two sources and extract these ones that do not have SysMon Hello Community,I have a challenge finding and isolating the unique hosts out of two sources (DHCL and SysMon in my c... by DanAlexander Communicator in Splunk Search 01-24-2024 0 15	0	15
chart count for comparison Hi,I have the below SPL and I am not able to get the expected results. Please could you help?if i use stats count by ... by selvam_sekar Path Finder in Splunk Search 01-24-2024 0 3	0	3
Impossible number of occurrences being returned Given the sample event below representing a user sign-in, I am trying to create a table that shows each combination o... by Ara Engager in Splunk Search 01-23-2024 0 3	0	3
Rex multiline extraction only grabbing every other occurrence Hoping this is something simple with lookahead/lookback that I'm missing... trying to extract multi-line fields from ... by rmercy Explorer in Splunk Search 01-23-2024 0 4	0	4
Eval or Lookup bug I have a splunk search that is returning the wrong results from a kvstore if the secondUID field is set to itself bef... by Derson Explorer in Splunk Search 01-23-2024 0 7	0	7
Display a single value from multyple value filed in the table. I have filed "Labels" with multiple value in the single filed.I need to see only OS value red hat(linux) or windows 2... by bigll Path Finder in Splunk Search 01-23-2024 0 1	0	1
Need help in extraction of data from distributed and async logging application Hi All,I am almost a starter in Splunk but my org uses this tool as a log management utility.I need help in getting a... by Anurag101 New Member in Splunk Search 01-23-2024 0 2	0	2
Listing sources not having a match Hello,I've a simple requirement but new to Splunk so facing some challenges and hoping for some luck!My application w... by nnkreddy Explorer in Splunk Search 01-23-2024 0 2	0	2
timechart comparison for 15 mints current working day vs previous working day Hi, I have the below SPL and I would like to get the comparison for 15 mints time span i.e if we run today at 5 am t... by selvam_sekar Path Finder in Splunk Search 01-23-2024 0 2	0	2