Hello, I have a problem with a custom app in Splunk. I've written a simple app that uses the Python requests-library to query the Microsoft Graph API. It works perfectly for most queries, but when I...
Hi All, Can any one guide me on how to check whether any log sources that are logging with future time stamps. I am not sure how to identify those log source which are having a future time stamps. ...
...nstance, below is the query used to search for the 'string' with any IP Address thrown in between the single quotes at the end. I do not have issues returning the search. The issue is i want to use the f...
How to modify the below query to exclude private ip address range from source IPs (src_ip) ?
index=cisco eventtype=cisco-firewall host="*" action="blocked" src_ip="*" dest_ip="*" src_port="*" d...
Dear Experts.. Looking for help with a Splunk Query... I was working on a Splunk Query to identify the Frames connection to the HMC.. Im able to find the HMC's the frame is connected.. If a frame i...
Kindly provide a better way to write the query in the below example.
Also, one more thing I need help with is the hit count on destination port.
index="cisco_asa_index" sourcetype="c...
How can I do an if token=something then run this query for the panel and else to run another query for that same panel?
So I have the following query:
query 1:
index="monthlycdr" $r...
...s there anybody can help please?
My query below:
| tstats count values(All_Traffic.app) AS app values(All_Traffic.dvc) AS devicename values(All_Traffic.src_zone) AS src_zone values(A...