Query Library
New postPost queries you find useful or lookup examples to help get you started with searching your data.
Show no status
Sort by recent activity
-
Metrics Operators Cheat Sheet Pinned4 votes 1 comment
-
New Log Operators Cheat Sheet Pinned2 votes 0 comments
-
Convert splunk query to Sumo logic0 votes 0 comments
-
Parsing based on condition0 votes 0 comments
-
best practices for search0 votes 1 comment
-
after applying count by _timeslice, can I apply pct on _count?0 votes 1 comment
-
Querying using if statement0 votes 2 comments
-
How do I write a query to list all the keys in a json log?1 vote 15 comments
-
how to timeslice by a parsed timestamp field0 votes 2 comments
-
Return +/- 2 minutes logs around an error found within a collection.0 votes 1 comment
-
Aggregating nested JSON object0 votes 0 comments
-
Search the string after base64decoding0 votes 1 comment
-
Conditional Operator0 votes 2 comments
-
ASN lookup0 votes 1 comment
-
Reconcile ID's present in one source category but absent in another0 votes 2 comments
-
LAB-4 Conditional Operator unable to find results1 vote 0 comments
-
JSON: Filter on nested property0 votes 1 comment
-
I need to see the location of the ip for each log0 votes 1 comment
-
Regex - Multi0 votes 3 comments
-
Time frame0 votes 4 comments
-
AD query for user creation and deletion in short period of time0 votes 3 comments
-
Security-Related Queries for Windows2 votes 3 comments
-
Parse Same Field Multiple Times0 votes 2 comments
-
Sourcehost Renaming0 votes 0 comments
-
Sorting0 votes 2 comments
-
Searches for "After-Hours" Activity0 votes 2 comments
-
Regex - Multi0 votes 1 comment