coalesce Function in Splunk

Posted on December 30, 2024

The Splunk coalesce function returns the first non-null value among its arguments. It’s useful for normalizing data from different sources with varying field names.

For example, to unify multiple source IP fields into a single src_ip field:

| eval src_ip = coalesce(src_ip, sourceip, source_ip, sip, ip)

The post coalesce Function in Splunk appeared first on SOC Prime.

CVE-2025-5419 Vulnerability: New Google Chrome Zero-Day Actively Exploited in the Wild

Threats

Hot on the heels of the critical SAP NetWeaver CVE-2025-31324…

rooter
June 6, 2025
3 min read
0

Detect WikiLoader Attacks: Adversaries Leverage Fake GlobalProtect VPN Software to Deliver a New Malware Variant via SEO Poisoning

Threats

The latest stats highlight that in 2023, adversaries deployed an…

rooter
September 4, 2024
4 min read
0

CVE-2024-24919 Detection: Zero-Day Vulnerability Actively Exploited for In-the-Wild Attacks Against Check Point’s VPN Gateway Products

Threats

There is a growing interest among hacking collectives in exploiting…

rooter
May 31, 2024
4 min read
0

Remote Utilities Exploitation: New Phishing Campaign by the UAC-0096 Group Targeting Ukrainian Organizations

Threats

Hot on the heels of the massive email distribution in…

rooter
February 20, 2023
4 min read
0

Related Posts

CVE-2025-5419 Vulnerability: New Google Chrome Zero-Day Actively Exploited in the Wild

Detect WikiLoader Attacks: Adversaries Leverage Fake GlobalProtect VPN Software to Deliver a New Malware Variant via SEO Poisoning

CVE-2024-24919 Detection: Zero-Day Vulnerability Actively Exploited for In-the-Wild Attacks Against Check Point’s VPN Gateway Products

Remote Utilities Exploitation: New Phishing Campaign by the UAC-0096 Group Targeting Ukrainian Organizations