Splunk Search

Discussions

Thread Info

extract text between two slashes from the end

hi I am trying to extract the email id from the text eg: PUT /api/users/usernames/eejuy.alves92%40gmail.com/ PUT /api...

by Path Finder in

How to convert String values into factor variable?

I have string fields; an example is "URL". I want it to convert it to numeric / factor variable to perform statist...

by Contributor in

timechart return 0 if no results found

Hi . I have a sourcetype = Queue and i'm sending the number of messages waiting in the queue . index=monitoring ...

by Explorer in

What is causing the Rex Raw c-ip syntax error?

Hi, I'm getting error at search time: Error in 'rex' command: Encountered the following error while compiling the...

by Contributor in

How does Splunk log keyword pair extraction overwrites field value unintentionally?

I have a log of the form <timestamp> field1 field2 field3 field4 urlfield .... For example: <timestamp> ...

by SplunkTrust in

Problem in time query

Hello everyone, i have this search that uses time range picker and my specific time range is 01/07/2018 to 01/13/2...

by Engager in

how to assemble 2 distinct splunk searches into one?

hello everyone, I just want to merge the 2 splunk searches. In the first query, i have all information about mo...

by Path Finder in

How can we get the Public IP details with Splunk Cloud?

Hello, We are in the process of integrating Splunk with Netcool event management tool.Here we are trying to POST t...

by New Member in

Why some of the field values are missing after stats and chart command?

Hi Guys, When I run the below query, it only returns the eventHour up to 14 (2pm) when there are events up to even...

by Communicator in

how to make lookup fields as static and the results as dynamic from the search query

Hi I am having some of the fields in my lookup file (csv file). And I want list down the lookup fields along with the...

by Contributor in

How to calculate processing rate of metrics within specified time range?

Here's an example snippet of the logs I'm working with: 2018-04-17 18:26:02 app=test-app, env=qa, total_msg=0 2018...

by Explorer in

How to not automatically invoke the spath command in raw data?

Hi, We are using JSON data and the field extractions are done already. So we no need to use the spath command. But...

by Builder in

Field data from fieldname in variable

Any way of achieving this: | makeresults | eval Column1="MyData" | eval TestField="Column1" | eval Result{TestFie...

by Path Finder in

Comparison of Field values

I have a JSON which has something like this "Current Free Space","value":"240 KB", i am parsing out the field name wh...

by Contributor in

How to remove overlapping address ranges from a field of address ranges?

I have a field of address ranges where i want to dedup any that overlap. For example: 10.10.20.0/23 10.10.20.160/27 1...

by New Member in

How to send email to different groups based on the criteria?

I would like to send emails to different groups based on number of events returned for a search. Query: index=...

by Path Finder in

How to use results of one data set to identify outliers of another data set?

Hi, I have the average and standard deviation of a particular data set and I want to build a confidence interval f...

by Explorer in

Adapting a search to use timechart

Hello: I have the following search: index=M sourcetype="n" name="M*" |dedup host-ip, plugin_name, plugin_family, ...

by New Member in

Why am I having a problem in tokens when using customviz app from splunkbase?

Hi, I tried to use bubble chart from custom viz app that i downloaded on splunk base. The code works if i specify the...

by Explorer in

Why doesn't the submit button run unless I manually input text?

Hi guys, I've been having this problem for a while now. I have a script that generates a hash for a file based on the...

by Explorer in

Eval field based on multiple fields?

I have three fields A, B, C. I want to evaluate a field D that has the value of C that corresponds with the min value...

by Communicator in

how to calculate percent of size

hello thanks for all your help how can I calculate the percent of size base on the data size＜1024 2048＜size ＞1...

by New Member in

How to extract values from within a field?

I have events of the following format: { [-] log: 2018-04-16 11:33:09 INFO Report:46 - Number...

by New Member in

Sales of each weekday by week number for month of December

hi i need the December month sales by week number , given below i am sharing my index name and other fileds name also...

by New Member in

How to display time in string format?

Hi, I have a simple search that brings up the total count of logons in a day but I want the time part to say April,16...

by Contributor in

Get Updates on the Splunk Community!

Splunk Search

Discussions

extract text between two slashes from the end

How to convert String values into factor variable?

timechart return 0 if no results found

What is causing the Rex Raw c-ip syntax error?

How does Splunk log keyword pair extraction overwrites field value unintentionally?

Problem in time query

how to assemble 2 distinct splunk searches into one?

How can we get the Public IP details with Splunk Cloud?

Why some of the field values are missing after stats and chart command?

how to make lookup fields as static and the results as dynamic from the search query

How to calculate processing rate of metrics within specified time range?

How to not automatically invoke the spath command in raw data?

Field data from fieldname in variable

Comparison of Field values

How to remove overlapping address ranges from a field of address ranges?

How to send email to different groups based on the criteria?

How to use results of one data set to identify outliers of another data set?

Adapting a search to use timechart

Why am I having a problem in tokens when using customviz app from splunkbase?

Why doesn't the submit button run unless I manually input text?

Eval field based on multiple fields?

how to calculate percent of size

How to extract values from within a field?

Sales of each weekday by week number for month of December

How to display time in string format?

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions