Splunk Search

Discussions

Thread Info

How to Build an If Statement based on if a field contains a string

For every record where the field Test contains the word "Please" - I want to replace the string with "This is a test"...

by Path Finder in

Hi Experts,Could you please give me the script which will work to send the SNMP traps to other systems with alert name , hostname and some other fiedls.

Hi Experts, Could you please give me the script which will work to send the SNMP traps to other systems with alert...

by New Member in

Search log file based on timestamp from other file

Hi We have 2 files First File has only start time and end time of the test. STARTTIME ENDTIME 2018-01-04-1...

by New Member in

How to count events from a same file with having two different raw text ?

Hi Splunker, I have to count success and failure count from the same index and sourcetype on the basis of raw text...

by Explorer in

remove duplicate or similar event in a trasaction command from the search

Hello Everybody, I want to remove similar event which are in a transaction command. In my case, I want to merg...

by Path Finder in

continuously DB query with overcome short date format

Hello, im trying querying HIVE table via 'rising' mode. query must contain certain timestamp_1 column (otherwise no r...

by Explorer in

How to upload multiple files in Splunk? Is it possible to upload multiple files like 100 1MB files in Splunk at the same time?

How to upload multiple files in the Splunk?

by New Member in

Why is using base searches causing major performance issues on my dashboard?

Working on making dashboards to help report on activity. To make the dashboards as performant as possible, I'm usi...

by Explorer in

Can we use Start/End times from a query to get duration to use it in another search query to get an average of a field in that duration ?

I am able to get the Start/End times of a load test execution from a search query (by getting End time from Timestamp...

by New Member in

Dashboard to display varied graph types on a single timeline with tool tip pointer

I have multiple logs from a single application that has different index, source type and log types. And i am trying t...

by Explorer in

Lookup: Replace / Create new field

Hi. For example: When I run search and see field Sub_Status - 0xC0000064 I wanna new field that will explain what the...

by Builder in

How do I create a capture group that continues until it matches two exact characters in a row

Hey everyone, This question probably shows my lack of understanding with regex, but this is giving me a headache ...

by Communicator in

How can I extract a field from a JSON strcuture and combine it in a search with other fields from different JSON structures??

Hi SPL guru's! im struggling with how to 1 pluck one field's value from one JSON structure and [2] combine in the...

by Path Finder in

Join two search queries - two indices.

Hi we try to join the information of two indices. INDEX_A contains the GC-Logfiles for a specific environment. To ...

by Explorer in

Can splunk identify bank details being changed on a legacy trading system?

Can Splunk identify a pattern in which fraud is occurring, for example, emails asking to change bank accounts, emails...

by New Member in

Determine daily change rate for ESXi Hosts

Hello, we need to determine the Daily Change rate for logs on our ESXi Hosts (deployment sizing). Can anyone offer...

by New Member in

Not able to get response queries with special characters in If statement

Hi, I am trying to get response time between events using below query but for some reason i am not being returned...

by New Member in

AND OR not working correctly

I am getting the below error when trying to form an AND & OR in my query. Error in 'eval' command: The expression...

by Communicator in

Eval and stats not bring friendly

index=ios host=1.1.0.2 src_ip="1.2.2.1" "NBRCHANGE" | head 1 | eval status = if(like(_raw, "%down%"), 1 , 0) | sta...

by New Member in

Count occurrences of all values of a field for another field

Hello all, I am trying to count all the occurrences of keywords that show up in logs. Here is an example: Here is ...

by Path Finder in

How does one search for a CIDR range of addresses?

If I want to search for a range of addresses, say anything in 10.0.1.0/24 from anywhere in the log, how do you do tha...

by Observer in

Data stored using the collect command takes a long time to become searchable.

Hi, I am using a DBXquery and then collecting the returned data into an index. I am doing this on a search head which...

by Engager in

EVAL causes a field to be blank

I need the field "Location" added to my search as seen in the screenshot attached. However, in this query below the L...

by Communicator in

Watt to kWh

Hi all, I monitor my electricity consumption using a device which takes the current Watt consumption every minute ...

by New Member in

Regex for multline events

Hi , The Logstash client on the application box is configured to identify multiline events and send each event as ...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

How to Build an If Statement based on if a field contains a string

Hi Experts,Could you please give me the script which will work to send the SNMP traps to other systems with alert name , hostname and some other fiedls.

Search log file based on timestamp from other file

How to count events from a same file with having two different raw text ?

remove duplicate or similar event in a trasaction command from the search

continuously DB query with overcome short date format

How to upload multiple files in Splunk? Is it possible to upload multiple files like 100 1MB files in Splunk at the same time?

Why is using base searches causing major performance issues on my dashboard?

Can we use Start/End times from a query to get duration to use it in another search query to get an average of a field in that duration ?

Dashboard to display varied graph types on a single timeline with tool tip pointer

Lookup: Replace / Create new field

How do I create a capture group that continues until it matches two exact characters in a row

How can I extract a field from a JSON strcuture and combine it in a search with other fields from different JSON structures??

Join two search queries - two indices.

Can splunk identify bank details being changed on a legacy trading system?

Determine daily change rate for ESXi Hosts

Not able to get response queries with special characters in If statement

AND OR not working correctly

Eval and stats not bring friendly

Count occurrences of all values of a field for another field

How does one search for a CIDR range of addresses?

Data stored using the collect command takes a long time to become searchable.

EVAL causes a field to be blank

Watt to kWh

Regex for multline events

Observability Unlocked: Kubernetes Monitoring with Splunk Observability Cloud

Update Your SOAR Apps for Python 3.13: What Community Developers Need to Know

October Community Champions: A Shoutout to Our Contributors!

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions