Splunk Search

Ask a Question

Discussions

Thread Info

Splunk ML app not looking at the entire data

Hi, We are evaluating Splunk for our ML use case. We are using "Free splunk" at this point of time for the evaluat...

by New Member in

How to dynamically change number of rows displayed in the table with simple XML using Splunk 6.1.x?

I am using Splunk 6.1.2 and have a panel with a table developed in simple xml. I would like to allow users to be a...

by Revered Legend in

DF details not rolling in servers

We are trying to get df details in our log. these details are rolling in few servers but it is not rolling in few ser...

by New Member in

i want to keep the SSED_BUS-number as it is and i want mask other number and email id

SSED-BUS-0123 the package is failed to accept SSED-BUS-1466 master id 1-fjdfh23 SSED-BUS-13583 master 85793 SSED-BUS-...

by Builder in

pls help with regular expression

i want to keep the pattern of specific word which starts with OS0003/SSED-BUS-0015 as it is and want to mask others n...

by Builder in

the search job terminated unexpectedly

This search take only a few second to come back index=* sourcetype=* (source="/opt/data/-AA_.csv" OR source="/opt/dat...

by Path Finder in

Convert multi-value expression to field names and values

I have a string, "one:isone,two:istwo,three:isthree" The goal is to convert these to fields and values...

by Path Finder in

Rex extraction

I have a field called "user", i'm trying to extract the username from the string and create a new field called extrac...

by New Member in

Run Alert Every Few Hours Between Specific Hours/Days

I have some events that only happen every few hours between the hours of 8AM and 6PM, M-F. So, I want to set up a los...

by Path Finder in

Changing of management port still pointing to DS & receiving the logs.

My question might be weird. I change the management port on one of endpoint(universal forwarder)from multiple forwar...

by Path Finder in

Why Doesn't Coalesce work in an If/Case Statement?

I am trying to write a search that if the field= Email then perform a coalese, but if the field isn't Email- just put...

by Path Finder in

How do you include a literal double quote character in a Splunk Regex

I'm using the _rex command and I want to create a regular expression that contains a literal double quote character. ...

by Path Finder in

Sort and Sum...a more elegant way?

New to dbs and Splunk. Querying against a CSV file of buy events. Want to return top 10 Users by purchase totals....

by New Member in

How do I edit my rex mode=sed syntax to replace part of my sample URIs with static text?

Hi, I have URIs like this: /appliance/detail/v3.0/vendor/3423434erts/fridge /appliance/detail/v3.0/vendor/6757d...

by Contributor in

Combine Dynamic Fields Starting with same value

So I have multiple fields whose field names could end with a different values. Examples of these fields are below: fo...

by New Member in

How to split and retrieve a value ?

I think we may need regex for this and I am not good at it. I need to be able to extract the last part i.e. (TMNT-175...

by Contributor in

SPLUNK Search if word form file appears in logs

Hi I have the following issue. I'm using SPLUNK for real-time monitoring of chat bot. I have as well file with ba...

by Path Finder in

AddColTotal value in a new column

I use addcoltotal for one of my columns . But my result has a lot of rows, so I have to browse a lot of pages to find...

by Contributor in

How to extract the fields for the Multiline- Each line has different Formats

I'm having problem with a multi-line field extraction which I have been struggling to figure out. Below the log fi...

by New Member in

How to count the number of eventts starting at 9 am each day?

Hi Guys, I have the below query using that is using the shared timepicker: today, which is counting the events fro...

by Communicator in

Check values exist within two columns

I tried to apply this logic as I want to check if the values from con_splunkUL exists within con_UL, but for me it se...

by Communicator in

Splunk dashboard base search gives result which is different from that of an identical non-base search

I am using Splunk Enterprise 6.6.2, and today I noticed an alarming problem. In order for me to troubleshoot the p...

by Communicator in

How to search comunication between a inputlookup with some ip's and traffic of an index ?

Hi, I have a doubt about an inputlookup, i have a inputlookup with some ip's and i want to know how can see comunicat...

by Explorer in

regex help

I'm trying to configure a field extraction but am getting some strange incisions in the output. I'm running the below...

by New Member in

Basic math operation applied to stats

Hi all, Student, new to Splunk and dbs. I need some help performing basic math operation against stats results....

by New Member in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Splunk ML app not looking at the entire data

How to dynamically change number of rows displayed in the table with simple XML using Splunk 6.1.x?

DF details not rolling in servers

i want to keep the SSED_BUS-number as it is and i want mask other number and email id

pls help with regular expression

the search job terminated unexpectedly

Convert multi-value expression to field names and values

Rex extraction

Run Alert Every Few Hours Between Specific Hours/Days

Changing of management port still pointing to DS & receiving the logs.

Why Doesn't Coalesce work in an If/Case Statement?

How do you include a literal double quote character in a Splunk Regex

Sort and Sum...a more elegant way?

How do I edit my rex mode=sed syntax to replace part of my sample URIs with static text?

Combine Dynamic Fields Starting with same value

How to split and retrieve a value ?

SPLUNK Search if word form file appears in logs

AddColTotal value in a new column

How to extract the fields for the Multiline- Each line has different Formats

How to count the number of eventts starting at 9 am each day?

Check values exist within two columns

Splunk dashboard base search gives result which is different from that of an identical non-base search

How to search comunication between a inputlookup with some ip's and traffic of an index ?

regex help

Basic math operation applied to stats

Tech Talk Recap | Mastering Threat Hunting

Observability for AI Applications: Troubleshooting Latency

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

In Splunk studio, is it possible to populate a tex...

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

Splunk Search

Are you a member of the Splunk Community?

Discussions