Splunk Search

Discussions

Thread Info

How to Check Remote Server's Date and Time Settings (Windows)

I was wondering if there was a way to search for the Date and Time settings on a remote server? I can't seem to find ...

by New Member in

How can I combine these two searches of the count of field A and the count of field B?

Hi, I have these two queries This one gets the number of camera sessions index=wholesale_app buildTarget=bla...

by Motivator in

Regular expression - need to extract a field

I am trying to do named extraction for the field sample for each event but failing for some reason. Please help! here...

by Communicator in

How to count the number of occurrences of a word in an event?

Hello Guys, I have a log as the following and i need to count the number of occurrence of TagID word in such event...

by Builder in

Why don't my dynamic titles for month names work?

I have tried to pass a token into a panel title from a search that creates month names for last month and the month b...

by New Member in

need to display zero if count is zero for data that is searched dynamically from a lookupfile

i am matching strings from the lookup file(only has one column with my_field) and then checking occurrence count of e...

by Contributor in

How to re-index a file everyday, even when the file is not updated?

Hey All, We have a file which has the version number of an application in the below format : version = 4.0 The...

by Contributor in

How to parse a field value that is delimited by "/"

I have a field for a CVSS vector, and I want to parse it so I can compare each section to a lookup and put it in laym...

by Path Finder in

Saved Search runs after Uninstallation of App

I installed an App from Splunkbase for Testing purposes. The app came with Custom Searches which i had scheduled a...

by Builder in

foreach with subsearch

i search in splunk , seem that foreach cannot pass the '>FIELD<' into Subsearch , i search that have to use map comma...

by New Member in

To display actual logs time by using Timechart command

Hi Everyone I am trying to create a timechart report and I want to display the Output of the Log event time field ...

by Explorer in

Group events by a field and fetch those ones where a second field does not match a given value

I have these events with CID which normally come as a pair of TranType Request and Response. 2017-12-04 09:45:01 CID=...

by Engager in

Automating 20 diffrent searches on a single .csv log file , and getting textual feedback from this searches added to report.

I have 20 searches to be performed on a single .csv log file . Every search results a different feedback like "missin...

by New Member in

Splunk has built-in mbtiles server. Can this be used for mbtiles that we create ourselves?

I noticed that our splunk installs have a $SPLUNK_HOME/share/splunk/mbtiles/splunk-tiles.mbtiles file. This makes ...

by Contributor in

How to format dynamic columns output after transpose?

Hi All, We use transpose to display our result like below sample; item 2017/11/01 2017/11/02 2017.... a 10000.01 2000...

by Explorer in

foreach with Error in 'eval' command

by New Member in

How do I escape the ' in Splunk search while running from command line?

Here is my query... curl -ku "user:password" https://myserver.com:8089/services/search/jobs/export --data-urlencod...

by Explorer in

How to count good work quotas vs. bad work quotas?

I am a Newb at Splunk, so please bear with me if this is straight forward or has been answered previously. I have suc...

by New Member in

How to build a timechart from a combined search

I have two different sources, each with information related to one another. The first source has, as part of the file...

by Communicator in

How to find the related search of lookup file

Hi, Below query is using the CSV, can I please know how the CSV file is being generated like whether is there any ...

by Path Finder in

How can I calculate application outages based on time?

Hi Guys I am having problem calculating application outages. I am polling for application state and data looks lik...

by Builder in

How can I extract SOAP envelope from raw data using rex

I would like to use a rex so I can pull the SOAP Envelope out of raw text and then send it to xmlprettyprint. Can any...

by New Member in

Populating Timechart Single Values with Dashboard Base Search

I have a dashboard with a base search, three Single Values use the base search, but will only populate using stats, I...

by New Member in

Group results by rows and columns

I need some help grouping and transposing some data. The search below gives me the data but now I want to group it an...

by Path Finder in

Transaction duration with no results found, would like the dashboard panel to reflect 0

Hi, I have this query index=wholesale_app buildTarget=blah product=product1 analyticType=checkpoint |transa...

by Motivator in

Get Updates on the Splunk Community!

Splunk Search

Discussions

How to Check Remote Server's Date and Time Settings (Windows)

How can I combine these two searches of the count of field A and the count of field B?

Regular expression - need to extract a field

How to count the number of occurrences of a word in an event?

Why don't my dynamic titles for month names work?

need to display zero if count is zero for data that is searched dynamically from a lookupfile

How to re-index a file everyday, even when the file is not updated?

How to parse a field value that is delimited by "/"

Saved Search runs after Uninstallation of App

foreach with subsearch

To display actual logs time by using Timechart command

Group events by a field and fetch those ones where a second field does not match a given value

Automating 20 diffrent searches on a single .csv log file , and getting textual feedback from this searches added to report.

Splunk has built-in mbtiles server. Can this be used for mbtiles that we create ourselves?

How to format dynamic columns output after transpose?

foreach with Error in 'eval' command

How do I escape the ' in Splunk search while running from command line?

How to count good work quotas vs. bad work quotas?

How to build a timechart from a combined search

How to find the related search of lookup file

How can I calculate application outages based on time?

How can I extract SOAP envelope from raw data using rex

Populating Timechart Single Values with Dashboard Base Search

Group results by rows and columns

Transaction duration with no results found, would like the dashboard panel to reflect 0

Best Strategies to Optimize Observability Costs

Fueling your curiosity with new Splunk ILT and eLearning courses

Splunk AI Assistant for SPL 1.1.0 | Now Personalized to Your Environment for Greater ...

Search for triggered save searches and their actio...

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Using Machine Learning Toolkit to detect auth abus...

Proactively stream data to different index after C...