Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Splunk Search
Splunk Search
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | Hi, My current search I'm using to populate the value is given below. source= transaction.csv | stats values(A... by Shan Builder in Splunk Search 12-12-2017 0 7 | 0 | 7 | |
 | I have a bunch of indexes in the format of <environment>-<machineType> This is something like test-manager, staging-... by ByteFlinger Engager in Splunk Search 12-12-2017 0 2 | 0 | 2 | |
| | I hold a list of two dates that I want to subtract one from another these dates are an outcome from: |conv... by eranday New Member in Splunk Search 12-12-2017 0 7 | 0 | 7 | |
 | I have events which have multiple of the same fields but with different values. E.g; Event 1: deviceName="device1" a... by ZacEsa Communicator in Splunk Search 12-12-2017 0 13 | 0 | 13 | |
| | I have 2 sourcetypes: Eg. sourcetypeA has fields such as ServiceProvider, GroupID, DeviceUsed, DeviceSerialNum ... by hkchew New Member in Splunk Search 12-12-2017 0 4 | 0 | 4 | |
 | Hi Guys context: i want a table grouped by region, count per region and quarter in a table for example Re... by christianhuber Path Finder in Splunk Search 12-12-2017 0 2 | 0 | 2 | |
| | Hi I am new to splunk and still exploring it. How do i create a new result set after performing some calculation on e... by UdayAditya New Member in Splunk Search 12-11-2017 0 5 | 0 | 5 | |
 | I'd like to be able to create lookups of known bad ip addresses (SANS, BOGON, etc) and have the lookups update automa... by b_bunch New Member in Splunk Search 12-11-2017 0 1 | 0 | 1 | |
 | I do have many data including duplicate data , and i want to remove duplicate data from the index , without using th... by jadengoho Builder in Splunk Search 12-11-2017 0 5 | 0 | 5 | |
| | I'm using the Jirarest add-on in the following way, passing through a specific search (sometimes with changelog): | ... by SplunkIsLife Explorer in Splunk Search 12-11-2017 0 2 | 0 | 2 | |
 | Goal: Build a dashboard that reports on the overall status of a product based on the status of the various services t... by mbrazington Engager in Splunk Search 12-11-2017 0 1 | 0 | 1 | |
| | Hi All, Need help on below query to calculate ticket age from ticket creation date with current date. Please help me... by kpavan Path Finder in Splunk Search 12-11-2017 0 3 | 0 | 3 | |
 | I created a csv file critical.csv with a list of critical assets, and uploaded the lookup table into Splunk. How woul... by jrprez1804 Path Finder in Splunk Search 12-11-2017 0 1 | 0 | 1 | |
 | Hey, I am very new to Splunk so apologies if this is a very simple question. Currently Splunk is monitoring applica... by jamesmatthews New Member in Splunk Search 12-11-2017 0 3 | 0 | 3 | |
| | Hello, I'm trying to eliminate the "unknown action, hosts" etc. there is some log's that don't contain an Action, so... by ahmadjabr Engager in Splunk Search 12-11-2017 0 2 | 0 | 2 | |
| | Have seen a lot of Q&A about wildcards in the lookup table; this is the reverse. Here is the scenario. Lookup table ... by claatu Explorer in Splunk Search 12-11-2017 0 9 | 0 | 9 | |
| | I want to find the number of events occurring in sourcetype=B based on the distinct Device_MAC_Address searched from ... by rafiqul New Member in Splunk Search 12-11-2017 0 2 | 0 | 2 | |
 | So I was doing some debugging for someone on CIDR matching and appeared to get inconsistent results between versions ... by cameronjust Path Finder in Splunk Search 12-11-2017 0 1 | 0 | 1 | |
 | I have case such as : if date is older than 5 working (eg if today is Thursday 19th, then anything older than Thursd... by alfiyashaikh New Member in Splunk Search 12-10-2017 0 3 | 0 | 3 | |
| | Hi, I am new in splunk and I would like to search for some info in my Logfile. I am just trying to count the total o... by luchin New Member in Splunk Search 12-09-2017 0 1 | 0 | 1 | |
| | I would like to change the default search time for all users who select the custom app i have created from all time t... by splunkjpm Loves-to-Learn Lots in Splunk Search 12-08-2017 0 7 | 0 | 7 | |
| | index=logs ip_address=* has single ip addresses like 5.9.100.100 CSV file: range, owner 5.9.0.0/24 Owner1 5.10.64.0... by spark2310 Explorer in Splunk Search 12-08-2017 0 4 | 0 | 4 | |
 | I'm interested in knowing why it's frowned upon not to search index=*. I was asked by one of our employees and rememb... by sogeniusio Path Finder in Splunk Search 12-08-2017 0 2 | 0 | 2 | |
| | I'm running the following search, but when I add the dedup line my d_name field goes blank. I have two sourcetypes bo... by glenngermiathen Path Finder in Splunk Search 12-08-2017 0 3 | 0 | 3 | |
| | I have combined data from two searches and want to compare them to identify what is new in the second search, what is... by glenngermiathen Path Finder in Splunk Search 12-08-2017 0 15 | 0 | 15 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Become An Expert
Top Labels
-
administration
3 -
alert action
3 -
alert condition
2 -
Analytics Workspace
2 -
authentication
1 -
chart
946 -
Classic dashboard
1 -
configuration
2 -
correlation search
1 -
count
1,006 -
Dashboard Studio
3 -
data
3 -
data model
1 -
development
6 -
distributed search
1 -
drilldown
1 -
email
1 -
eval
2,614 -
field extraction
2,022 -
fields
2,063 -
host
1 -
index
4 -
indexer
2 -
inputs.conf
1 -
intermediate forwarder
1 -
introduction
5 -
join
1,060 -
JSON
2 -
Linux
2 -
login
1 -
lookup
1,566 -
metadata
309 -
monitoring console
2 -
other
179 -
panel
2 -
PDF
1 -
Python
1 -
regex
1,499 -
report acceleration
2 -
rex
1,250 -
SAML
1 -
saved search
5 -
scheduled search
4 -
scripted input
1 -
search
2 -
search head
3 -
search job inspector
683 -
search peer
1 -
simple XML
1 -
source
1 -
sourcetype
4 -
Splunk Web Framework
1 -
splunk-assist
1 -
splunkd
1 -
stats
3,565 -
subsearch
1,729 -
summary indexing
4 -
table
1,754 -
time
1 -
timechart
1,158 -
transaction
452 -
transforms.conf
1 -
troubleshooting
8 -
tstats
569 -
universal forwarder
5 -
using Splunk Cloud
2 -
using Splunk Enterprise
13 -
Windows
3
- « Previous
- Next »
Get Updates on the Splunk Community!
Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas
Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas
Cisco Live 2026 is almost here, and this ...
What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)
Hello Splunkers,
So you searched, “what is the name of the usb key inserted by bob smith?”
Not gonna lie… ...
Automating Threat Operations and Threat Hunting with Recorded Future
Automating Threat Operations and Threat Hunting
with Recorded Future
June 29, 2026 | Register
Is your ...
Unanswered Topics
