Splunk Search

Ask a Question

Discussions

Thread Info

_time not giving correct results in an eval condition

I am using the below query to show the number of plans in a particular month. However, there are approved dates of...

by Explorer in

Create transaction from results of another transaction

sourcetype=A has d_id field sourcetype=B has d_id and m_pid field sourcetype=C has m_pid field Need to build trans...

by Contributor in

How can I set a timezone for a specific sourcetytpe?

How to specify a particular timezone for specific sourcetype? I found the below format the other Splunk question. Can...

by Path Finder in

About real time search

I want to know about CPU occupation when doing a real-time search. If I build Splunk in a standalone way, and I co...

by Builder in

how to split the time into different shifts to find how many employees came in shift 1 and shift2

we have a data with employee numbers who enter the office during different times in the day. We want to categorize...

by New Member in

Is there an option to do an event break at the end of file (txt file)?

I have a folder which contains multiple text files. I want to import these files into Splunk as events. which means e...

by Contributor in

How to transpose CSV into separate columns

I have the below two csv files: ProductSales.csv RegionalSales.csv ProductSales.csv ProductId,Product_na...

by New Member in

Multiple Join Nested Join similar to IF ELSE LOGIC

I have sourcetype = sourcetype1 with field 1, field 2, field 3, field 4, part1, key1 sourcetype = sourcetype2 with f...

by Path Finder in

duration to seconds

I'm attempting to turn the duration of a process in the PS data into just seconds so I can sort appropriately and fin...

by Motivator in

Math Within addtotals

I'm trying to do some math with the values calculated in the addtotals command and put them back into the same line b...

by Explorer in

How can I set the y-axis on my bar chart to be in duration?

I have the following search: ....| stats sum(callduration) as "totalcallduration" by Companycalls Currently my ...

by Contributor in

How to reset the link on a link list input

Hi, this is my first post on here, am very new to using SPLUNK so please bear with me if how I am doing things is clu...

by New Member in

"The Lookup does not exist or is not available error" for users with same permissions as me but I don't get the error

My lookup is in the search app with global permissions with all roles the availability to read and write. My dashboar...

by Path Finder in

Lookup Does Not Exist Error- Help

I know there are a lot of answers on this topic- but I think I have completed all of the steps offered. One of my use...

by Path Finder in

Extracting id field from one event and looking for this id in another event

Hi All, I have the below two event logs: Event1: ns=app1, id=12,Error='400', Service='CallGetAccount' Event2: n...

by Explorer in

How to show data in a range grouped by specified time period?

i have below data. i want to represent in a range to group date for 5 days and i want date field to represent(16-08-1...

by Builder in

Use lookup table values as a input for search query and display lookup table values with query manipulated fields

Hi I have a lookup table with the field (indexname). I want to use each lookup table field (indexname) values as a i...

by Explorer in

How to find previous releases using current release?

Lookup file contains release number and its start date. The fields in lookup file are Release and Production (start d...

by Communicator in

Column to row conversion

Hi friends I am facing an issue where I have to consolidate and convert the data from Column to rows. The sample d...

by Path Finder in

How can we eliminate orphaned searches?

We have orphaned searches we reassigned to our accounts but still see the messages every saying you have 11 orphaned ...

by Communicator in

about removal duplication and lookup

How to write such an SPL search statement two quetions: 1、on the Splunk Enterpirse ,how to remove duplicate dat...

by Communicator in

How to set column with default value if column key not exist?

Hi guys I'm trying to create a statistic table for the data from jira. Each column has different severity for jira...

by New Member in

Link to a file in search results

I have a zip file uploaded into Splunk. This zip file contains a files.csv file and some file attachments stored in f...

by New Member in

How do I use IF / THEN / AND in logic in a search?

I'm trying to create some logic within my search, and it requires some IF THEN AND logic, which I know Splunk has the...

by Motivator in

Need help with streamstats search -- need to display _time on x-axis.

I have a requirement to display the count of data received over the last 7 days. I need to show the total with a data...

by Contributor in

Get Updates on the Splunk Community!

Splunk Search

Discussions

_time not giving correct results in an eval condition

Create transaction from results of another transaction

How can I set a timezone for a specific sourcetytpe?

About real time search

how to split the time into different shifts to find how many employees came in shift 1 and shift2

Is there an option to do an event break at the end of file (txt file)?

How to transpose CSV into separate columns

Multiple Join Nested Join similar to IF ELSE LOGIC

duration to seconds

Math Within addtotals

How can I set the y-axis on my bar chart to be in duration?

How to reset the link on a link list input

"The Lookup does not exist or is not available error" for users with same permissions as me but I don't get the error

Lookup Does Not Exist Error- Help

Extracting id field from one event and looking for this id in another event

How to show data in a range grouped by specified time period?

Use lookup table values as a input for search query and display lookup table values with query manipulated fields

How to find previous releases using current release?

Column to row conversion

How can we eliminate orphaned searches?

about removal duplication and lookup

How to set column with default value if column key not exist?

Link to a file in search results

How do I use IF / THEN / AND in logic in a search?

Need help with streamstats search -- need to display _time on x-axis.

Stay Connected: Your Guide to November Tech Talks, Office Hours, and Webinars!

Transform your security operations with Splunk Enterprise Security

Splunk Admins and App Developers | Earn a $35 gift card!

Using splunk-sdk in user-defined functions in Spar...

Verification of SAML assertion using IDP's cert fa...

ジョブを消しても復活する現象について

splunk threat intelligence taxii data

Splunk DB connect add-on InfluxDB 2.6