Splunk Search

Community Activity

	Search for triggered save searches and their actions titles and users: Need help with subsearch I want to use the 2nd search as a subsearch only bringing back the actions. How can I do this?SEARCH\| rest /servicesN... by NanSplk01 Communicator in Splunk Search 06-19-2025 0 1	0	1
	Need help with Basic query over splunk Please help share query to check > network logs and firewall blocks for specific Host machine> LDAP password login fa... by ashish_d New Member in Splunk Search 06-19-2025 0 1	0	1
	Efficiently Expanding Multiple Multi-Value Fields Using mvexpand in Splunk Hello Splunkers !!How can I efficiently use the mvexpand command to expand multiple multi-value fields, considering i... by uagraw01 Motivator in Splunk Search 06-18-2025 0 12	0	12
	create report if price values are different this is my log i need a report like below: where I can see price difference in a single report. I don't want to put ... by avikc100 Path Finder in Splunk Search 06-17-2025 0 2	0	2
	How can I remove latitude and longitude values while hovering over map and instead display the address of location on the map? I am using Splunk Cloud 6.5.0 version. How can i remove latitude and longitude values while hovering over map and di... by bhawana2192 New Member in Splunk Search 06-17-2025 0 8	0	8
	Autoformat and search results similar to "48a4.93b9.xxxx OR 48:a4:93:b9:xx:xx OR 48-a4-93-b9-xx-xx" Hello.This search returns zero results, but a manual "OR" search shows results. I cannot find the reason (neither can... by anthonyi Explorer in Splunk Search 06-16-2025 0 3	0	3
	what is wrong with these evals.... Hi, I have this search query where i aggregate using the stats and sum by few fields...When I run the query in splunk... by Raj_Splunk_Ing Path Finder in Splunk Search 06-15-2025 0 6	0	6
	Can I set up a PS4 Game Session Timer and Notification? Hi I want to know how long and when either of two games are being played on the PS4 or a laptop and be notified via e... by InspiredSplunk Observer in Splunk Search 06-13-2025 0 5	0	5
	make a table for a csv Hi my data is comma delimited , there are 2 rows with a header. I'fd like the columns to be split by the comma int... by Soonerseast Loves-to-Learn in Splunk Search 06-13-2025 0 3	0	3
	Data not showing on map Hello, I have lookup file uploaded and now I want to see the data, I am not able to see it on map , I can see the det... by rishabhpatel20 Explorer in Splunk Search 06-13-2025 0 2	0	2
	How to modify a dashboard Hi, i'm searching for a way to modify my app/dashboard to be able to modify the entries of a table (such as delete/du... by AleCanzo Explorer in Splunk Search 06-13-2025 0 2	0	2
	Fields from lookup with Join missing I have a query that detects missing systems. the lookup table has fields System, Location, responsible.I am trying t... by cdevoe57 Path Finder in Splunk Search 06-12-2025 0 8	0	8
	Is there a way to be more efficient in writing this query - Regex/Wildcard/Substitution question I have the below query I've written - I am used to SQL, SPL is still new to me. I feel like there has to be some way ... by ripvw32 Explorer in Splunk Search 06-12-2025 0 5	0	5
	Issue with Dropping Events via props.conf and transforms.conf Hi Splunk Community,We’re currently trying to drop specific logs using props.conf and transforms.conf, but our config... by Cybers1 Engager in Splunk Search 06-11-2025 0 5	0	5
	support for fill-forward or "last observation carried forward" Does splunk support fill-forward or "last observation carried forward".I want to create a daily based monitoring.One ... by Kemark Explorer in Splunk Search 06-11-2025 0 10	0	10
	There is a way to send some fileds of an alert to a kvs lookup? Hi, this is my first interaction with Splunk Community so be patient please  I'm trying to output some fields from a... by AleCanzo Explorer in Splunk Search 06-11-2025 0 3	0	3
	Need a query to find count of substring within string I need a query that will tell me the count of a substring within a string like this ..."This is my [string]" and I ne... by caschmid Observer in Splunk Search 06-10-2025 0 5	0	5
	Events with duplicate field extractions Good afternoon,I have a monitoring architecture with three nodes with the Splunk Enterprise product. One node acts as... by cfernaca Explorer in Splunk Search 06-10-2025 0 4	0	4
	URL aggregation in splunk query Hello Everyone,Below is my splunk query:index="my_index" uri="/experience/" \| stats count as hits by uri \| sort -h... by super_edition Path Finder in Splunk Search 06-09-2025 0 7	0	7
	Find searches that reference indexes that no longer exist Hi,I'm trying to clean up an old splunk cloud instance. one thought that occurred to me is find scheduled searches th... by dashe Engager in Splunk Search 06-09-2025 0 3	0	3
	Skipped search error on CMC \| The maximum number of concurrent running jobs.....on this cluster has been reached Hi Team,I have been observing 1 skipped search error indicating on my CMC. Error is -"The maximum number of concurren... by mchoudhary Explorer in Splunk Search 06-09-2025 0 2	0	2
	need demo of PKI Spotlight Add-on for Splunk by jcm New Member in Splunk Search 06-06-2025 0 2	0	2
	transaction command rows for large dataset Here is my code:index=example sourcetype=wineventlog computer_name="example"\| transaction computer_name startswith="e... by N3gativeSpace Engager in Splunk Search 06-05-2025 0 3	0	3
	Problems with adding multi-value field through /var/spool/splunk Hi Fellow Splunkers,How can I add multi-value field (array) directly to the index through `/var/spool/splunk`.I tried... by orpiczy Splunk Employee in Splunk Search 06-05-2025 0 1	0	1
	install splunk uba opt/caspida/bin/Caspida setuphadoop ...............................Failed to run sudo -u hdfs hdfs namenode -format >... by kn450 Explorer in Splunk Search 06-05-2025 0 1	0	1