Splunk Search

Ask a Question

Discussions

Thread Info

using 'values' in stats shows values merged

Hello Experts, I was wondering if you can help me figure out how do I show the merged values in a field as 'unm...

by Path Finder in

Need help in merging the queries

Hi, i need to add two queries so that they could come in different fields in one visualization, one will be the err...

by Path Finder in

Regex not workin

Hi All, Here is my how my event looks like - 20/11/2023 12:47:05 (01) >> AdyenProxy::AdyenPaymentResponse...

by Communicator in

How to build multiple timecharts in dashboard from one field?

Hello All, I have a lookup file with multiple columns: fieldA, fieldB, fieldC. I need to publish timechart for ea...

by Contributor in

How to associate two data set when one set need to lookup for associated key but the other data set doesn't need ?

Dear All, I have one index and I use this index to store messages and summary report as well. In report="report_b...

by Path Finder in

How to get the target Account Name from WinEventLog:Security

This is an example of an event for EventCode=4726. As you see there are two account name fields which the Splunk App ...

by Contributor in

Get Invidiual Totals when stats count has a field that logs errors

Hello Experts, This is a long searches, explored query that I am getting a way around. If we do a simple quer...

by Path Finder in

limit timechart with span and per_hour to 2 decimal values

I have below query which shows values in line chart with up to 5 decimals and I want to limit it to max 2 decimals. ...

by Explorer in

Splunk HF UI issue

hello Splunk team, As picture, I found UI duplication problem in selecting data type module. I tested different bro...

by Loves-to-Learn in

Compare values at two different timestamps and output diffs into a table

Hi Folks, I am trying to figure out how to compare a single field based off another field called timestamp. I pul...

by Loves-to-Learn Lots in

How to Combine Events with matching data

Hi, I have a union'ed search where I am wanting to link different events based on fields that have matching values.My...

by New Member in

Get the top n results when searched by count and span

Hi All,I am trying to get the top n users who made calls to some APIs over a span of 5 minutes. For example:By the...

by New Member in

Want to run the splunk query exactly one week earlier than the date selected in the datetimepicker.

I want to write a splunk query which will run over the same timewindow but on a different date selected in the dateti...

by Engager in

Using tokens in dropdown menu to create two different results

I am wondering if there's a way to use the dropdown menu and tokens to display two different results. I am trying to ...

by Path Finder in

Splunk query to compare a field from search with a field from lookup and find the unmatched ones

Hi Can you please let me know how to frame splunk query compare a field from search with a field from lookup and find...

by Observer in

auto_generated_pool_download-trial

Hi, we have the following error in one of the splunk instances: Error in 'litsearch' command: Your Splunk license...

by Explorer in

Is there a way to get 2 nonstream Searches to run in parallel in the same SPL?

Hi - Is there a way to get 2 nonstream Searches to run in parallel in the same SPL? I am using "appendcols", but I...

by Influencer in

Multiple time searches

I have the below search and I'm trying to search for different time periods within each search. So for example msg...

by Path Finder in

Converting index query to data model query

I have tried to simplify the query for better understanding and removing some unnecessary things.This query is to fin...

by Loves-to-Learn in

How to extract specific field values from JSON format events?

I am looking to extract some information from a Values field that has two values within it. How can i speci...

by Path Finder in

How to fix wandering trellis order?

Sometimes, running the same search generates different orders when trellis visualization is used. For example, ...

by SplunkTrust in

search two indexes specifying two matching columns

I am trying to generate three reports with stats. The first is where jedi and sith have matching columns. The third i...

by Engager in

How to change host as row and time as column

Hi there, I have this query: index=_internal source="*license_usage.log" | eval bytes=b | eval GB = round(byte...

by New Member in

Want to replace the field value name

Nameskukit NAC-D-CDSK-DLS-05.90NAC-DHJA-JEOE-DNDN-94.4.0 This my data, I want to replace with NAC-D to ANT-P f...

by Explorer in

Outputting data with spath in search

I am trying to output two rows of data with them being "read" and "write" with both of them having min,max, and avg o...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

using 'values' in stats shows values merged

Need help in merging the queries

Regex not workin

How to build multiple timecharts in dashboard from one field?

How to associate two data set when one set need to lookup for associated key but the other data set doesn't need ?

How to get the target Account Name from WinEventLog:Security

Get Invidiual Totals when stats count has a field that logs errors

limit timechart with span and per_hour to 2 decimal values

Splunk HF UI issue

Compare values at two different timestamps and output diffs into a table

How to Combine Events with matching data

Get the top n results when searched by count and span

Want to run the splunk query exactly one week earlier than the date selected in the datetimepicker.

Using tokens in dropdown menu to create two different results

Splunk query to compare a field from search with a field from lookup and find the unmatched ones

auto_generated_pool_download-trial

Is there a way to get 2 nonstream Searches to run in parallel in the same SPL?

Multiple time searches

Converting index query to data model query

How to extract specific field values from JSON format events?

How to fix wandering trellis order?

search two indexes specifying two matching columns

How to change host as row and time as column

Want to replace the field value name

Outputting data with spath in search

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

Splunk Observability for AI

🔐 Trust at Every Hop: How mTLS in Splunk Enterprise 10.0 Makes Security Simpler

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions