Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Splunk Search
Splunk Search
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | Example: source="D:\filepath\filepath\filepath\filepath\DebugImportHelper_7_25_2017.log" This log file is created e... by griffinpair Path Finder in Splunk Search 07-25-2017 0 2 | 0 | 2 | |
| | We have list of hots not logging lookup hosts list can any one help with search to search in splunk find out why the... by Splunker6789 Explorer in Splunk Search 07-25-2017 0 7 | 0 | 7 | |
| | Hi, I have a regex to extract a field. I need unique count of those. During exploring I found that the extracted fie... by aniketb Path Finder in Splunk Search 07-25-2017 0 2 | 0 | 2 | |
| | I have a search index=safes TransactionCode=DOPN OR TransactionCode=DCLO Details="Door A Opened" OR Details="Door A ... by ellenbytech Explorer in Splunk Search 07-25-2017 0 1 | 0 | 1 | |
| | Hello, I have the following query which gives me the percentage of successful orders for the time period selected in... by jbrenner Path Finder in Splunk Search 07-25-2017 0 12 | 0 | 12 | |
| | I have file processing events with 2 stages - X & Y. I want to get filenames which have gone through X but not Y. I a... by barunbiswas New Member in Splunk Search 07-25-2017 0 1 | 0 | 1 | |
| | Ex: | where first_seen<"24h" or where first_seen="-1d" this is what I used but obviously it's wrong. by GHOST27 Engager in Splunk Search 07-25-2017 0 2 | 0 | 2 | |
| | I am working on a query to extract all successful authentications (events 4624, 4768 and 4769) per user per day. The ... by bapruski Explorer in Splunk Search 07-25-2017 0 3 | 0 | 3 | |
| | index=abc source=license_usage.log type=usage | rex field=h "(ab2)(?P\w+[^\d+])" |search Group=kb01m OR Group=kb02r ... by kteng2024 Path Finder in Splunk Search 07-25-2017 0 4 | 0 | 4 | |
| | I've been banging my head against the wall trying to get this to work, and not succeeding, obviously. I have a 217 li... by manderson7 Contributor in Splunk Search 07-25-2017 0 2 | 0 | 2 | |
 | I have a user who is receiving the error: No matching fields exist [subsearch]: The lookup table <-lookup>.csv is i... by mdsnmss SplunkTrust  in Splunk Search 07-25-2017 0 3 | 0 | 3 | |
| | We've recently run into some users that have run searches which resulted in Splunk Indexers crashing. I'm looking for... by Kieffer87 Communicator in Splunk Search 07-25-2017 0 4 | 0 | 4 | |
| | Hi All, I am looking for a query which will accept multiple value subsearch output as a input of main serach, See be... by mdwasimkhan Engager in Splunk Search 07-25-2017 0 5 | 0 | 5 | |
| | Data received from universal forwarder is displaying as below. Please advise how to get it as normal text. --splunk-... by dahada2010 New Member in Splunk Search 07-25-2017 0 5 | 0 | 5 | |
| | Hi, I want to run a search that alert me when a user is created and deleted in a period of time between 72 hours and... by wvalente Explorer in Splunk Search 07-25-2017 0 2 | 0 | 2 | |
| | Hi, I want to create a new field named "RequestId" from the data after "channelRequestId:" field using regex. This i... by davidda Explorer in Splunk Search 07-25-2017 1 2 | 1 | 2 | |
| | I have a lookup with the details of server and I want to check whether that servers are up or not. if not i have to ... by manjuase Explorer in Splunk Search 07-25-2017 1 5 | 1 | 5 | |
| | Hi Splunk support, I have a set of log file which name as below: (today is 20170723) application_20170721.log appli... by oolongcat New Member in Splunk Search 07-25-2017 0 3 | 0 | 3 | |
| | I would like to compare the two logs and output the attachment file name to the alert if it is the same message ID. ... by honobe Explorer in Splunk Search 07-25-2017 0 6 | 0 | 6 | |
| | I have to discard keyvalue pair from a event to null queue during index time extraction .Also there are certain key v... by aab5272 Engager in Splunk Search 07-24-2017 0 4 | 0 | 4 | |
| | Hi and Thanks .. I've been researching and trying methods to do this (even tried timewrap) and am (finally) asking f... by jpaulovich Explorer in Splunk Search 07-24-2017 0 6 | 0 | 6 | |
 |  I'm trying to set up a drill down report that will list the events of a transaction, but having issue getting the dat... by Kozanic Path Finder in Splunk Search 07-24-2017 0 5 | 0 | 5 | |
| | Is there a search command for Splunk that will find the oldest event in the index for a host faster than letting a fu... by esweeney Splunk Employee  in Splunk Search 07-24-2017 2 4 | 2 | 4 | |
| | I am attempting to track user activity from vdi login to the use of a shared account to log into an application. For ... by scc00 Contributor in Splunk Search 07-24-2017 0 7 | 0 | 7 | |
 | I have tried head 100, but it seems like it does a regular search and then gives me 100 results because it takes the ... by rockyrush Explorer in Splunk Search 07-24-2017 0 4 | 0 | 4 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Become An Expert
Top Labels
-
administration
3 -
alert action
3 -
alert condition
2 -
Analytics Workspace
2 -
authentication
1 -
chart
946 -
Classic dashboard
1 -
configuration
2 -
correlation search
1 -
count
1,006 -
Dashboard Studio
3 -
data
3 -
data model
1 -
development
6 -
distributed search
1 -
drilldown
1 -
email
1 -
eval
2,615 -
field extraction
2,022 -
fields
2,064 -
host
1 -
index
4 -
indexer
2 -
inputs.conf
1 -
intermediate forwarder
1 -
introduction
5 -
join
1,060 -
JSON
2 -
Linux
2 -
login
1 -
lookup
1,566 -
metadata
310 -
monitoring console
2 -
other
182 -
panel
2 -
PDF
1 -
Python
1 -
regex
1,499 -
report acceleration
2 -
rex
1,250 -
SAML
1 -
saved search
5 -
scheduled search
4 -
scripted input
1 -
search
2 -
search head
3 -
search job inspector
683 -
search peer
1 -
simple XML
1 -
source
1 -
sourcetype
4 -
Splunk Web Framework
1 -
splunk-assist
1 -
splunkd
1 -
stats
3,565 -
subsearch
1,730 -
summary indexing
4 -
table
1,755 -
time
1 -
timechart
1,158 -
transaction
453 -
transforms.conf
1 -
troubleshooting
8 -
tstats
569 -
universal forwarder
5 -
using Splunk Cloud
2 -
using Splunk Enterprise
13 -
Windows
3
- « Previous
- Next »
Get Updates on the Splunk Community!
Deep insights, no barriers: Splunk Observability Cloud Free Edition
As software delivery cycles continue to accelerate, observability shouldn’t be a luxury — it should be a ...
Monitoring AI Agents with Splunk Observability Cloud
Let’s say I’m running a travel planning AI app in production. A user asks for three concise hotel options in ...
[Puzzles] Solve, Learn, Repeat: Tiling
This puzzle (first published here) is based on finding groups of tessellated tiles (inspired by floor tiles I ...
