Splunk Search

Splunk Search
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Community Activity
waltz

How can I escape backslash in a token to modify a search?

I have a search which sometimes I want to do an append, and sometimes not - this should be driven by a dropdown in th...
by waltz Explorer in Splunk Search 07-08-2017
0 12
0
12
quantumburnz

How to resolve Splunk from missing some automatically recognized source types?

I have transforms like access-extractions and access-request, which map to the automatically recognized source types ...
by quantumburnz Engager in Splunk Search 07-08-2017
0 5
0
5
aartivig289

How to arrange my bar chart to represent time in chronological order?

Hi, I am reading data from a csv file using a lookup. I need to plot monthly transaction charge volume on a bar cha...
by aartivig289 Engager in Splunk Search 07-07-2017
0 5
0
5
sri777

json spath variable and timeseries data output i need

I am newbie to splunk Data is json output {"fdc": {"available": 1248, "unavailable": 0, "undefined": 0}, "mwdc": {"...
by sri777 New Member in Splunk Search 07-07-2017
0 1
0
1
mgagliardi

Struggling with a multi-log transaction

I'm trying to establish a transaction. The information is in two different indexes, different sourcetypes, etc. Bas...
by mgagliardi Path Finder in Splunk Search 07-07-2017
1 4
1
4
EvaRex

How to extract values from multivalue field and Count number of co-occurences of values in a table?

Hi! I'm really new to Splunk so please excuse the simplicity of my question. I have an inputlookup table (eg.csv) ...
by EvaRex Engager in Splunk Search 07-07-2017
0 4
0
4
micheledagostin

How to create a line between two markers on a map?

Hello, I have a geographical map on which I have plotted a number of markers/points based on their longitude and la...
by micheledagostin Engager in Splunk Search 07-07-2017
0 7
0
7
kteng2024

How to generate a search to find the all the indexes and their sourcetypes without using a wildcard?

hi, i would like to know the search to find all the indexes and their sourcetypes . But my search is: index=* | ded...
by kteng2024 Path Finder in Splunk Search 07-07-2017
1 5
1
5
shabdadev

Multiple URL's response time by URL's

Hi All, I have this scenario where i have couple of diff types of URL's like /webapp/wcs/services/Key /webapp/wcs...
by shabdadev Engager in Splunk Search 07-07-2017
0 5
0
5
davesplunk01

What does search error "ERROR HTTPClient - Should have received at least 3 tokens in status line, while getting response code. Only got 0." mean?

Splunk 6.3.4 - While looking search log - inspect - search.log, I saw this error log, ERROR HTTPClient - Should have ...
by davesplunk01 Path Finder in Splunk Search 07-07-2017
0 2
0
2
AshimaE

Error in 'rex' command: Regex: quantifier does not follow a repeatable item

On using regex one by one to replace two types of strings its is giving the following error. Also while using the rep...
by AshimaE Explorer in Splunk Search 07-07-2017
0 2
0
2
shabdadev

Wildcard in middle of search string

Hi all , I have this query index=ihs host=losat sourcetype=ih ( URLRedefined="/wcs/resources/products/*/credit...
by shabdadev Engager in Splunk Search 07-07-2017
0 7
0
7
AshimaE

Check for pure numeric field values or alphanumeric

I have extracted a field using regex having the name push. I now have to classify all my rows into two categories bas...
by AshimaE Explorer in Splunk Search 07-07-2017
0 3
0
3
angelcat

How to keep null results from Stats Count by field to match the whole table

I have 4 types of devices, a column for total number, and I need to count by type. But some of the result are null, ...
by angelcat Engager in Splunk Search 07-07-2017
0 3
0
3
GHOST27

1. I am new at splunk and would like to know how to search two separate months in the same search syntax? 2. I would also like to know how to put 2 searches in one search.

Starting with this: index=* smtp sourcetype="""""""" email="*" date_month=june I tried date_month=may AND june and...
by GHOST27 Engager in Splunk Search 07-07-2017
0 1
0
1
christianhuber

transaction that ends if a certain value changes

Hi all, I'am sure there was already someone that had this problem and there is probably a answer right in front of ...
by christianhuber Path Finder in Splunk Search 07-07-2017
0 4
0
4
vino06

My search for Windows Server status is not Working

Hi, Good Day! Hope anyone can help me to correct my search, I'm trying to search for our Windows server whether its...
by vino06 New Member in Splunk Search 07-06-2017
0 3
0
3
ejharts2015

How do you update lookup tables when using search head clustering?

We have a lookup table that is automatically updated every 15 minutes past the hour with external results (not in spl...
by ejharts2015 Communicator in Splunk Search 07-06-2017
3 3
3
3
arjitgoswami

sum field until other associated field was changed.

Hi All, I have a scenario where I need to find total time taken by a particular servlet only until other servlet is...
by arjitgoswami Explorer in Splunk Search 07-06-2017
1 11
1
11
GenericSplunkUs

How to generate a search that will count the use of operating systems in our organization?

I'm trying to craft a search to count the use of operating systems in our organization. I don't want the duplicates. ...
by GenericSplunkUs Path Finder in Splunk Search 07-06-2017
0 1
0
1
kiran331

How to use regex to exclude events containing "session-6-305012" before indexing?

How to use regex to exclude events containing "session-6-305012" before indexing? sample event: 1.2.3.4 :Jul 06 20:...
by kiran331 Builder in Splunk Search 07-06-2017
0 1
0
1
Svill321

How do I add a count to a table using the table command?

How do I add a count to a table using the table command? The project I'm working on requires that a table is mad sho...
by Svill321 Path Finder in Splunk Search 07-06-2017
0 3
0
3
fmpa_isaac

Why am I getting search error "In handler 'savedsearch': Cannot get username when all users are selected."?

Is anyone else getting this error when performing a search? If so, can anyone help with a solution. Thank you In han...
by fmpa_isaac Path Finder in Splunk Search 07-06-2017
8 8
8
8
jbrenner

How to edit my timechart search to find the daily count of service calls over the last month?

I have the following Splunk search, which returns a count of service calls taking over 20,000 milliseconds, and I wan...
by jbrenner Path Finder in Splunk Search 07-06-2017
0 7
0
7
howardroark

How to specify fixed size bucket/bin with stats?

when I create a stats and try to specify bins by following: bucket time_taken bins=10 | stats count(_time) as size_a ...
by howardroark Explorer in Splunk Search 07-06-2017
0 8
0
8
Top Labels
Get Updates on the Splunk Community!

Data Management Digest – December 2025

Welcome to the December edition of Data Management Digest! As we continue our journey of data innovation, the ...

Index This | What is broken 80% of the time by February?

December 2025 Edition   Hayyy Splunk Education Enthusiasts and the Eternally Curious!    We’re back with this ...

Unlock Faster Time-to-Value on Edge and Ingest Processor with New SPL2 Pipeline ...

Hello Splunk Community,   We're thrilled to share an exciting update that will help you manage your data more ...