Splunk Search

Discussions

Thread Info

Add the column of numbers for the same result

I have 2 columns. One of them lists IP address of which many are repeating and the other column is of purchases. The ...

by New Member in

How to use a Lookup table to search against two sourcetypes with a common field that's named differently

I have two sources from Log files: “source1web”, “source2auth”, they both list IP addresses, but are named differentl...

by New Member in

How to create the Regular Expression for the xml

Hi Team, I have XML in the format present below and i am trying to use field transformation and field extraction i...

by Explorer in

filtered sub search

Hi I want to search for Text A on a index and find the Source Files and then on these source files search for Tex...

by New Member in

Different search results in Different systems

Hello All, I have a search query which gives the below results: Now the same query when my friend runs ...

by Explorer in

Search Query for Nested Jobs

Hi Everyone, I am a newbie to Splunk and trying to create Dashboards for Data Visualization. I have Real Time Data...

by Explorer in

case function -- why can't I operate on the results of a case function?

case function -- why can't I operate on the results of a case function? After the eval case function, I got 100 rows....

by New Member in

How to edit my search to find the average events per second for each day from the past week?

I am using the following query to calculate the average events per second | tstats count where index=* groupby ind...

by Communicator in

Adding lookup files for tuning purposes

So I'm new to Splunk (and ES) and have been asked to tune out some noise as we are getting a lot of false positives f...

by Communicator in

How to correlate 3 different CSV files with different column names?

I have 3 different source CSV (file1, file2, file3) files. In file 1, I have field(place) with value NJ and In file...

by Path Finder in

Join two searches based on a condition

Hi, We have two kind of logs for our system: First one logs all the user sessions with user name, src ip, dst ip, and...

by Explorer in

How to trim off characters before "\"

Hello, Could someone please advise of the most efficient way to trim off everything to the left of a "\" character...

by Path Finder in

Quick way to add fields to a table?

If I want to table out a field called "A," I have to manually type "A" in my search. Is there a quicker way to add fi...

by Engager in

Need splunk query to get alerts/saved searches/dashboards created by each index

Can anyone help me to get all saved searches/alerts configured using particular index .

by Explorer in

How to have 'count as' and also 'count by' for one search

The following query should be intuitive enough to see what am trying to do. This query will list Success_file field v...

by Explorer in

Need regex to extract specific data

I need a regex to get the output as below - Input /ABCD/Safe+Alert+-+ABCD+failure Date: Jun 01,2017 /ABCD / Safe ...

by Path Finder in

Join two searches based on a condition

We have two kind of logs for our system: First one logs all the user sessions with user name, src ip, dst ip, and log...

by Explorer in

correlation of events (different sourcetypes) with "from" and "to"

Hi there, i have planning events which i need to correlate with "actual" values from sensoring. The planning dat...

by Path Finder in

How to search for fields that contain numbers

Hi, I need to run a search the would select only those events where field Id contains numbers For example: it can be ...

by Builder in

How to set a multi drop-down value from JavaScript once a dynamic search has populated its options?

Hi, I have a multi drop-down menu that is populated from a search. I want to set the value of the drop-down menu a...

by Path Finder in

Removing a Pattern from the search result

I am searching for a string "xyz" that would result in all actionsteps (with counts) that has "xyz" in it, However I ...

by New Member in

What are the open threat lists Optiv Threat Intel gets its feeds from?

Hi Derek, I am just curious to know the various feeds Optiv Threat Intel makes use of? I would like to know so ...

by New Member in

Do we able to search string from different index which resides accross different client (Splunk forwarder) ?

Let us think a scenario , where from different system having installed with Splunk forwarder connect to same SPLUNK s...

by Explorer in

Chart Multiple (4) Fields

Is it possible to create a chart out of 4 fields in Splunk? I am trying to create a chart shown below but I was only ...

by Path Finder in

how to create dashboard app

I have a dashboard and i want to make that dashboard as an app so that i can push it to other search heads . But my q...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Add the column of numbers for the same result

How to use a Lookup table to search against two sourcetypes with a common field that's named differently

How to create the Regular Expression for the xml

filtered sub search

Different search results in Different systems

Search Query for Nested Jobs

case function -- why can't I operate on the results of a case function?

How to edit my search to find the average events per second for each day from the past week?

Adding lookup files for tuning purposes

How to correlate 3 different CSV files with different column names?

Join two searches based on a condition

How to trim off characters before "\"

Quick way to add fields to a table?

Need splunk query to get alerts/saved searches/dashboards created by each index

How to have 'count as' and also 'count by' for one search

Need regex to extract specific data

Join two searches based on a condition

correlation of events (different sourcetypes) with "from" and "to"

How to search for fields that contain numbers

How to set a multi drop-down value from JavaScript once a dynamic search has populated its options?

Removing a Pattern from the search result

What are the open threat lists Optiv Threat Intel gets its feeds from?

Do we able to search string from different index which resides accross different client (Splunk forwarder) ?

Chart Multiple (4) Fields

how to create dashboard app

Can’t make it to .conf25? Join us online!

Community Content Calendar, September edition

Splunkbase Unveils New App Listing Management Public Preview

Leveraging Automated Threat Analysis Across the Splunk Ecosystem

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions

Can’t make it to .conf25? Join us online!