Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Splunk Search
Splunk Search
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | Hi there:I have two events shown below:Event #1source=foo1eventid=abcdEvent #2source=foo2event_id=abcdI am trying to ... by djoobbani Path Finder in Splunk Search 11-09-2023 0 1 | 0 | 1 | |
 |   Hello, i am reaching out to ask if there is any way to make the chart that was generated with the scheduled PDF repor... by Abass42 Communicator in Splunk Search 11-09-2023 0 0 | 0 | 0 | |
| | Hi,We currently have events where identifying the app that makes the event depends multiple fields, as well as substr... by OrionCulver Explorer in Splunk Search 11-09-2023 0 5 | 0 | 5 | |
| | I have a KV store collection that is populated. I have a lookup definition pointing to the KV store. If you use the... by coreyCLI Communicator in Splunk Search 11-09-2023 0 6 | 0 | 6 | |
| | Hi All, My requirement is source data records data need to be encrypted. What does process need to follow? Is there a... by vijreddy30 Loves-to-Learn Everything in Splunk Search 11-09-2023 0 3 | 0 | 3 | |
 | I am basically faced with this problem: | makeresults count=3 | streamstats count | eval a.1 = case(count=1, 1, coun... by duesser Path Finder in Splunk Search 11-09-2023 0 1 | 0 | 1 | |
| | I am trying to write a regex to extract a field called "registrar" from some data like i have below. Can you please h... by scout29 Path Finder in Splunk Search 11-08-2023 0 4 | 0 | 4 | |
| | Does anyone know a pattern for detecting half-duplex connections from server/laptop sources to server destinations? n... by virginiatech199 Explorer in Splunk Search 11-08-2023 0 1 | 0 | 1 | |
| | I have events like this :11/06/2023 12:34:56 ip 1.2.3.4 This is record 1 of 5USER PID %CPU %MEM VSZ RSS TTY STAT STAR... by lorinj62 Engager in Splunk Search 11-08-2023 0 3 | 0 | 3 | |
| | I have a field called environment which has values like dev,prod,uat,sit.Now I want to create a new_field which all t... by viku7474 Explorer in Splunk Search 11-08-2023 0 3 | 0 | 3 | |
| | Hello! Could you advise, please, how can I compare results of 2 searches, which returns results in a different format... by oleg90 Explorer in Splunk Search 11-08-2023 0 6 | 0 | 6 | |
| | I've got a search query which outputs 175 rows. I want it to output only top 5%. The row count will change over time ... by kk2204 Explorer in Splunk Search 11-08-2023 0 6 | 0 | 6 | |
 | After installing the latest UF 9.1.1 on a linux i tried to connect it to the deployment server./splunk set deploy-po... by henryfox Engager in Splunk Search 11-08-2023 0 0 | 0 | 0 | |
| | I am a beginner in Splunk queries. I might would be asking for some simple query but I am not able to construct it af... by rajnsoni92 Explorer in Splunk Search 11-08-2023 0 2 | 0 | 2 | |
| | I am having trouble comparing the columns age and expectedAge, where the column expectedAge is a result of a lookup ... by sherwin_r Explorer in Splunk Search 11-08-2023 0 3 | 0 | 3 | |
| | My regular expression has been working fine.. but now theres data with "[]" and it is being skipped here is the reg... by sphiwee Contributor in Splunk Search 11-08-2023 0 1 | 0 | 1 | |
| | Hi All,I have a search query that allows me to pull results from an index summary.One of the fields is a time/date fi... by ssaenger Communicator in Splunk Search 11-08-2023 0 14 | 0 | 14 | |
| | Hello,I have below code for a dropdown menu and the problem is the moment i select any of the value from drop down de... by Satyapv Engager in Splunk Search 11-08-2023 0 3 | 0 | 3 | |
| | Apparently my Google-Fu isn't the best and I can't find an explanation. Can someone please enlighten me? I have a loo... by yoshileigh66 Explorer in Splunk Search 11-08-2023 0 3 | 0 | 3 | |
 | Hi All,I want to create an SPL query that first returns data by matching the destination IP address from Palo Alto lo... by neokevin Engager in Splunk Search 11-08-2023 0 3 | 0 | 3 | |
| | Hi,I have 2 saved searches that fetch data from datamodel (pivot table) and the result of these savedsearch is storin... by Lavender Loves-to-Learn Everything in Splunk Search 11-07-2023 0 0 | 0 | 0 | |
| | Can someone please help me with this.So I have the following query:source=abc type=Change msg=" consumed" event_type=... by djoobbani Path Finder in Splunk Search 11-07-2023 0 18 | 0 | 18 | |
| | I need to run a Splunk search with "transaction" command and I have four pattern variations for the start of the tran... by sp Loves-to-Learn in Splunk Search 11-07-2023 0 2 | 0 | 2 | |
| | Dear All,I have look up file with Transaction details and Transaction Name Like below. Will be great if someone sugge... by Satyapv Engager in Splunk Search 11-07-2023 0 8 | 0 | 8 | |
| | I have a query to fetch Kernel version from all the Linux servers . We update the Kernel Patch every quarter . I have... by Hema_Nithya Explorer in Splunk Search 11-07-2023 0 1 | 0 | 1 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Become An Expert
Top Labels
-
administration
3 -
alert action
3 -
alert condition
2 -
Analytics Workspace
2 -
authentication
1 -
chart
944 -
Classic dashboard
1 -
configuration
2 -
correlation search
1 -
count
1,003 -
Dashboard Studio
3 -
data
3 -
data model
1 -
development
6 -
distributed search
1 -
drilldown
1 -
email
1 -
eval
2,609 -
field extraction
2,017 -
fields
2,061 -
host
1 -
index
4 -
indexer
2 -
inputs.conf
1 -
intermediate forwarder
1 -
introduction
5 -
join
1,058 -
JSON
2 -
Linux
2 -
login
1 -
lookup
1,565 -
metadata
307 -
monitoring console
2 -
other
153 -
panel
2 -
PDF
1 -
Python
1 -
regex
1,498 -
report acceleration
2 -
rex
1,246 -
SAML
1 -
saved search
5 -
scheduled search
4 -
scripted input
1 -
search
2 -
search head
3 -
search job inspector
681 -
search peer
1 -
simple XML
1 -
source
1 -
sourcetype
4 -
Splunk Web Framework
1 -
splunk-assist
1 -
splunkd
1 -
stats
3,559 -
subsearch
1,721 -
summary indexing
4 -
table
1,750 -
time
1 -
timechart
1,156 -
transaction
451 -
transforms.conf
1 -
troubleshooting
8 -
tstats
566 -
universal forwarder
5 -
using Splunk Cloud
2 -
using Splunk Enterprise
13 -
Windows
3
- « Previous
- Next »
Get Updates on the Splunk Community!
App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community
As we step into 2026, it’s the perfect moment to reflect on what an extraordinary year 2025 was for the Splunk ...
Operationalizing Entity Risk Score with Enterprise Security 8.3+
Overview
Enterprise Security 8.3 introduces a powerful new feature called “Entity Risk Scoring” (ERS) for ...
Unlock Database Monitoring with Splunk Observability Cloud
In today’s fast-paced digital landscape, even minor database slowdowns can disrupt user experiences and ...
