Splunk Search

Discussions

Thread Info

Problem with Fields Aliases

Hi all, I have some problem with fields aliases. I try to explain, I receive a message MQ with a XML message body; i...

by New Member in

i want split all the "modify" tags value under a column and other tags vice versa.

Extends Asasociaoted With Deicooration: Linseld - Acation Coade; modify:extends -act5iodn; modify:extends -date;Exten...

by Builder in

Relative Time based on last event

I want to be able to compare 48 hours from my last event date, thought this would work but I keep getting 0 as my res...

by Contributor in

How to timechart time with SLA

I'm trying to replicate the following graph (not based on splunk data) into splunk. On Time Batch - Planned Time...

by Explorer in

How to generate a search to check memory, cpu, disk usage for each host?

Hello, I would like to do a search against forwarders, once I found that forwarder is running, I need to check mem...

by Explorer in

Add the column of numbers for the same result

I have 2 columns. One of them lists IP address of which many are repeating and the other column is of purchases. The ...

by New Member in

How to use a Lookup table to search against two sourcetypes with a common field that's named differently

I have two sources from Log files: “source1web”, “source2auth”, they both list IP addresses, but are named differentl...

by New Member in

How to create the Regular Expression for the xml

Hi Team, I have XML in the format present below and i am trying to use field transformation and field extraction i...

by Explorer in

filtered sub search

Hi I want to search for Text A on a index and find the Source Files and then on these source files search for Tex...

by New Member in

Different search results in Different systems

Hello All, I have a search query which gives the below results: Now the same query when my friend runs ...

by Explorer in

Search Query for Nested Jobs

Hi Everyone, I am a newbie to Splunk and trying to create Dashboards for Data Visualization. I have Real Time Data...

by Explorer in

case function -- why can't I operate on the results of a case function?

case function -- why can't I operate on the results of a case function? After the eval case function, I got 100 rows....

by New Member in

How to edit my search to find the average events per second for each day from the past week?

I am using the following query to calculate the average events per second | tstats count where index=* groupby ind...

by Communicator in

Adding lookup files for tuning purposes

So I'm new to Splunk (and ES) and have been asked to tune out some noise as we are getting a lot of false positives f...

by Communicator in

How to correlate 3 different CSV files with different column names?

I have 3 different source CSV (file1, file2, file3) files. In file 1, I have field(place) with value NJ and In file...

by Path Finder in

Join two searches based on a condition

Hi, We have two kind of logs for our system: First one logs all the user sessions with user name, src ip, dst ip, and...

by Explorer in

How to trim off characters before "\"

Hello, Could someone please advise of the most efficient way to trim off everything to the left of a "\" character...

by Path Finder in

Quick way to add fields to a table?

If I want to table out a field called "A," I have to manually type "A" in my search. Is there a quicker way to add fi...

by Engager in

Need splunk query to get alerts/saved searches/dashboards created by each index

Can anyone help me to get all saved searches/alerts configured using particular index .

by Explorer in

How to have 'count as' and also 'count by' for one search

The following query should be intuitive enough to see what am trying to do. This query will list Success_file field v...

by Explorer in

Need regex to extract specific data

I need a regex to get the output as below - Input /ABCD/Safe+Alert+-+ABCD+failure Date: Jun 01,2017 /ABCD / Safe ...

by Path Finder in

Join two searches based on a condition

We have two kind of logs for our system: First one logs all the user sessions with user name, src ip, dst ip, and log...

by Explorer in

correlation of events (different sourcetypes) with "from" and "to"

Hi there, i have planning events which i need to correlate with "actual" values from sensoring. The planning dat...

by Path Finder in

How to search for fields that contain numbers

Hi, I need to run a search the would select only those events where field Id contains numbers For example: it can be ...

by Builder in

How to set a multi drop-down value from JavaScript once a dynamic search has populated its options?

Hi, I have a multi drop-down menu that is populated from a search. I want to set the value of the drop-down menu a...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Problem with Fields Aliases

i want split all the "modify" tags value under a column and other tags vice versa.

Relative Time based on last event

How to timechart time with SLA

How to generate a search to check memory, cpu, disk usage for each host?

Add the column of numbers for the same result

How to use a Lookup table to search against two sourcetypes with a common field that's named differently

How to create the Regular Expression for the xml

filtered sub search

Different search results in Different systems

Search Query for Nested Jobs

case function -- why can't I operate on the results of a case function?

How to edit my search to find the average events per second for each day from the past week?

Adding lookup files for tuning purposes

How to correlate 3 different CSV files with different column names?

Join two searches based on a condition

How to trim off characters before "\"

Quick way to add fields to a table?

Need splunk query to get alerts/saved searches/dashboards created by each index

How to have 'count as' and also 'count by' for one search

Need regex to extract specific data

Join two searches based on a condition

correlation of events (different sourcetypes) with "from" and "to"

How to search for fields that contain numbers

How to set a multi drop-down value from JavaScript once a dynamic search has populated its options?

Fastest way to demo Observability

September Community Champions: A Shoutout to Our Contributors!

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions