Splunk Search

Start a Conversation

Discussions

Start a Conversation

Thread Info

How to show the very first tickmark in a line chart?

Hi Splunkies, I'm plotting some sensor values together with the sensor's limit on a line chart in order to visuali...

by Path Finder in

Best way to exclude specific combinations from results

I have a report that i get and it contains specific sets of data results i want to exclude: ex: Group Name, Who C...

by Path Finder in

Splunk search help -- output data should match 2 or more of the keywords

Hi, Fellow Splunkers, Noob question. I would like to seek for help in my search, this is the case: The client gave...

by Communicator in

How to expand columns with mvfields if count of values are different for each column

I ll show example it's much easier than explain: index=* <base_search> |eval Flight=mvzip(date,route,"/") |eval Pa...

by Explorer in

How do I make my search command to summarize network throughput data?

Aplogies, I'm not a Splunk administrator, I'm a capacity tool person that needs to extract some metrics from Splunk. ...

by Explorer in

Subsecond minspan in auto-span timechart?

(How) can I create an auto-span timechart that has a subsecond minimum span, such as 0.001s? Background to this qu...

by Builder in

Replacement for Join

The below example provides the output I need, but I will exceed the JOIN command limitations (50k). Can someone advis...

by Explorer in

how to show a table in if

My question is : i have output in this format : a _time b _time a _time b _time i want all these outputs alone wit...

by Path Finder in

How can I count the difference from two days?

Hi Splunk colleagues, I need the following output: Day 1 difference to Day2 = + or - in counts to see the trend of...

by New Member in

Transformation fields using Splunk UI

Team, I need help in defining 3 new fields using Splunk User interface. Decision=Agree , Field Name should be "Dec...

by New Member in

Left Join Not Returning All Fields

So as an example: Primary Table Customer 1, 2, 3 Secondary Table Customer 1,2,3,2 Spend 100, 200, 300, 400 ...

by Explorer in

Is anyone ingesting Ganglia data into Splunk?

I'm looking for anyone who is ingesting Ganglia data into Splunk. I have a customer interested in doing this but were...

by Splunk Employee in

Why does search not find data when using wild card in middle of search term?

I have JSON data, which is indexed and can be searched. This is an example of the data Product: { [-] ...

by SplunkTrust in

How to include additional field from inputlookup in results?

Hi, I have a lookup table errors.csv ,which contains Error and Source columns.I have a query the returns log entri...

by Engager in

Using rex to find matching values.

I have the following ACTION :[7] 'CONNECT' DATABASE[1] 'SYSTEM' That's in the _raw data. How do I extract CONNECT ...

by New Member in

Add count of subsearch results

I need to return all rows from my top search but add a count of rows from a map or subquery/subsearch. In my syst...

by Engager in

Show all values 0 to 100 with precision up to 2 decimal points

I am working on a single value dashboard panel where I am showing output in percentage with precision up to 2 decimal...

by New Member in

How to edit my search to divide the sum by a specific number?

ShiftName="1" EmployeeLoggedInLastName="*" MachineNumber="*"| stats sum(ElapsedMachineSecondsInOrderPath) by Employee...

by Path Finder in

Timechart with success and failure and failure/success percentage, grouped by Server

I've two patterns, say like this - "successPattern" and "failurePattern". I want to make a timechart comparing succes...

by Explorer in

Reqular Expression 101

Hi All, I am a new to Regular Expression topic, Could you please share me a link which help me to understand Regul...

by New Member in

Get Updates on the Splunk Community!

Splunk Search

Discussions

How to show the very first tickmark in a line chart?

Best way to exclude specific combinations from results

Splunk search help -- output data should match 2 or more of the keywords

How to expand columns with mvfields if count of values are different for each column

How do I make my search command to summarize network throughput data?

Subsecond minspan in auto-span timechart?

Replacement for Join

how to show a table in if

How can I count the difference from two days?

Transformation fields using Splunk UI

Left Join Not Returning All Fields

Is anyone ingesting Ganglia data into Splunk?

Why does search not find data when using wild card in middle of search term?

How to include additional field from inputlookup in results?

Using rex to find matching values.

Add count of subsearch results

Show all values 0 to 100 with precision up to 2 decimal points

How to edit my search to divide the sum by a specific number?

Timechart with success and failure and failure/success percentage, grouped by Server

Reqular Expression 101

Data Preparation Made Easy: SPL2 for Edge Processor

Introducing Edge Processor: Next Gen Data Transformation

Tips & Tricks When Using Ingest Actions

Combining results in metric index?

Summary Index from | collect ... addtime=f : When ...

Importing HCL BigFix data from Insights, how to ve...

Does splunk support Reactive Programming in Java/S...

Alerts not Finalizing- Is there a way to find out ...