Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Splunk Search
Splunk Search
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | Hey Community, I'm trying to pass a variable including the pattern to a rex command mode=sed. This is my approach bu... by JohannesGmelin Path Finder in Splunk Search 06-07-2017 1 13 | 1 | 13 | |
| | Hey Community, I'm trying to remove the first word of a Uri with a rex. /test/contentA/contentB.html It should onl... by JohannesGmelin Path Finder in Splunk Search 06-07-2017 0 2 | 0 | 2 | |
 | Below is the search that i have prepared to check for the host named nmshost01 not sending data for over 30 min | me... by roysm619 New Member in Splunk Search 06-07-2017 0 1 | 0 | 1 | |
 | Hi, i have the below json object that is being returned when applying my search: index="devops" sourcetype="_json"... by ayousseff New Member in Splunk Search 06-07-2017 0 2 | 0 | 2 | |
 | I have a simple-xml Splunk dashboard with a base query, and two post-processing queries inheriting from the base. How... by dave4988 Engager in Splunk Search 06-07-2017 0 2 | 0 | 2 | |
| | I have a table which consists of user names, events triggered by the user and the timestamps when the events were tri... by snipedown21 Path Finder in Splunk Search 06-06-2017 0 3 | 0 | 3 | |
 | "$ SPLUNK_HOME / var / run" in my Splunk environment gradually increased from 15:00 PM on 2017/6/5 to 2017/6/6 09: 00... by yutaka1005 Builder in Splunk Search 06-06-2017 0 4 | 0 | 4 | |
| | Below is my log Database-Error(3100)\nCONF-01083 - Count of positive/negative confirmations do not match the service... by ppanchal Path Finder in Splunk Search 06-06-2017 0 3 | 0 | 3 | |
| |  I have three colums Track, Flow and Job. I want to plot 'Track+Flow' vs 'Job' as 'Track+Flow' giving uniqueness. Eg:... by dsiob Communicator in Splunk Search 06-06-2017 0 15 | 0 | 15 | |
 | I am trying to display a table of users usage for each individual computer that they have used. I can get the result ... by ykobak New Member in Splunk Search 06-06-2017 0 6 | 0 | 6 | |
| | If you have a sample search such as the below sourcetype=HOSTS | stats values(user) as USERS_OF_COMPUTER dc(user) as... by james_gall New Member in Splunk Search 06-06-2017 0 1 | 0 | 1 | |
| | Hi, I am trying to use rex function to extract "/" from my data which lookslike: Database User [1] : "/" how sho... by ewise1 New Member in Splunk Search 06-06-2017 0 1 | 0 | 1 | |
 | I have been modifying searches to accommodate Windows data in the CIS Top 20 Critical Controls app. The following sea... by ferdbiffle Explorer in Splunk Search 06-06-2017 0 4 | 0 | 4 | |
| |  I have a dashboard that lists/groups recently updated dashboards and I just wanted to know if there was a way to also... by eyaluodba Path Finder in Splunk Search 06-06-2017 0 6 | 0 | 6 | |
 | 2017-06-06 08:30:56,761 [ajp-127.0.0.4-8009-44] INFO Weblogger - 3B08FDCAF216658E81536A07B9D5772E: cdbarnes: reset ... by gforster New Member in Splunk Search 06-06-2017 0 2 | 0 | 2 | |
| | In our environment we have syslog sources that forward data to HFs via load balancer. I would like to get the report ... by bharadwaja30 Path Finder in Splunk Search 06-06-2017 0 5 | 0 | 5 | |
| | Hello, I'm trying to set up my Splunk instance so that it filters out some lines and then leaves everything else. Th... by lacrosse1991 Explorer in Splunk Search 06-06-2017 0 8 | 0 | 8 | |
| | Hello everyone! I have a field called word_score_cat1 that looks like this: word_score_cat1=7.12500 1.5171 2.1923 1.6... by mszopa Explorer in Splunk Search 06-06-2017 0 4 | 0 | 4 | |
| | I have a table which has fields defects and summary that gives me the summary of the defects. I want to extract som... by smruti13 Observer in Splunk Search 06-06-2017 0 5 | 0 | 5 | |
| | I need to set my custom time as default time, in time picker. So that in bar chart it will only show the data for tha... by dsiob Communicator in Splunk Search 06-05-2017 0 5 | 0 | 5 | |
 | My scenario is thus: The main search searches for a pattern in a sourcefile: source="/apps.log" index=idx "abc" | xm... by dragut New Member in Splunk Search 06-05-2017 0 7 | 0 | 7 | |
 | Using the docs here: http://docs.splunk.com/Documentation/Splunk/6.5.2/Admin/Propsconf, specifically this section: *... by sillingworth Path Finder in Splunk Search 06-05-2017 0 8 | 0 | 8 | |
| | If I have a lookup containing a list of different regular expressions in a column, is there a way I can input the loo... by lids4dt Engager in Splunk Search 06-05-2017 1 3 | 1 | 3 | |
| |  Splunk time and the event time does not match. There is a 5 hour difference. How to get both the timestamps under the... by ppanchal Path Finder in Splunk Search 06-05-2017 0 6 | 0 | 6 | |
| | My current search is: index=ad memberOf=role1 OR memberOf=role2 NOT memberOf=role3 | stats count as "User Group A" |... by igordon New Member in Splunk Search 06-05-2017 0 3 | 0 | 3 |
Upcoming Events
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Become An Expert
Top Labels
-
administration
3 -
alert action
3 -
alert condition
2 -
Analytics Workspace
2 -
authentication
1 -
chart
946 -
Classic dashboard
1 -
configuration
2 -
correlation search
1 -
count
1,006 -
Dashboard Studio
3 -
data
3 -
data model
1 -
development
6 -
distributed search
1 -
drilldown
1 -
email
1 -
eval
2,614 -
field extraction
2,022 -
fields
2,063 -
host
1 -
index
4 -
indexer
2 -
inputs.conf
1 -
intermediate forwarder
1 -
introduction
5 -
join
1,060 -
JSON
2 -
Linux
2 -
login
1 -
lookup
1,566 -
metadata
309 -
monitoring console
2 -
other
177 -
panel
2 -
PDF
1 -
Python
1 -
regex
1,499 -
report acceleration
2 -
rex
1,250 -
SAML
1 -
saved search
5 -
scheduled search
4 -
scripted input
1 -
search
2 -
search head
3 -
search job inspector
683 -
search peer
1 -
simple XML
1 -
source
1 -
sourcetype
4 -
Splunk Web Framework
1 -
splunk-assist
1 -
splunkd
1 -
stats
3,565 -
subsearch
1,729 -
summary indexing
4 -
table
1,754 -
time
1 -
timechart
1,158 -
transaction
452 -
transforms.conf
1 -
troubleshooting
8 -
tstats
569 -
universal forwarder
5 -
using Splunk Cloud
2 -
using Splunk Enterprise
13 -
Windows
3
- « Previous
- Next »
Get Updates on the Splunk Community!
Automating Threat Operations and Threat Hunting with Recorded Future
Automating Threat Operations and Threat Hunting
with Recorded Future
June 29, 2026 | Register
Is your ...
Keep the Learning Going with the New Best of .conf Hub
Hello Splunkers,
With .conf26 getting closer, there’s already a lot of excitement building around this year’s ...
Splunk Community Badges!
Hey everyone! Ready to earn some serious bragging rights in the community? Along with our existing badges ...
