Splunk Search

Discussions

Thread Info

Why is "host=OptionalProperties" appearing as a field=value pair when we don't have a host by this name?

Why is this value appearing as a field value? It only shows a count of 3. There is no host by this name and no result...

by Path Finder in

need to find the greatest date

I have a field in an event called access_date which will be the date of a read or write of an oracle_table. I need to...

by Path Finder in

mvexpand multiple multi-value fields that may be null

The answer here https://answers.splunk.com/answers/25653/mvexpand-multiple-multi-value-fields.html works if all th...

by Explorer in

Why are we getting "[subsearch]: Search auto-finalized after time limit (60 seconds) reached" error?

We get the error such as - [subsearch]: Search auto-finalized after time limit(60 seconds) reached. We changed...

by Ultra Champion in

How to have Splunk recognize %Y%m%d%H%M%S formatted date time?

I would to create charts using timestamped data. I have a CSV file representing a table which has a TRANSACTIONDATETI...

by Explorer in

Need to get the count of number of times a field is used in a request

Need to get the count of number of times a field is used in a request Ex log: (This is a XML log, giving d...

by Explorer in

How to have Pivot Report show both chart and table

Hi, I was reviewing this tutorial on Youtube about how to create Pivot report https://www.youtube.com/watch?v=MdjDrDT...

by Path Finder in

can we monitor our devices under splunk ?

I want to be able to monitor all the devices including unix servers, windows, network and firewall devices under Splu...

by Path Finder in

How to index a file without extracting fields?

I'm trying to index a file but I don't want Splunk to try to extract interesting fields. Or if it does, I want the fi...

by New Member in

String split to the same field

Hi, I am doing some email count analysis and run into the following problem. For inbound email the recipients fie...

by Path Finder in

How to rex a uri path in order to get a filename with certian extensions lik .pdf .exe .zip

Right now Im using rex field=cs_uri_path "^.*\/(?[^.\/]+.(?:[^.\/]){3,4})$" but im missing files like blah.1.0...

by Explorer in

How is regex in whitelist of inputs monitor for indexing file to start with special characters?

I try to index sybase logs which are located in /sybase/SID/ASE-1(5|6)_0/install/SID.log (SID is variable System-ID) ...

by Path Finder in

How do I convert this string into a timestamp? the convert and eval functions don't work.

I have the following string: 20170306155556+0000 Splunk doesn't seem to understand that format. I've tried str...

by Communicator in

How do I connect to a local SQLite database?

Hi all, This has been asked before, but I have yet to find an answer on Splunk Answers that details the actual ste...

by Communicator in

Add specific fields into the timechart OTHER category.

I'm generating a report of the daily usage of my users indexes over the past week using this search: earliest=-7d@...

by Path Finder in

Create Scatter Diagram That Show Data Fall Within Average Range

Hi all, i try to create a scatter diagram that will show idea range of values and how many fall within it. I try use ...

by Engager in

multiple search queries in one panel

Can anyone help simplify attached XML to display result in one panel as described below Current Result 3 pane...

by Engager in

Excute sql statement on splunk db connect

Hi All, am connected to oracle database & am trying to get data from it using splunk dbconnect, amd trying to excu...

by Explorer in

How to setup multiple SQL statements in a single DB Connection input

Hi Everyone, I am creating DB inputs in the Splunk DB Connector 3.0.2. I would like to run 2 sql statements or pos...

by Explorer in

indexer search limits reached

Hi, When i ran a command which will fetch the events from last 7 days from a host , splunk is throwing below messa...

by Path Finder in

Creating local temporary file creates Checksum mismatch

Hello, I'm trying to create an app that runs a script that executes an app, and the app creates a log file that I'...

by Explorer in

How to count hosts that have a field value of ((X OR Y) AND (A OR B)), over the course of time?

I am looking to find hosts that have two field values over the course of time for the search, for example a week. ...

by Path Finder in

How to use rex to extract values from URLs into a field?

Hello all, From the following list http://www.foo.com:80/main.html http://www.foo.com:80/xe/journal/v1/book/nF1...

by Path Finder in

How to pass unused fields in an outer search?

Hello, I need to execute a search where the 5 fields from one search would be used to search another data. Also, I...

by Explorer in

How to identify symantec ep av logs in splunk

Can any one tell how we can identify the symantec EP old av logs and will be there any source to pull these logs ?

by Explorer in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Why is "host=OptionalProperties" appearing as a field=value pair when we don't have a host by this name?

need to find the greatest date

mvexpand multiple multi-value fields that may be null

Why are we getting "[subsearch]: Search auto-finalized after time limit (60 seconds) reached" error?

How to have Splunk recognize %Y%m%d%H%M%S formatted date time?

Need to get the count of number of times a field is used in a request

How to have Pivot Report show both chart and table

can we monitor our devices under splunk ?

How to index a file without extracting fields?

String split to the same field

How to rex a uri path in order to get a filename with certian extensions lik .pdf .exe .zip

How is regex in whitelist of inputs monitor for indexing file to start with special characters?

How do I convert this string into a timestamp? the convert and eval functions don't work.

How do I connect to a local SQLite database?

Add specific fields into the timechart OTHER category.

Create Scatter Diagram That Show Data Fall Within Average Range

multiple search queries in one panel

Excute sql statement on splunk db connect

How to setup multiple SQL statements in a single DB Connection input

indexer search limits reached

Creating local temporary file creates Checksum mismatch

How to count hosts that have a field value of ((X OR Y) AND (A OR B)), over the course of time?

How to use rex to extract values from URLs into a field?

How to pass unused fields in an outer search?

How to identify symantec ep av logs in splunk

Splunk Enterprise Security 8.x: The Essential Upgrade for Threat Detection, ...

Get Early Access to AI Playbook Authoring: Apply for the Alpha Private Preview ...

Reduce and Transform Your Firewall Data with Splunk Data Management

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions