Splunk Search

Discussions

Thread Info

Trying to Find All Names that Match a Name in a Field

I have a field called DNS whos field values contain the hostname in the lookup. There is also another field called Id...

by Path Finder in

stats query help !

Hello, I am searching to get results for each hour top 1 max URL hits. Iam using the below search but not getting ...

by Communicator in

How to extract a alphanumeric values with special characters

I want to extract Sample ID field value"Sample ID":"020ab888-a7ce-4e25-z8h8-a658bf21ech9"

by Path Finder in

Not able to use lookup for search in SPATH command

My data is coming for 0365 as JSON, I am using SPath to get the required fields after that i want to compare the data...

by Path Finder in

Active Directory security group changes

Hello all, I could use some help here with creating a search. Ultimately I would like to know if a user is added ...

by Path Finder in

calculate a weighted average

Hello, I would like to calculate a weighted average on an average call time. The logs I have available are of this ...

by Path Finder in

assign value from another eval param

How to assign the value of param name original to the source in the | collect statementindex=123 | eval original=a...

by Path Finder in

How to group different errors based on error types from the logs to create alert for continuous errors

I am creating a continuous error alert in Splunk. I have been working on constructing a search query to group differe...

by Loves-to-Learn Lots in

Json duplication fields on a clustered set up environment

Afternoon, We are currently having issues with duplicate JSON entries on our search heads which operate in a cluste...

by Engager in

How to show custom time for PDF schedule report?

Dashboard xml:I am using this dashboard to Schedule PDF report, and all panels are showing data for 7 days.I need to...

by Communicator in

How do I Search a Multi-Value Field?

I need to search a field called DNS_Matched, that has multi-value fields, for events that have one or more values tha...

by Path Finder in

List of Idemia machines that are on Cisco and Pulse for the past 10 days.

Can someone help me with the Splunk code that would be necessary to search for the Idemia Machines? Thank you Ant...

by Explorer in

Does Splunk support chatbot? Is it possible to have a chatbot answering using Splunk search?

by Engager in

Howcome additional condition increases result count?

my question is very simple. This returns nothing: sourcetype=my_sourcetype This returns X amount o...

by Explorer in

search to get an overview of all dashboards and apps with authorizations

I have a search to get an overview of all users with their authorizations: roles, capabilities, indexes (search found...

by Contributor in

How to limit results to one (1) for each host?

Hi, How do I limit the results per host? I have any (random) search query. I have 10 hosts. For each hosts, hundred...

by Communicator in

Matched IP from 2 different lookup with condition

Hi, i have 2 lookup tables, which are lookup A and B. Both of the lookups contain field Hostname and IP. There is s...

by Path Finder in

Search logs in Splunk Cloud using API

Hi, How are you? Thank you for the community! I have tried to search logs using API as per Creating searches using ...

by New Member in

splunk

I want to see 100% when the "No results found. " message comes.

by Contributor in

Identify duplicate values in a field

Hi, I am new to Splunk and am looking for a search that is able to identify duplicate field values. We have an issu...

by New Member in

License Usage Calculation for a Particular Event ID

Hi Team, I want to find the license usage in GB for last 30 days for a particular Event ID for index=wineventlog so...

by Contributor in

Hide/unhide legend values by clicking on it

On a Column Chart is it possible to hide/unhide legend values by clicking on it? For eg. if I click on www3 in lege...

by Path Finder in

How to calculate total when aggregating using stats max(field)?

How to calculate total when aggregating using stats max(field)?Thank you for your help. Max Total Score is the total ...

by Motivator in

Extract domain from full url

I'm working with data from this search index=my_index sourcetype=my_sourcetype (rule=policy_1 OR rule=policy_2 ...

by Contributor in

How to create exception list by comparing two tables .

How to get the exception from the below tables. Exception is John who is not HR table . User li...

by Explorer in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Trying to Find All Names that Match a Name in a Field

stats query help !

How to extract a alphanumeric values with special characters

Not able to use lookup for search in SPATH command

Active Directory security group changes

calculate a weighted average

assign value from another eval param

How to group different errors based on error types from the logs to create alert for continuous errors

Json duplication fields on a clustered set up environment

How to show custom time for PDF schedule report?

How do I Search a Multi-Value Field?

List of Idemia machines that are on Cisco and Pulse for the past 10 days.

Does Splunk support chatbot? Is it possible to have a chatbot answering using Splunk search?

Howcome additional condition increases result count?

search to get an overview of all dashboards and apps with authorizations

How to limit results to one (1) for each host?

Matched IP from 2 different lookup with condition

Search logs in Splunk Cloud using API

splunk

Identify duplicate values in a field

License Usage Calculation for a Particular Event ID

Hide/unhide legend values by clicking on it

How to calculate total when aggregating using stats max(field)?

Extract domain from full url

How to create exception list by comparing two tables .

🌟 From Audit Chaos to Clarity: Welcoming Audit Trail v2

What's New in Splunk Observability - October 2025

Splunk Enterprise Security 8.x: The Essential Upgrade for Threat Detection, ...

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions