Splunk Search

Discussions

Thread Info

how to get the count of transactions monthly where Transaction_Date is greater than 01/01/2016 ?

I have fields like Transaction_Date and Status. How Can I get the count of transactions which where active (i.e Statu...

by New Member in

Query Help - Traffic stats by IP & Geolocation

I'm reaching out to the Splunk community once again for some query help. I'm trying to find all the traffic going thr...

by Engager in

How to extract fields with a value greater than 3 seconds?

First sorry for my english. I'm testing Splunk at the moment, and i have a task to extract a field from *.log files. ...

by New Member in

Question on subsearch as query filter

Hi guys, I'm running a query like: index=my_index [search index=my_index abcd|table x] |table y This works out ...

by New Member in

BUG WORKAROUND: can I reset a table to page 1 when populating search is (re)run?

I have a form with a table populated by a search. The search can be tweaked via a few dropdown inputs: value of some ...

by Contributor in

Sum field value by different fields and merge together in 1 table

Hi, I have a list of events here from an account management system. "_time",dr_account,cr_account,amount "2017-...

by Engager in

appending 2 searches + date format is lost YYYY-MM becomes YYYY

I have 2 searches: search1 and search2 search 1 gives : _time kpi1 kpi2 kpi3 kpi4 2016-01 493.26 6...

by Motivator in

What is the regular expression to extract the field from my raw event?

Hi How to extract the bolded field below from my raw event. It will the anything after msg=(Action: Connect). Any...

by Builder in

extract value with matching multiple fields

If i have events like below, domain=abc, sever=abc_s1,status=running domain=abc, server=abc_s2,status=shutdown dom...

by New Member in

query help...!!!!!!

I have a requirement to find the average duration taken by the SERVICE in a day. Expected o/p1 for 1st service que...

by New Member in

Search using join returning incoherent results

Hello, I am getting different results running the same search over the same interval of time. The search is: so...

by Path Finder in

New index mapped to Hdfs data input does not result -only main index shows data

Hi Folks, Sorry for a basic question, I am a newbie. I have successfully installed and configured Hadoop Connec...

by Explorer in

what happens with Duplicate GUID's

hi, I want know what happens if hosts have duplicate GUID's because i my environment , i have 100 forwarders havin...

by Path Finder in

Upgrading apps in a clustered environment

When upgrading an app in a clustered environment (in this case the netflow analytics) - can I just update the folders...

by Builder in

How to run search only for shown panels?

Hi, i have a dashboard with several panels. i have used the "depends" option for every panel to see only those tha...

by Path Finder in

timechart where field name and value are both in event data

I have a database query that runs every 5 minutes. It brings back queue names and the counts of those queues. I would...

by Motivator in

Grab max value and associated value

I have a stats table of max hits by API for a given time period. index="ml_summary" report=api_stats earliest=-1w@...

by Communicator in

Combining Row Results Into Columns

Here is my search: | dbinspect index=netflow | stats sum(sizeOnDiskMB) as StateSize by state, splunk_server | eval...

by Builder in

Hi all,I'm pretty new to splunk and having my hands on it. My question is what query is used to get the data of specifuic user.

Hi all,I'm pretty new to splunk and having my hands on it. My question is , I have a index=sftp and user as some xyz....

by New Member in

Why are data model metrics not showing up with this search?

The following searches work : | tstats `xxxx_summaries_only` avg(All_Performance.Memory.swap_free) AS swap_free F...

by Path Finder in

Percentile Implementation

Hi I am wondering what percentile implementation does Splunk use (used by stats, etc.). It does not always return ...

by Explorer in

How to set an alert that will trigger an email when based on these conditions?

HI All, I need some help in setting alerts for a condition, where I'm using a simple Splunk search to get whether th...

by Path Finder in

index time extractions search

I have did index time extractions for fields. I have stored them in _meta. But when I search for the extracted field...

by Contributor in

how to check number of lines in each events

number of lines from file is not matching in the count, want to check each events number of lines. ?

by Explorer in

How can I split the values in the stats table. I have used in combination of stats Values() count() by host

index=* | stats values(source),values(sourcetype),count(sourcetype) by host ....query i used host values(source) ...

by Builder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

how to get the count of transactions monthly where Transaction_Date is greater than 01/01/2016 ?

Query Help - Traffic stats by IP & Geolocation

How to extract fields with a value greater than 3 seconds?

Question on subsearch as query filter

BUG WORKAROUND: can I reset a table to page 1 when populating search is (re)run?

Sum field value by different fields and merge together in 1 table

appending 2 searches + date format is lost YYYY-MM becomes YYYY

What is the regular expression to extract the field from my raw event?

extract value with matching multiple fields

query help...!!!!!!

Search using join returning incoherent results

New index mapped to Hdfs data input does not result -only main index shows data

what happens with Duplicate GUID's

Upgrading apps in a clustered environment

How to run search only for shown panels?

timechart where field name and value are both in event data

Grab max value and associated value

Combining Row Results Into Columns

Hi all,I'm pretty new to splunk and having my hands on it. My question is what query is used to get the data of specifuic user.

Why are data model metrics not showing up with this search?

Percentile Implementation

How to set an alert that will trigger an email when based on these conditions?

index time extractions search

how to check number of lines in each events

How can I split the values in the stats table. I have used in combination of stats Values() count() by host

Can’t make it to .conf25? Join us online!

Community Content Calendar, September edition

Splunkbase Unveils New App Listing Management Public Preview

Leveraging Automated Threat Analysis Across the Splunk Ecosystem

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions

Can’t make it to .conf25? Join us online!