Splunk Search

Discussions

Thread Info

Hide/unhide legend values by clicking on it

On a Column Chart is it possible to hide/unhide legend values by clicking on it? For eg. if I click on www3 in lege...

by Path Finder in

How to calculate total when aggregating using stats max(field)?

How to calculate total when aggregating using stats max(field)?Thank you for your help. Max Total Score is the total ...

by Motivator in

Extract domain from full url

I'm working with data from this search index=my_index sourcetype=my_sourcetype (rule=policy_1 OR rule=policy_2 ...

by Contributor in

How to create exception list by comparing two tables .

How to get the exception from the below tables. Exception is John who is not HR table . User li...

by Explorer in

Making all pie charts in a row in same vertical

Hi Splunkers! How to assign the pie chart in same vertical if we are having dropdown in one specific pie chart.Havi...

by Contributor in

How to search the time difference between a certain event and the event prior?

I am trying to find the time of a type of event, and the time difference of the same type of event that happened just...

by Communicator in

How to display other fields on the same row when aggregating using stats max(field)?

How to display other fields on the same row when aggregating using stats max(field)?Thank you for your help. For exam...

by Motivator in

Network Bandwidth Usage by url

Hi, I want to simply know bandwidth usage by url (I span on 10s for not flooding) then I divide by 10 I wrote thi...

by Engager in

Replacing "No Results Found" with "0"

I have the below query: My Search query returns a value when it finds some result whereas when it doesn't find any...

by Explorer in

Counting and threasholding

Folks, I'm new to SPL worlds. Please advice right direction to learn splunk search. Environment: proxy log se...

by Explorer in

[SPLUNK-ES] Support Request For New Search "SELECTED FIELDS" and selected “MODE”

Dears, We would like to report an issue related to Splunk-ES during the navigation of the “Search” window. We are...

by Loves-to-Learn in

Compare 2 lookup to show non match info

Hi, I have 2 lookup which is lookup A and lookup B. My lookup A will be keep update by splunk query and my lookup B i...

by Path Finder in

Metrics average

Hi,I am new to splunk metrics search. I am AWS/EBS metrics to splunk. I want to calculate the average throughput and ...

by Path Finder in

Calculate error percentage of HTTPStatus

index=sample(Consumer="prod") ServiceName="product.services.prd.*"| stats count(eval(HTTPStatus >= 400 AND HTTPStatus...

by Loves-to-Learn in

how to display the difference between main search and subsearch

assuming I have this log history: [sent] task=abc, id=123 [sent] task=abc, id=456 [success] task=abc, id=123 ...

by Explorer in

Splunk Query to check two Conditions

Hi All We are trying to get the incidents which are in open state (ie AlertStatus only equal to CREATE) . Table O...

by Explorer in

grouping field data and count

I have data like provided below: field AField BField CField Dabc.com11ABCD11xyz.com22 ABCD11abc.com11AB CD11xyz.co...

by Loves-to-Learn Lots in

Trying to map total throughout the day

I have a search that gives me the total license usage in gb's for a given time: index=_internal source=*lic...

by Explorer in

How to convert json events results into one json event?

My query returns many events, each event is in a form of a json i.e. { "key1": "val1", "key2":"val2"}I would like to ...

by Path Finder in

Why no events returned if using "" to search instead of "index="

Hi, From the context menu of a "username" field value I choose "new search", then the below SPL was automatically a...

by Communicator in

Arranging the tabular columns and removing the empty fields in the table

Hi,I am working on a query where i need to display the table based on the multiselect input.multi-select input option...

by Loves-to-Learn Lots in

Support for the current PowerShell module for Splunk

Is there no current PowerShell module support for Splunk? I am only finding old articles on this and various sites.

by New Member in

Analyzing PowerShell logs in Splunk

Hello everyone. I'm currently working on a lab assignment and I'm having trouble understanding the meaning of two spe...

by Explorer in

Moving fields from a subsearch

I have a search and subsearch that is working as required but there is a field in the subsearch that I want to displa...

by Contributor in

assign value to earliest

How I can assign a value to the earliest argument in my query which is the rounded to the last 10 minutes?when I try ...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Hide/unhide legend values by clicking on it

How to calculate total when aggregating using stats max(field)?

Extract domain from full url

How to create exception list by comparing two tables .

Making all pie charts in a row in same vertical

How to search the time difference between a certain event and the event prior?

How to display other fields on the same row when aggregating using stats max(field)?

Network Bandwidth Usage by url

Replacing "No Results Found" with "0"

Counting and threasholding

[SPLUNK-ES] Support Request For New Search "SELECTED FIELDS" and selected “MODE”

Compare 2 lookup to show non match info

Metrics average

Calculate error percentage of HTTPStatus

how to display the difference between main search and subsearch

Splunk Query to check two Conditions

grouping field data and count

Trying to map total throughout the day

How to convert json events results into one json event?

Why no events returned if using "" to search instead of "index="

Arranging the tabular columns and removing the empty fields in the table

Support for the current PowerShell module for Splunk

Analyzing PowerShell logs in Splunk

Moving fields from a subsearch

assign value to earliest

Building Reliable Asset and Identity Frameworks in Splunk ES

Cloud Monitoring Console - Unlocking Greater Visibility in SVC Usage Reporting

Automatic Discovery Part 3: Practical Use Cases

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Using Machine Learning Toolkit to detect auth abus...

Splunk Search

Are you a member of the Splunk Community?

Discussions