Splunk Search

Discussions

Thread Info

Event Breaks with FlexLM Licenses not ingesting consistently

I'm individually bringing in FlexLM files into Splunk, but alas, some of them are not parsing correctly. Some are fin...

by Explorer in

Adding 'host' field to a set diff command

My set diff query compares the values of one field from two different hosts and outputs a list of the field values th...

by Engager in

How do i display only events that aren't "backed out"?

I have a table of fields with items that are either a Credit or Debit There can be multiples of the same item. Also, ...

by Communicator in

how do you concatenate the avg(value) for perfmon process coming from two servers

Very new to Splunk and need some guidance. I believe there must be a way to index the servers to differentiate them s...

by New Member in

Filter results AFTER transaction function

I have data that requires I use "transaction" to form events. I would like to filter the resulting data by a field (S...

by Communicator in

How can I count/sum single values of ONE field

Hello together, I am new at Splunk and need help for the following issue. I have the field KitchenStuff with 5 val...

by New Member in

Extraction using regular expressions

I want to extract a character string using a regular expression. I am considering extracting the field (message ID...

by Explorer in

how to extract date from filename and add it with time from event in the same file

We have log files with names like: " my-file-log1.2017-07-25.name.log" The events in the log are like this: 060047.34...

by Contributor in

Creating a new field from a default field

MessageText= [2017-07-25T16:29:01.694+10:00]...XXXXXXXXXXXXXXXXXXXXXXXXXX at com.ofss.fc.app.Interaction.analyzeAndTh...

by New Member in

How to reverse results of dedup in the same command ?

Im having an issue when trying to dedup some values. Here are the logs of servers states im having in Splunk, from th...

by New Member in

Search for events from ip addresses in the file

Hello, This seems to be like a very easy thing to do which I can't figure out. I have a csv file with ip addresses...

by Engager in

How to search a lookup csv file for list of matched events and count ?

Hi, I have few queries related to lookup in Splunk. My lookup file - list-of-master-ids.csv content of csv...

by New Member in

Performing calculations on multi values to show on timechart

Hi All, need some insight and help. I have a MQ like objects, information regarding which is forwarded into splunk...

by Engager in

How do I delete a data field from Splunk entirely?

I would like to delete a data field entirely from Splunk. Would I use the same way as described below? The data field...

by Path Finder in

how to count loglines without corresponding second loglines?

I generate logline when starting processing 1 object and another logline when ready. How to find logline1 without a ...

by New Member in

Display in table each unique value and additional field?

Hi all, I am a very new splunk user and would like to conduct produce a table with of each unique ID and the corre...

by Explorer in

I need to return only results where the "source" contains the current date.

Example: source="D:\filepath\filepath\filepath\filepath\DebugImportHelper_7_25_2017.log" This log file is creat...

by Path Finder in

We have list of hots not logging lookup hosts list can any one help with search to search in splunk find out why they are not logging

We have list of hots not logging lookup hosts list can any one help with search to search in splunk find out why they...

by Explorer in

extract field across sourcetypes

Hi, I have a regex to extract a field. I need unique count of those. During exploring I found that the extracted f...

by Path Finder in

Overlay an average line on a bar graph of counts

I have a search index=safes TransactionCode=DOPN OR TransactionCode=DCLO Details="Door A Opened" OR Details="Door A C...

by Explorer in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Event Breaks with FlexLM Licenses not ingesting consistently

Adding 'host' field to a set diff command

How do i display only events that aren't "backed out"?

how do you concatenate the avg(value) for perfmon process coming from two servers

Filter results AFTER transaction function

How can I count/sum single values of ONE field

Extraction using regular expressions

how to extract date from filename and add it with time from event in the same file

Creating a new field from a default field

How to reverse results of dedup in the same command ?

Search for events from ip addresses in the file

How to search a lookup csv file for list of matched events and count ?

Performing calculations on multi values to show on timechart

How do I delete a data field from Splunk entirely?

how to count loglines without corresponding second loglines?

Display in table each unique value and additional field?

I need to return only results where the "source" contains the current date.

We have list of hots not logging lookup hosts list can any one help with search to search in splunk find out why they are not logging

extract field across sourcetypes

Overlay an average line on a bar graph of counts

Splunk APM & RUM | Upcoming Planned Maintenance

Part 2: Diving Deeper With AIOps

User Groups | Upcoming Events!

Error with connecting two search queries with appe...

multi-level nested JSON to table?

Matching index field value with lookup field value

extract fields from json-wrapped postfix logs?

How to configure alert when a service is in failed...