Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Splunk Search
Splunk Search
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 |  Hi, I have this query index=cox UCE-|rex "UCE-(?<UCE_Code>(\d+))"|lookup UCECodes.csv UCE-Code as UCE_Code|eval ud=... by dbcase Motivator in Splunk Search 12-13-2016 0 3 | 0 | 3 | |
 | Hi, let's say we have a string with various tagged entries: "This {field1} is {delete_this} the example {tagged_el... by HeinzWaescher Motivator in Splunk Search 12-13-2016 0 8 | 0 | 8 | |
| | Hi, I'm struggling with a search string to pull back Active Directory logon times for a specific user and to include ... by mattj81 New Member in Splunk Search 12-13-2016 0 6 | 0 | 6 | |
| | Hi, My scenario is to get a time chart with each day's values for a particular period of time (ex: 7 days) and their... by umsundar2015 Path Finder in Splunk Search 12-13-2016 0 13 | 0 | 13 | |
| | hi all i have taskmanager log files which has the events like Mon Jun 25 00:00:30 CDT 2012,DistributedEvaluation,S... by splunkpoornima Communicator in Splunk Search 12-12-2016 0 2 | 0 | 2 | |
| | I am running Splunk 6.5 , and I have tried many things for hours, but am still getting: The system is approaching th... by medunmeyer Explorer in Splunk Search 12-12-2016 0 1 | 0 | 1 | |
| |  I have 2 jobs running daily (DailyDayJob, DailyNightJob) that logs to a common file. The logs are as given below: 20... by namrithadeepak Path Finder in Splunk Search 12-12-2016 0 9 | 0 | 9 | |
| | Sorry I am new to Splunk and wondering if can have the report that gives results in a table as below, data as : i... by Vicky84 Explorer in Splunk Search 12-12-2016 0 4 | 0 | 4 | |
| | I have a field in my logs that looks like this: Timestamp: 1477292160636560 1217 The first number is time at which... by johnbernal553 New Member in Splunk Search 12-12-2016 0 2 | 0 | 2 | |
| | Imagine there are thousands of JSON entries and I want to correlate object pairs via a key/value pair. Entry #44 { ... by Leustad Engager in Splunk Search 12-12-2016 0 1 | 0 | 1 | |
 | Hello All, I have a lookup called mylookup based on mylookup.csv containing 3 fields FieldA, FieldB and FieldC. I a... by AnthonyTibaldi Path Finder in Splunk Search 12-12-2016 0 6 | 0 | 6 | |
| | I have this real-time query with a 12 week back fill: host="<some host>" OR host="<some other host>" "<some sear... by rlincoln New Member in Splunk Search 12-12-2016 0 4 | 0 | 4 | |
 | I have a voice CDR being imported into splunk, i have indexed extractions working perfectly as its ultimately a CSV f... by anthonysomerset Path Finder in Splunk Search 12-12-2016 0 4 | 0 | 4 | |
 | Hi, When I search for events from the virtual index, I start to receive events but the query only finishes partially... by jmallorquin Builder in Splunk Search 12-12-2016 0 5 | 0 | 5 | |
| | Hi Guys, I am unable to search the event data for license_usage.log , whereas I can see the log file getting updated ... by srikanth1213 Path Finder in Splunk Search 12-12-2016 0 4 | 0 | 4 | |
| | Hi All, Does anyone have a search/report that shows all of your indexes with usage by day vs the previous day with a... by brywilk_umich Path Finder in Splunk Search 12-12-2016 0 2 | 0 | 2 | |
| | I have the following query which gives me a Total count of 2 searches but after evaluating, I am not getting the Tota... by shivendra_infy Path Finder in Splunk Search 12-12-2016 0 1 | 0 | 1 | |
 | I have logs including some very long lines. To get overview of activity, I want to write a search that shows just the... by erik_paulsen Engager in Splunk Search 12-12-2016 1 3 | 1 | 3 | |
| | Simple question: both of these return null. Any idea why? | eval createDt1 = strftime("2013-03-22 11:22:33","%s") |... by paulalbert11 Explorer in Splunk Search 12-12-2016 0 9 | 0 | 9 | |
| | Hi, I would like to know how to find value from lookup table dynamically by matching string in field value. For exa... by ravinallaparedd New Member in Splunk Search 12-12-2016 0 3 | 0 | 3 | |
| | Hi all, Is there any possibility to show values inside the chart without bringing mouse over it. It should always be... by sumanth_isac Path Finder in Splunk Search 12-12-2016 1 10 | 1 | 10 | |
| | Trying to evaluate the below: 1min=1;5min=1;60min=1;24hr=1 Below seem to be not working. Anything wrong with this?... by rguntupalli8 New Member in Splunk Search 12-12-2016 0 3 | 0 | 3 | |
| | Hi, i am trying to create a pie chart with gives %age up and down time of a system. Splunk mines a log file with the... by dutabhis07 Explorer in Splunk Search 12-12-2016 0 3 | 0 | 3 | |
| | Hello, I would like to know how to calculate sum of selected values by excluding other values in a multivalue field.... by ravinallaparedd New Member in Splunk Search 12-11-2016 0 5 | 0 | 5 | |
| | Hi there, I am trying to calculate the percent of failure types by the total number of transactions (including where... by demkic Explorer in Splunk Search 12-11-2016 0 11 | 0 | 11 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Become An Expert
Top Labels
-
administration
3 -
alert action
3 -
alert condition
2 -
Analytics Workspace
2 -
authentication
1 -
chart
944 -
Classic dashboard
1 -
configuration
2 -
correlation search
1 -
count
1,003 -
Dashboard Studio
3 -
data
3 -
data model
1 -
development
6 -
distributed search
1 -
drilldown
1 -
email
1 -
eval
2,609 -
field extraction
2,018 -
fields
2,062 -
host
1 -
index
4 -
indexer
2 -
inputs.conf
1 -
intermediate forwarder
1 -
introduction
5 -
join
1,058 -
JSON
2 -
Linux
2 -
login
1 -
lookup
1,565 -
metadata
307 -
monitoring console
2 -
other
155 -
panel
2 -
PDF
1 -
Python
1 -
regex
1,498 -
report acceleration
2 -
rex
1,246 -
SAML
1 -
saved search
5 -
scheduled search
4 -
scripted input
1 -
search
2 -
search head
3 -
search job inspector
682 -
search peer
1 -
simple XML
1 -
source
1 -
sourcetype
4 -
Splunk Web Framework
1 -
splunk-assist
1 -
splunkd
1 -
stats
3,559 -
subsearch
1,723 -
summary indexing
4 -
table
1,750 -
time
1 -
timechart
1,156 -
transaction
451 -
transforms.conf
1 -
troubleshooting
8 -
tstats
566 -
universal forwarder
5 -
using Splunk Cloud
2 -
using Splunk Enterprise
13 -
Windows
3
- « Previous
- Next »
Get Updates on the Splunk Community!
Enterprise Security (ES) Essentials 8.3 is Now GA — Smarter Detections, Faster ...
As of today, Enterprise Security (ES) Essentials 8.3 is now generally available, helping SOC teams simplify ...
AI for AppInspect
We’re excited to announce two new updates to AppInspect designed to save you time and make the app approval ...
App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community
As we step into 2026, it’s the perfect moment to reflect on what an extraordinary year 2025 was for the Splunk ...
