Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Splunk Search
Splunk Search
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | I have a search in index1 that give me ip_addresses but no host name. I want to search another index, index2, for the... by srikrame New Member in Splunk Search 12-02-2016 0 3 | 0 | 3 | |
 |  Tried doing this via the Splunk docs and the macro is not being processed. My example ... My macro is named wordwe... by bensinger New Member in Splunk Search 12-02-2016 0 3 | 0 | 3 | |
 | I'm having trouble with a search and I'm banging my head against the wall. I feel like I'm on the right track but ju... by arichardson Engager in Splunk Search 12-02-2016 0 2 | 0 | 2 | |
| | We are trying to do some charting that requires counts of distinct values per build. input would be build|result 12... by shawny2005 Path Finder in Splunk Search 12-02-2016 0 4 | 0 | 4 | |
| | I have data like below which contains time taken for service call in regular string format. Sample Data : Time Take... by janibhasha New Member in Splunk Search 12-02-2016 0 2 | 0 | 2 | |
| | I have this situation: Table1 Id Field1 Field2 Field3 Table2 Id FieldA FieldB I need this result: Id Field1 Fiel... by usersplunktest New Member in Splunk Search 12-02-2016 0 2 | 0 | 2 | |
| | Hi, I have a search like this: search... | fields + user, country| stats dc(user) AS Users by country | sort - User... by HeinzWaescher Motivator in Splunk Search 12-02-2016 0 6 | 0 | 6 | |
| | how do I extract the fourth field (NAME) from the following? I am very new to Splunk and regular expression. Failed... by gurpurspai New Member in Splunk Search 12-02-2016 0 3 | 0 | 3 | |
 | I lost all my previous text because I accidentally navigated away from the page so I'll be brief here. I'm using 6.4.... by _jgpm_ Communicator in Splunk Search 12-02-2016 0 2 | 0 | 2 | |
| | When running this command: "low_seq=" "source_session_id" "-1177" | stats by _time,source_session_id,low_seq | delta... by msehic Explorer in Splunk Search 12-02-2016 0 1 | 0 | 1 | |
 | Hello dear Splunkers, Any idea how to set column names to uppercase/capital letters? I'm not talking about all the ... by DavidHourani Super Champion in Splunk Search 12-02-2016 0 4 | 0 | 4 | |
| | Hello Everyone, I am running a search to find out the top 10 URLs visited by a single user: index=ciscoasa user=""... by bagarwal Path Finder in Splunk Search 12-02-2016 0 1 | 0 | 1 | |
| | Hello, I would like to merge two events with a search to display both events' data in single line. Refer the below e... by ravinallaparedd New Member in Splunk Search 12-02-2016 0 2 | 0 | 2 | |
| | I have a field states, which is delimited by |. For example states=NY|VA|MO|GA I'm able to get it to expand and treat... by spammenot66 Contributor in Splunk Search 12-02-2016 0 1 | 0 | 1 | |
| | I have the following data: 10..20.10.100 - - [11Nov/2011:13:21:16 -0500] "GET /portlets/market_info.json?ID_STUFF=32... by tgow Splunk Employee  in Splunk Search 12-02-2016 1 4 | 1 | 4 | |
 | Hi I have the following rex to test a new field extraction: |rex "(?s)<Sql_Text>(((?<a_action>.*)))</Sql_Text>" ... by dkeck Influencer in Splunk Search 12-01-2016 0 10 | 0 | 10 | |
| | Hi I have the following event record. I need to create a field extraction on field called openports that is having ... by mohammed7860 Explorer in Splunk Search 12-01-2016 0 2 | 0 | 2 | |
 | I am running a search of my Rapid7 data I need to compare 2 fields Dest_ip and signature_id If both fields have the ... by tnoelOTS Explorer in Splunk Search 12-01-2016 0 5 | 0 | 5 | |
| | I installed this app yesterday and it's pulling all data except that from the Tor Exit Nodes and the Zeus blacklist (... by todd_miller Communicator in Splunk Search 12-01-2016 0 13 | 0 | 13 | |
| | I have two separate searches that I want to group into one. When I use appendcols I get wrong counts for the search ... by mackd New Member in Splunk Search 12-01-2016 0 2 | 0 | 2 | |
 | I am trying to track the number of active installs for my app. Does the app install count have duplicate counts when ... by wnguyen Splunk Employee in Splunk Search 12-01-2016 1 1 | 1 | 1 | |
| | There is an install count and download count listed on the details page of my app. What is the install count for my a... by wnguyen Splunk Employee in Splunk Search 12-01-2016 2 1 | 2 | 1 | |
 | I'd joined two different searches and trying to display the search 2 table for search 1 users. Both the searches have... by pavanae Builder in Splunk Search 12-01-2016 0 1 | 0 | 1 | |
 | index=bigdata | dump basefilename=MyExport How does this command know the path to save, and how do I change the pat... by nagarjuna280 Communicator in Splunk Search 12-01-2016 0 3 | 0 | 3 | |
| | Hi together, Hope you can help me. I have the following - every day I'll receive user data, and I want to count a... by egreibl Engager in Splunk Search 12-01-2016 0 2 | 0 | 2 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Become An Expert
Top Labels
-
administration
3 -
alert action
3 -
alert condition
2 -
Analytics Workspace
2 -
authentication
1 -
chart
946 -
Classic dashboard
1 -
configuration
2 -
correlation search
1 -
count
1,006 -
Dashboard Studio
3 -
data
3 -
data model
1 -
development
6 -
distributed search
1 -
drilldown
1 -
email
1 -
eval
2,615 -
field extraction
2,022 -
fields
2,064 -
host
1 -
index
4 -
indexer
2 -
inputs.conf
1 -
intermediate forwarder
1 -
introduction
5 -
join
1,060 -
JSON
2 -
Linux
2 -
login
1 -
lookup
1,566 -
metadata
310 -
monitoring console
2 -
other
182 -
panel
2 -
PDF
1 -
Python
1 -
regex
1,499 -
report acceleration
2 -
rex
1,250 -
SAML
1 -
saved search
5 -
scheduled search
4 -
scripted input
1 -
search
2 -
search head
3 -
search job inspector
683 -
search peer
1 -
simple XML
1 -
source
1 -
sourcetype
4 -
Splunk Web Framework
1 -
splunk-assist
1 -
splunkd
1 -
stats
3,565 -
subsearch
1,730 -
summary indexing
4 -
table
1,754 -
time
1 -
timechart
1,158 -
transaction
453 -
transforms.conf
1 -
troubleshooting
8 -
tstats
569 -
universal forwarder
5 -
using Splunk Cloud
2 -
using Splunk Enterprise
13 -
Windows
3
- « Previous
- Next »
Get Updates on the Splunk Community!
Monitoring AI Agents with Splunk Observability Cloud
Let’s say I’m running a travel planning AI app in production. A user asks for three concise hotel options in ...
[Puzzles] Solve, Learn, Repeat: Tiling
This puzzle (first published here) is based on finding groups of tessellated tiles (inspired by floor tiles I ...
SOK it to Me: Top 3 Benefits of Using Splunk Operator on Kubernetes that’ll Make ...
Thursday, July 9, 2026 | 11:00AM–12:00PM PDT
Duration: 1 hour (includes Q&A)
Managing can feel like a ...
