Splunk Search

Ask a Question

Discussions

Thread Info

How do you capture values with regex?

Hi, I am fairly new to regex and cannot figure out how to capture certain strings. Here is an example of the stri...

by Engager in

Can we decide to not show fields ?

I have a log file date which is split on different fields ( date_hour, date_second, date_hour etc...) Can i decide...

by Explorer in

Retain SPL format in a drill down

When I do a drill down in my dashboard the search box in the new windows get's rid of all the line breaks in my SPL s...

by Communicator in

Search question

Hi there, Can someone help me with search around these subjects (I'm using DBX output to SQL) I'm new to this lang...

by New Member in

How do you determine the time difference between two events?

So I've read several previous questions on how to get the time difference between events, and they all seem to revolv...

by New Member in

Can you help me with the following query using regex: missing terminating ] for character class

So I tested this regex with regex101 and it seems to be working but Splunk doesn't seem to like it. Any ideas? | r...

by Contributor in

Simple search extraction for lines of text with spaces ???

Hey Guys, I seem to be struggling to pull out some what I thought would be simple searches. An example result ...

by Communicator in

How do you create several multivalued fields?

Hi all, I have several events like this: Field_A // Field_B // Field_C A // 1 // z A // 2 // z B // 3 // y...

by Path Finder in

How to specify which columns are totaled up?

What columns can I somehow override and specify which ones are totaled up? I only want the count to be totaled but ot...

by Path Finder in

How come my trendline is not displaying on a single visualization?

How can I get trendline data to show up on a single visualization using the following query? The results come back fi...

by Path Finder in

How do you use multiple by fields with a trellis layout?

Hi all, I want to get the average from a value, group this by cluster and hostname and show the value in a timecha...

by Path Finder in

How do I display text in a dashboard panel based on the event coverage percentage in its corresponding pivot?

I want to display text in the middle of the panel that is based on the value of a status code or its percentage. I...

by New Member in

Line chart of daily event totals over N-days

I need to display trending IP events over the course of 90 days with each day being a sum of the events. My origin...

by Explorer in

Reference Manual for Custom User Interface "Manager XML"

When defining a custom modular input in an app, it is possible to design a custom user interface for setting up the p...

by Explorer in

How do you make a regular expression to extract the first 4 words in a sentence?

I need to extract the first 4 words in a field with sample data like this, "The team performs checks for the foll...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

How do you capture values with regex?

Can we decide to not show fields ?

Retain SPL format in a drill down

Search question

How do you determine the time difference between two events?

Can you help me with the following query using regex: missing terminating ] for character class

Simple search extraction for lines of text with spaces ???

How do you create several multivalued fields?

How to specify which columns are totaled up?

How come my trendline is not displaying on a single visualization?

How do you use multiple by fields with a trellis layout?

How do I display text in a dashboard panel based on the event coverage percentage in its corresponding pivot?

Line chart of daily event totals over N-days

Reference Manual for Custom User Interface "Manager XML"

How do you make a regular expression to extract the first 4 words in a sentence?

Index This | Why do they call it hyper text?

State of Splunk Careers 2023: Career Resilience and the Continued Value of Splunk

The Great Resilience Quest: 9th Leaderboard Update

Users with the same roles, in the same app, and sa...

auto_generated_pool_download-trial

Automatic lookup during data ingestiont (Splunk cl...

Working with OpenTelemetry Cumulative Histogram Bu...

Better PDF report visualization