Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Splunk Search
Splunk Search
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | source=DAM_DB_SUMMARY_REPORT | eval Date=substr(DATES,1,10) | stats sum(TOTAL_RECORDS) as "Total Records" by Date | ... by puneethgowda Communicator in Splunk Search 11-18-2016 0 3 | 0 | 3 | |
 | Hi, I am trying to extract fields from a JSON input. I don't understand if I am making any mistake in getting the eve... by rodneyjerome Explorer in Splunk Search 11-18-2016 0 3 | 0 | 3 | |
 | All, Assuming Splunk has a function for this. But for the life of me I can't find it. Is there a tool to convert de... by daniel333 Builder in Splunk Search 11-18-2016 1 3 | 1 | 3 | |
 | Hi, i have created dashboard with 2 dropdowns based on host and based on Time Range. When select host it is working b... by rajgowd1 Communicator in Splunk Search 11-17-2016 0 2 | 0 | 2 | |
| |  We have an HDFS source with sqoop files that have this naming pattern - 000000_0 to 003064_0 and each file is at the ... by ddrillic Ultra Champion in Splunk Search 11-17-2016 0 2 | 0 | 2 | |
 | I have a splunk Query as below earliest=-1d@d latest=@d index=abc | where date_hour>=15 OR date_hour<9 | stats earli... by pavanae Builder in Splunk Search 11-17-2016 0 1 | 0 | 1 | |
| | Using redhat 6, I've noticed that my Splunk instance has searches that are consuming large amounts of CPU and I am ex... by jbsplunk Splunk Employee  in Splunk Search 11-17-2016 4 3 | 4 | 3 | |
| | I wanted to accelerate my searches so I am using data models and pivot. | pivot Accounting Accounting sum(Input) A... by sushmitha_mj Communicator in Splunk Search 11-17-2016 1 4 | 1 | 4 | |
| | Please let me know the regex for this. How can the extracted field be modified? Thanks by abhijit_mhatre Path Finder in Splunk Search 11-17-2016 1 2 | 1 | 2 | |
| | Hi, we have 2 configuration files like spg.conf and spg.conf.1162016 and we written perl program to find the differen... by rajgowd1 Communicator in Splunk Search 11-17-2016 0 6 | 0 | 6 | |
| | I have a Splunk application with two Dashboards. Dashboard1 ( D1 ) is a higher level dashboard that reports overall u... by pramaswamy Path Finder in Splunk Search 11-17-2016 0 4 | 0 | 4 | |
 | I have JSON data that is broken into fields. I'm trying to add color to my stats panel or pivot table, but I'm unabl... by dstark75 New Member in Splunk Search 11-17-2016 0 12 | 0 | 12 | |
| | Ladies and Gentlemen, I have been tasked to write up a search that would give a total usage for each search from all... by ECovell Path Finder in Splunk Search 11-17-2016 0 8 | 0 | 8 | |
| | I want to use the results of a subsearch to search an index for a pattern/regex on a particular field. I have this w... by nightflame Explorer in Splunk Search 11-17-2016 0 3 | 0 | 3 | |
 | Hi there, I want to know if this is possible: I have a simple search: index=myindex host=myhost* | stats count by ... by nimblerex New Member in Splunk Search 11-17-2016 0 1 | 0 | 1 | |
 | Hello, We are using a search which displays data in a table format on a dashboard. As result, the table is too large... by AKG1_old1 Builder in Splunk Search 11-17-2016 0 1 | 0 | 1 | |
| | 2016/11/14 17:27:35:449||DeviceID=12C95D85-AC78-499A-A018-E8ADB1CC6D0E||LogLevel=Info||AppVersion=v1.0.4.8(1.0)||OSTy... by ivanlin New Member in Splunk Search 11-17-2016 0 4 | 0 | 4 | |
| | HI, i am trying to extract the last field using field extractor but its not working. can anyone help me to write rege... by rajgowd1 Communicator in Splunk Search 11-16-2016 0 2 | 0 | 2 | |
| | I have a search that outputs a number of log lines in following table format: package | lineCount ____... by pahilw Explorer in Splunk Search 11-16-2016 1 2 | 1 | 2 | |
| | hi i have two fields: IDs and response time in seconds. so by using the response time, i need to break down events 0-... by prashanthberam Explorer in Splunk Search 11-16-2016 0 3 | 0 | 3 | |
| | I'm trying to plan out retention policies, and I'm unsure about how they play alongside searches that I've marked as ... by Ricapar Communicator in Splunk Search 11-16-2016 2 3 | 2 | 3 | |
| |  I would like to create a chart that looks like the mockup in the screenshot. EXPLANATION: I provide 2 user inputs to... by namrithadeepak Path Finder in Splunk Search 11-16-2016 0 1 | 0 | 1 | |
| | I must apologize as I have found partial examples of what I am looking for, but I'm not well-versed enough to merge t... by posava Explorer in Splunk Search 11-16-2016 0 4 | 0 | 4 | |
 | Trying to count "violation type" for each program (in regards to AV program, stack pivot, overwrite code, etc etc) an... by cm22486 Path Finder in Splunk Search 11-16-2016 0 2 | 0 | 2 | |
| | What does the below coalesce command mean in this Splunk search? Any explanation would be appreciated eval fieldA=co... by pavanae Builder in Splunk Search 11-16-2016 0 3 | 0 | 3 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Become An Expert
Top Labels
-
administration
3 -
alert action
3 -
alert condition
2 -
Analytics Workspace
2 -
authentication
1 -
chart
946 -
Classic dashboard
1 -
configuration
2 -
correlation search
1 -
count
1,006 -
Dashboard Studio
3 -
data
3 -
data model
1 -
development
6 -
distributed search
1 -
drilldown
1 -
email
1 -
eval
2,615 -
field extraction
2,022 -
fields
2,064 -
host
1 -
index
4 -
indexer
2 -
inputs.conf
1 -
intermediate forwarder
1 -
introduction
5 -
join
1,060 -
JSON
2 -
Linux
2 -
login
1 -
lookup
1,566 -
metadata
310 -
monitoring console
2 -
other
182 -
panel
2 -
PDF
1 -
Python
1 -
regex
1,499 -
report acceleration
2 -
rex
1,250 -
SAML
1 -
saved search
5 -
scheduled search
4 -
scripted input
1 -
search
2 -
search head
3 -
search job inspector
683 -
search peer
1 -
simple XML
1 -
source
1 -
sourcetype
4 -
Splunk Web Framework
1 -
splunk-assist
1 -
splunkd
1 -
stats
3,565 -
subsearch
1,730 -
summary indexing
4 -
table
1,754 -
time
1 -
timechart
1,158 -
transaction
453 -
transforms.conf
1 -
troubleshooting
8 -
tstats
569 -
universal forwarder
5 -
using Splunk Cloud
2 -
using Splunk Enterprise
13 -
Windows
3
- « Previous
- Next »
Get Updates on the Splunk Community!
Monitoring AI Agents with Splunk Observability Cloud
Let’s say I’m running a travel planning AI app in production. A user asks for three concise hotel options in ...
[Puzzles] Solve, Learn, Repeat: Tiling
This puzzle (first published here) is based on finding groups of tessellated tiles (inspired by floor tiles I ...
SOK it to Me: Top 3 Benefits of Using Splunk Operator on Kubernetes that’ll Make ...
Thursday, July 9, 2026 | 11:00AM–12:00PM PDT
Duration: 1 hour (includes Q&A)
Managing can feel like a ...
