Splunk Search

Discussions

Thread Info

How do I calculate the percentage of one row against another in a stats?

I'm working with a table of conversation data, all conversations start out as a bot chat and can be escalated to a hu...

by Explorer in

Has anyone onboarded Oracle Cloud Add-on for Splunk recently?

Hello Splunkers, Has anyone on-boarded Oracle cloud recently, Please share your experience and help with the right...

by Path Finder in

How to union two time ranges

I'm trying to UNION two different tables containing info on foreign traffic - the first table is a log with time rang...

by Explorer in

How to flag users whose search engine queries contain certain words stored in a lookup table?

Hi everyone, I've seen a few posts on here and elsewhere that seem to detail the same issue I'm having, but ...

by Engager in

How can i create new fields with data from two different multi value fields?

I need to break out log data from two separate multi-value fields into single value fields. Here is what data looks l...

by Explorer in

Dynamic time creation based on time picker

Hi, I have a dashboard that shows service tickets count based on different parameters. Now I need to show a tren...

by Explorer in

splunk search statement using keyword from input box text string

the large size logs like as below it's not a regular json data, therefore need to using rex to get fields A logs ...

by Explorer in

How to create a search query that finds a field value (eg A) that have mismatched field value(B) and field value (C)?

Hi All, Below is my search query - index="idx-network-firewall" (sourcetype="fgt_traffic" OR sourcetype="fortig...

by Communicator in

How to Split hostname, IP and exclude IP from result

Hi, i want to list out all the hostname in my tipwire log. but my hostname field are as below: Hostname 10.10.1...

by Path Finder in

How to Identify a repeated set up messages [for looping process]?

We have a job that occasionally loops around the same code spewing out same set of messages [2 different messages fro...

by Path Finder in

search query stats multiple counts filteration

i have a query where i am looking for multiple values with OR and then counting the occurrence with the stats the que...

by Explorer in

Filter IPs not in ranges

Hello, I have a list of IPs generated from the following search : index=<source>| stats count by ip and I want ...

by Loves-to-Learn in

behavioral rule based on ip historic

Hello, I am trying to implement a behavioral rule, that checks if an ip was used in the last 7 days or not. this...

by Loves-to-Learn in

Ex Cisco - run a report for all DFS users who logged into VPN last week, 9/11-9/15

Hello, How can I use Splunk to run a report for all DFS users who logged into VPN last week, 9/11-9/15 I'll need ...

by Explorer in

Splunk query to list all the queries that time out

Hi, is there a query to list all the queries that time out in Splunk Cloud? Thank you Kind regards Marta

by Explorer in

Is there away to point to an existing event in Splunk using a URI link?

Is there away to point to an existing event in Splunk using a URI link like https://mysplunk.mycompany.com/....

by Path Finder in

How to perform time series analysis and anomaly detection by using the approach of Matrix Profile?

Hello All, Can we implement time series analysis and anomaly detection in Splunk by using the approach of Matrix Pr...

by Contributor in

How to extract Top Level Domains from events?

I need a query that extracts TLDs from events and compares the results with a lookup table with blocklisted TLDs

by Path Finder in

How to make this search faster

Hello, community I am trying to identify ways to make this search faster: index=Win_Logs EventCode IN (528,54...

by Communicator in

How to strip out trailing 0's

I have a field in my output that contains the following values: DAT_Version = 6556.0000 What would the REGEX look ...

by Communicator in

How to transpose or untable one column from table with 3 columns?

HelloI have a table with 3 columns : DomainEnvironemnt%of deploymentshelloqa12hello1dr13hello2prod13hello3dev1...

by Communicator in

Count users' successful logins over time

I would like to get the number of people connected (one successful login session per user per day will suffice) to ou...

by Communicator in

KV Store status is currently unknown- How to resolve this error?

We're intermittently getting this error (so far twice in 2 weeks) when trying to use the lookup command on a kvstore....

by Path Finder in

How to replace string using rex with partial matched string?

How to replace string using rex with partial matched string?Thank you for your help.For example:I tried to replace ":...

by Motivator in

Why is stats count query not working as expected?

Hi All I have a csv file in splunk that i am searching on i am looking to get the total monthly figure spend o...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

How do I calculate the percentage of one row against another in a stats?

Has anyone onboarded Oracle Cloud Add-on for Splunk recently?

How to union two time ranges

How to flag users whose search engine queries contain certain words stored in a lookup table?

How can i create new fields with data from two different multi value fields?

Dynamic time creation based on time picker

splunk search statement using keyword from input box text string

How to create a search query that finds a field value (eg A) that have mismatched field value(B) and field value (C)?

How to Split hostname, IP and exclude IP from result

How to Identify a repeated set up messages [for looping process]?

search query stats multiple counts filteration

Filter IPs not in ranges

behavioral rule based on ip historic

Ex Cisco - run a report for all DFS users who logged into VPN last week, 9/11-9/15

Splunk query to list all the queries that time out

Is there away to point to an existing event in Splunk using a URI link?

How to perform time series analysis and anomaly detection by using the approach of Matrix Profile?

How to extract Top Level Domains from events?

How to make this search faster

How to strip out trailing 0's

How to transpose or untable one column from table with 3 columns?

Count users' successful logins over time

KV Store status is currently unknown- How to resolve this error?

How to replace string using rex with partial matched string?

Why is stats count query not working as expected?

Observe and Secure All Apps with Splunk

Splunk Decoded: Business Transactions vs Business IQ

Fastest way to demo Observability

Alert Triggered Action: Dashboard Studio Snapshot

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

Splunk Search

Are you a member of the Splunk Community?

Discussions