Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Splunk Search
Splunk Search
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | I have the below search_1 My search |top 5 users I have a second search as below My search |stats values(field_1... by pavanae Builder in Splunk Search 10-27-2016 0 3 | 0 | 3 | |
| | I have a search as follows :- My search | timechart span=1h limit=0 count by city Now how can I calculate the mean ... by pavanae Builder in Splunk Search 10-27-2016 0 1 | 0 | 1 | |
| | I have a search as follows: My search | timechart span=1h limit=0 count by users Which displays a line graph for ... by pavanae Builder in Splunk Search 10-27-2016 0 3 | 0 | 3 | |
 | I want to count all the values of a field, and display all the values as well. How do I write a search in Splunk to a... by nasamajh09 New Member in Splunk Search 10-27-2016 0 1 | 0 | 1 | |
| | Hi, I am a begginner and can't find solution for my problem. I have 3 fields: 2 from one source Characteristic ( ha... by xfiles80 New Member in Splunk Search 10-27-2016 0 7 | 0 | 7 | |
| | So we got Splunk installed and started indexing our logs before changes were put in place to better integrate with Sp... by danoconnl Explorer in Splunk Search 10-27-2016 0 3 | 0 | 3 | |
 | Hello Everyone, I have two events which I have uploaded in CSV format and the events will be consistent as below: ... by aamirs291 Path Finder in Splunk Search 10-27-2016 0 7 | 0 | 7 | |
| | I have a group of users to monitor. They create actions on a fairly regular basis, but they do not all follow the sam... by joshualarkins Explorer in Splunk Search 10-26-2016 0 4 | 0 | 4 | |
| | Not finding any examples so far, but not sure if it's possible. Wanting to have one dashboard panel that has a resu... by clintla Contributor in Splunk Search 10-26-2016 2 4 | 2 | 4 | |
| | I have front-end events with several dynamic uri patterns. I am trying to generate a report to summarize the average,... by jagadeeshm Contributor in Splunk Search 10-26-2016 0 2 | 0 | 2 | |
 | I have created a savedsearch which displays the Current license usage indexer wise. ("|rest" query) x- axis : Indexe... by splunker12er Motivator in Splunk Search 10-26-2016 0 7 | 0 | 7 | |
 | I want to extract the PHP Message as a field so I can have all the various php error messages: 2016/10/20 21:23:18 [... by splgeek Explorer in Splunk Search 10-26-2016 0 3 | 0 | 3 | |
| | I have a search as follows My search | bin span=1h _time | stats values(field_1) as Field_1 by _time Field_2 Which... by pavanae Builder in Splunk Search 10-26-2016 0 1 | 0 | 1 | |
| | hi, i have a main search- |inputlookup wlaa_hosts.csv | eval Host=split(HostList,",") | stats count by Host that ... by erwin_pader_1dc New Member in Splunk Search 10-26-2016 0 2 | 0 | 2 | |
 | We have accelerations turned on and at 100% for a number of our datamodels. I like the speed obtained by using |tstat... by reed_kelly Contributor in Splunk Search 10-26-2016 1 3 | 1 | 3 | |
 | I was using dbinpect to calculates the first and last events in my buckets. In splunk 4.* and 5.*, it was returning 2... by mataharry Communicator in Splunk Search 10-26-2016 1 3 | 1 | 3 | |
| | | metadata type=sourcetypes index=* My time range picker is set to today (Today is July 30, 2015). I analyzed my da... by david_halbeisen New Member in Splunk Search 10-26-2016 0 2 | 0 | 2 | |
| | Hi, I have scenario like having timechart to show spikes for different dates(ex for 7 days).But now it shows same va... by umsundar2015 Path Finder in Splunk Search 10-26-2016 0 5 | 0 | 5 | |
| | Hey Guys, I have the following output: Server: abc-ij-qwerty88.asdf.xyz.com Address: 10.10.254.97 DNS request timed... by bakalon Explorer in Splunk Search 10-26-2016 0 9 | 0 | 9 | |
| | Hi All, I have JSON Logs like below: SAMPLE EVENT: { [-] line: 2016-10-21 19:16:00 INFO [CollectorAccess] Updat... by sarnagar Contributor in Splunk Search 10-26-2016 0 3 | 0 | 3 | |
| | For me the below stats sum(count) by Asset_status provies no results . eval Asset_status= if(Asset_Class=Server OR A... by umsundar2015 Path Finder in Splunk Search 10-26-2016 0 3 | 0 | 3 | |
| | I would like to remove real time searches from the Home Page and Search Panel on Splunk UI. I came across someone's o... by OMohi Path Finder in Splunk Search 10-26-2016 1 3 | 1 | 3 | |
| | Is it possible to configure an automatic lookup to use a multivalued OUTPUT field? I should add that the lookups mat... by carmackd Communicator in Splunk Search 10-26-2016 2 7 | 2 | 7 | |
 | 0 | 3 | ||
| | Is sparkline adding any new information to the results of this search, or is it just presenting the same information ... by Justin1224 Communicator in Splunk Search 10-25-2016 0 3 | 0 | 3 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Become An Expert
Claim a $25 Cisco Store Gift Card
Help us improve the Splunk Community and complete our survey today!
Top Labels
-
administration
3 -
alert action
3 -
alert condition
2 -
Analytics Workspace
2 -
authentication
1 -
chart
943 -
Classic dashboard
1 -
configuration
2 -
correlation search
1 -
count
1,002 -
Dashboard Studio
3 -
data
3 -
data model
1 -
development
6 -
distributed search
1 -
drilldown
1 -
email
1 -
eval
2,607 -
field extraction
2,015 -
fields
2,057 -
host
1 -
index
4 -
indexer
2 -
inputs.conf
1 -
intermediate forwarder
1 -
introduction
5 -
join
1,056 -
JSON
2 -
Linux
2 -
login
1 -
lookup
1,559 -
metadata
307 -
monitoring console
2 -
other
140 -
panel
2 -
PDF
1 -
Python
1 -
regex
1,497 -
report acceleration
2 -
rex
1,245 -
SAML
1 -
saved search
5 -
scheduled search
4 -
scripted input
1 -
search
2 -
search head
3 -
search job inspector
680 -
search peer
1 -
simple XML
1 -
source
1 -
sourcetype
4 -
Splunk Web Framework
1 -
splunk-assist
1 -
splunkd
1 -
stats
3,553 -
subsearch
1,718 -
summary indexing
4 -
table
1,747 -
time
1 -
timechart
1,156 -
transaction
451 -
transforms.conf
1 -
troubleshooting
8 -
tstats
565 -
universal forwarder
5 -
using Splunk Cloud
2 -
using Splunk Enterprise
13 -
Windows
3
- « Previous
- Next »
Get Updates on the Splunk Community!
Index This | Why did the turkey cross the road?
November 2025 Edition
Hayyy Splunk Education Enthusiasts and the Eternally Curious!
We’re back with this ...
Enter the Agentic Era with Splunk AI Assistant for SPL 1.4
🚀 Your data just got a serious AI upgrade — are you ready?
Say hello to the Agentic Era with the ...
Feel the Splunk Love: Real Stories from Real Customers
Hello Splunk Community,
What’s the best part of hearing how our customers use Splunk? Easy: the positive ...
