Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Splunk Search
Splunk Search
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | Suppose I have vehicle data of the form: 2016-10-18 17:37:05 GMT vehicle_id="1011" vehicle_distance=185 stop_tag="52... by plucas_splunk Splunk Employee  in Splunk Search 10-22-2016 0 2 | 0 | 2 | |
 | HI , Even if i just started my splunk instance, my views are loading with this error. I am sure that only one search ... by smolcj Builder in Splunk Search 10-22-2016 2 14 | 2 | 14 | |
| | Good morning, I am suddenly receiving this error and not able to index: skipped indexing of internal audit event wi... by kholleran Communicator in Splunk Search 10-22-2016 4 10 | 4 | 10 | |
 | i have two conditions which has to be put in a same search. conditon no 1: if the Source address is in bad_ips.csv (... by samsingnok Engager in Splunk Search 10-22-2016 0 1 | 0 | 1 | |
 | Hello, This is my regex, it works well using the rex command on the search bar of my app like this: index=hpux tag=... by guarisma Contributor in Splunk Search 10-21-2016 0 2 | 0 | 2 | |
| | Hi How to search for user logon duration in a aday starting with first 4624 event and last 4634 event in the day? by kiran331 Builder in Splunk Search 10-21-2016 0 1 | 0 | 1 | |
| | Greetings, The event that I'm working with is below. The problem is that our platform (in this case) has a field ... by jpaulovich Explorer in Splunk Search 10-21-2016 0 3 | 0 | 3 | |
| | Summary: We want to trigger an alert/email when a user logs on to a new system for the first time. Event ID 4624 is ... by desmondpigott Explorer in Splunk Search 10-21-2016 0 2 | 0 | 2 | |
| | I'll start with a raw event. This is basically a Java stack dump. 2016-10-20 13:23:20,828 [p-bio-8001-exec-1866] [T... by JDukeSplunk Builder in Splunk Search 10-21-2016 0 1 | 0 | 1 | |
| | Hi, I'm trying to compare stats from 2 different dates (sometimes not back to back) and I'm running into a wall bec... by wweiland Contributor in Splunk Search 10-21-2016 0 9 | 0 | 9 | |
| | I was successfully using the following query with Splunk 6.4.3: index="pixelscoredata"| chart count by imps_budget b... by rdominy Engager in Splunk Search 10-21-2016 0 2 | 0 | 2 | |
| | I'm working to simplify a serverclass.conf and am struggling to get regex working. For example: [serverClass:Conf... by torndorff Explorer in Splunk Search 10-21-2016 0 5 | 0 | 5 | |
| | I have two searches: 1st search: index=main sourcetype=ab_alerts | rename ab_alerts.AlertID as AlertID, ab_alerts.... by TMazurek New Member in Splunk Search 10-21-2016 0 7 | 0 | 7 | |
 | I want to add a field to my events that is derived from a discovered field at search time. The new field wil be a pri... by vxsplunk Explorer in Splunk Search 10-21-2016 1 4 | 1 | 4 | |
| | Hi, I have events with a timestamp_value=1477043785561 We can filter like this: index=a sourcetype=logins timestam... by HeinzWaescher Motivator in Splunk Search 10-21-2016 0 8 | 0 | 8 | |
| | Trying to build a query that will return values in the event of multiple userIDs attempting to login from a single IP... by MattQ Explorer in Splunk Search 10-21-2016 0 4 | 0 | 4 | |
| | I have what seems like a fairly simple analytical problem that I'm having real trouble wrapping into Splunk commands.... by dustinhartje Explorer in Splunk Search 10-21-2016 0 4 | 0 | 4 | |
| | I need to search two strings within the set of rows of the log file. I have a process running for the new webscript -... by runiyal Path Finder in Splunk Search 10-20-2016 0 2 | 0 | 2 | |
| | I am trying to run a dashboard search in verbose mode. I am using workflow actions from within the events, but the re... by rdownie Communicator in Splunk Search 10-20-2016 1 4 | 1 | 4 | |
| | I'm trying to have Splunk build a list of field names where the values in the fields meet some criteria - note though... by Runals Motivator in Splunk Search 10-20-2016 0 3 | 0 | 3 | |
| | Why is values(Authentication.user_category) here when further down there is "where Authentication.user_category=defau... by Justin1224 Communicator in Splunk Search 10-20-2016 0 2 | 0 | 2 | |
| | This search works, but it's slow. I know nested searches are no longer recommended. Can anyone help me re-write thi... by jaxjohnny Path Finder in Splunk Search 10-20-2016 0 4 | 0 | 4 | |
| | Hi, I've CSV which contain groupe and user Groupe Name, User administrator,admin1 guest,admin2 guest,admin1 printer... by danje57 Path Finder in Splunk Search 10-20-2016 0 3 | 0 | 3 | |
 | I want the table to be generated based on 2 conditions - one condition is comparing eval expression and other field v... by k_harini Communicator in Splunk Search 10-20-2016 0 6 | 0 | 6 | |
 | Hi I have the following search which displays the Average of a field, but I am trying to put a time chart in hourly ... by pavanae Builder in Splunk Search 10-20-2016 0 6 | 0 | 6 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Become An Expert
Claim a $25 Cisco Store Gift Card
Help us improve the Splunk Community and complete our survey today!
Top Labels
-
administration
3 -
alert action
3 -
alert condition
2 -
Analytics Workspace
2 -
authentication
1 -
chart
943 -
Classic dashboard
1 -
configuration
2 -
correlation search
1 -
count
1,002 -
Dashboard Studio
3 -
data
3 -
data model
1 -
development
6 -
distributed search
1 -
drilldown
1 -
email
1 -
eval
2,607 -
field extraction
2,015 -
fields
2,057 -
host
1 -
index
4 -
indexer
2 -
inputs.conf
1 -
intermediate forwarder
1 -
introduction
5 -
join
1,056 -
JSON
2 -
Linux
2 -
login
1 -
lookup
1,559 -
metadata
307 -
monitoring console
2 -
other
140 -
panel
2 -
PDF
1 -
Python
1 -
regex
1,497 -
report acceleration
2 -
rex
1,245 -
SAML
1 -
saved search
5 -
scheduled search
4 -
scripted input
1 -
search
2 -
search head
3 -
search job inspector
680 -
search peer
1 -
simple XML
1 -
source
1 -
sourcetype
4 -
Splunk Web Framework
1 -
splunk-assist
1 -
splunkd
1 -
stats
3,553 -
subsearch
1,718 -
summary indexing
4 -
table
1,747 -
time
1 -
timechart
1,156 -
transaction
451 -
transforms.conf
1 -
troubleshooting
8 -
tstats
565 -
universal forwarder
5 -
using Splunk Cloud
2 -
using Splunk Enterprise
13 -
Windows
3
- « Previous
- Next »
Get Updates on the Splunk Community!
Index This | Why did the turkey cross the road?
November 2025 Edition
Hayyy Splunk Education Enthusiasts and the Eternally Curious!
We’re back with this ...
Enter the Agentic Era with Splunk AI Assistant for SPL 1.4
🚀 Your data just got a serious AI upgrade — are you ready?
Say hello to the Agentic Era with the ...
Feel the Splunk Love: Real Stories from Real Customers
Hello Splunk Community,
What’s the best part of hearing how our customers use Splunk? Easy: the positive ...
