Splunk Search

Splunk Search
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Community Activity
adepasquale

How do I my get one search to populate multiple panels in a dashboard?

So I saw the documentation for global searches, but for the life of me, I can't get it to work. As you can see, each...
by adepasquale Path Finder in Splunk Search 10-05-2016
0 5
0
5
tikoonikhil

Data not coming in JSON format from Splunk Javascript sdk

I am querying Splunk using javascript SDK. In the searchParams, i have given the output mode as "json_rows". var sea...
by tikoonikhil Explorer in Splunk Search 10-05-2016
0 1
0
1
jagdeepgupta813

How to extract a particular field from a URI in Splunk?

My data is coming like below in splunk method=PUT uri=/AppA/USA/comp1/Refrence/20160120A123456/price query= httpstat...
by jagdeepgupta813 Explorer in Splunk Search 10-04-2016
0 4
0
4
somesoni2

REX SED Help, need to replace namespaces from xml field

Hi, I have a xml field which holds values like below. It contains namespaces for each element which I want to remove...
by Revered Legend in Splunk Search 10-04-2016
1 6
1
6
stuart338

How to create a table using dedup to show one entry for each application name and create a multivalue field?

I have events that include an application name field and a uservalue field. When i table the data by application an...
by stuart338 New Member in Splunk Search 10-04-2016
0 2
0
2
atornes

Reformat Date represented by string

One of the fields of my data is a date, represented as a string like 20120215. I need to reformat this date to m/d/y...
by atornes Path Finder in Splunk Search 10-04-2016
0 2
0
2
atreece

Querying a Real Time search

I am trying to make an external dashboard for splunk that needs to be real time. At the moment, all we can do is make...
by atreece Path Finder in Splunk Search 10-04-2016
0 11
0
11
rakesh_498115

How can we re-direct the URL in a new blank page using re-direct function ??

Hi All, I am using the following code snippnet in my HTML dashboard to re-direct the page to the defined URL on clic...
by rakesh_498115 Motivator in Splunk Search 10-04-2016
0 2
0
2
mcbradford

adding descriptive text to a chart on a dashboard

Can I add descriptive text to a chart on a dashboard. If yes - how. The only way I can get this work is by adding a...
by mcbradford Contributor in Splunk Search 10-04-2016
4 7
4
7
jwalzerpitt

Regex for multi-value field in which some values are listed and then aren't

I am trying to create a regex for a multivalue field (Message) in which some values are listed and sometimes aren't l...
by jwalzerpitt Influencer in Splunk Search 10-04-2016
0 7
0
7
Justin1224

Question regarding my search string

Hi, here is my search string: | rest splunk_server=local count=0 /services/alerts/correlationsearches | fields title...
by Justin1224 Communicator in Splunk Search 10-04-2016
0 9
0
9
splunkent2

Advanced queries: Group by with conditions. Summarizing values.

Hi, I'm a novice to more advanced Splunk usage, but I understand that a lot is possible. Here is an example of a lo...
by splunkent2 New Member in Splunk Search 10-04-2016
0 1
0
1
Vettaiyan

What is the "acl_tag" field that appears under Interesting Fields in the fields sidebar?

Dear All, Splunk shows acl_tag in search and it was in Interesting Fields. As I'm new to Splunk, I want to know abou...
by Vettaiyan New Member in Splunk Search 10-04-2016
0 1
0
1
pasokkum

mvzip with fillnull for converting json to table

Hi, I want to convert a json file to table format.. JSON structure is "Settings": {<!-- --> "Employee": [ {<!-- --> ...
by pasokkum Path Finder in Splunk Search 10-04-2016
0 1
0
1
SanthoshSreshta

These results may be truncated. This visualization is configured to display a maximum of 1000 results per series, and that limit has been reached

Hi, I have results about 3333 rows. when am generating the query as sourcetype&#61;"Churn Data_CSV" | table Churn "tota...
by SanthoshSreshta Contributor in Splunk Search 10-04-2016
1 5
1
5
Justin1224

Does tstats always specify a datamodel?

Basically my problem is that I'm switching Splunk queries that I have into queries for a different search language. I...
by Justin1224 Communicator in Splunk Search 10-04-2016
0 6
0
6
ben_leung

What are manifest files used for in Splunk home directory?

splunk-6.1.4-233537-darwin-64-manifest These files only list out the directory of Splunk. When upgrading from versio...
by ben_leung Builder in Splunk Search 10-04-2016
0 3
0
3
mclane1

Search Advanced Nested query many line

Hello, I have lot of line with expression like this : code&#61;1 executionTime&#61;n ident&#61;XXX and lot of line with expre...
by mclane1 Path Finder in Splunk Search 10-03-2016
0 5
0
5
splunker12er

Is there a way to list all the available REST endpoints via search query ?

When I search for : | rest /services/server it lists below endpoints available for server: https://127.0.0.1:8089...
by splunker12er Motivator in Splunk Search 10-03-2016
1 4
1
4
the_wolverine

Why does Splunk auto fillnull my timechart?

Did this change occur recently? Why would timechart auto fillnull my field in a timechart? Example: index&#61;main | ti...
by the_wolverine Champion in Splunk Search 10-03-2016
0 7
0
7
sonicZ

How to include additional field from inputlookup in results?

Currently i am populating my summary index with a list of malware listed ips with index&#61;blah OR index&#61;blah2 OR index...
by sonicZ Contributor in Splunk Search 10-03-2016
2 5
2
5
nk-1

stats count by date

earliest&#61;10/1/2016:00:00:00 latest&#61;10/2/2016:23:59:59 sourcetype&#61;iis | stats count by date date count 2016-10-01 ...
by nk-1 Path Finder in Splunk Search 10-03-2016
1 4
1
4
balleste

How to create a table when my logs have the same field names but different values?

I have the following separate event logs in Splunk: "10/3/2016 11:30:24 AM","42646.7711166204","mail-server-01","mai...
by balleste Engager in Splunk Search 10-03-2016
0 3
0
3
cbrownlee

How to use the timechart command to find percentage differences between months by severity?

I am trying to run a report that runs percentages differences from month to month for each of the severities. I have ...
by cbrownlee New Member in Splunk Search 10-03-2016
0 3
0
3
pavanae

how to calculate the average of my search result for past 7 days. Also how can i make my result to display in timechart for 7 days?

I have a search as follows field_id&#61;"X" | eval b&#61;len(_raw) | stats sum(b) as b | eval mb&#61;round(b/1024/1024,2) | eva...
by pavanae Builder in Splunk Search 10-03-2016
1 4
1
4
Top Labels
Get Updates on the Splunk Community!

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas     Cisco Live 2026 is almost here, and this ...

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Hello Splunkers,   So you searched, “what is the name of the usb key inserted by bob smith?”  Not gonna lie… ...

Automating Threat Operations and Threat Hunting with Recorded Future

    Automating Threat Operations and Threat Hunting with Recorded Future June 29, 2026 | Register   Is your ...