Splunk Search

Discussions

Thread Info

Multiple summary indexes

Hi, I need to schedule daily jobs for summary indexing.. There are 6 of the same jobs (licence usage over a month(...

by Explorer in

How can I highlight more than 1 string without getting this error message: "The extraction failed. If you are extracting multiple fields, try removing one or more fields"?

I'm trying to extract Signature Algorithm, but Splunk only recognizes the exact string(sha256WithRSAEncryption) in sa...

by Engager in

How to edit my search to compare software version numbers to find the latest version?

HI, I have a field called AppVersion. The field value represents the version of a piece of software. Example A...

by Path Finder in

How to pull a value from one column based on condition on another column?

I am trying to run an equivalent of the below query in splunk search, please help. SELECT CONCAT(run, '.', tag) as...

by New Member in

How to edit my rex search to extract two different or duplicate IP addresses at the same time?

Current search: search "xxx" | rex field=_raw "api:(?\s\d+.\d+.\d+.\d+)" I'm using the rex command, but it doe...

by Explorer in

how to use search result and search again for each grouped value

("conn=" AND "IP=") | rex field=_raw "conn=(?\d+)" | join connum [search "err=49" AND "conn" | rex field=_raw "conn=(...

by Explorer in

How to show a timeline of concurrent transactions

Hi, I'm trying to create a chart showing batch jobs on a timeline, in the manner of an evolutionary or geological ...

by Engager in

Improve Search Performance

Hi, Ive constructed the below 5 searches to populate a dashboard, once they go onto our live systems they are goin...

by Builder in

tstats with timchart

Hi, If I use tstats and timechart will the timechart slow down my search drastically(There is a ton of data so try...

by Explorer in

How to resize the width of a single value field

Hi, Want to reduce the width size of single value field. I want first 2 fields to be closer and then so...

by Path Finder in

Why are the emailed results of my search not formatted the same as results in Splunk Web?

I have a real time search that sends an email if there are any results. In Splunk, the search is formatted as I would...

by Explorer in

Bar Chart Line, based stats sum

Regard's, I have a bar chart is a project cost of summation. In this chart I need to have two vertical lines wher...

by Path Finder in

How to extract MAC addresses from a log that has all values delimited by a comma, but the order of fields can change?

Hi, I am trying to extract MAC addresses from a log that has all the values separated by a comma. I would use the...

by Explorer in

whitelist match issues

Hi everyone, I am having an issue where a logical AND NOT isn't working properly. Simply put I have an alert for m...

by Explorer in

How to display certain background colors for single value visualizations based on search results?

I am trying to make my search have 3 different background colors: Green if healthy, Yellow if warning, Red if critica...

by Contributor in

Calculate time difference in two different logs

Hello - Stumped on this. I have two different log files. One logs the time (and data) in transactions sent, the ot...

by New Member in

Search event count limited from REST API but not UI search

Hi, I'm running a search as follows via the Splunk Web UI ie. search index="xxxx" sourcetype="some_gateway" for a ...

by Explorer in

How to search for earlier events for a given field?

I'm trying to create a report which will find the number of 'new users'. I've extracted the field user. I want to fin...

by Explorer in

Can one graph that can show transactions per minute, and when clicked, it shows transactions per second?

I am creating a dashboard that currently exists in a different programming language. The dash that exists already, sh...

by New Member in

How can I combine stats from multiple servers from 1 site as 1 row to build a stats table for multiple sites?

I've got to get a report going that will show us multiple cloud site statistics for XenDesktop in a single report. Wh...

by New Member in

how to plot count of distinct value over time?

earliest=-6month sourcetype="mysource" | timechart span=1week count by product_name I was running this in order to...

by Engager in

How do I get Splunk to recognize the full Date AND Time in the timestamp of this CSV?

Event lines look like this {I5K5-M8HD47HI-6694GOIH},01/02/2010 07:13:39,NLR0174,PC-8272,Connect Everything I've tr...

by New Member in

Search _raw for values in a csv?

I've confirmed that the following search works: index=* sourcetype=proxy | eval domain="google" | where match(_raw...

by Engager in

addcoltotals : do not sum percentages

Hello, I'd like to do the following (screenshot at http://hpics.li/49c6c08), do not sum percentages but just follo...

by Motivator in

samples for the chord chart vis?

Has anyone got a sample? There used to be a chord chart vis and i had a few reports using this but the old chord c...

by SplunkTrust in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Multiple summary indexes

How can I highlight more than 1 string without getting this error message: "The extraction failed. If you are extracting multiple fields, try removing one or more fields"?

How to edit my search to compare software version numbers to find the latest version?

How to pull a value from one column based on condition on another column?

How to edit my rex search to extract two different or duplicate IP addresses at the same time?

how to use search result and search again for each grouped value

How to show a timeline of concurrent transactions

Improve Search Performance

tstats with timchart

How to resize the width of a single value field

Why are the emailed results of my search not formatted the same as results in Splunk Web?

Bar Chart Line, based stats sum

How to extract MAC addresses from a log that has all values delimited by a comma, but the order of fields can change?

whitelist match issues

How to display certain background colors for single value visualizations based on search results?

Calculate time difference in two different logs

Search event count limited from REST API but not UI search

How to search for earlier events for a given field?

Can one graph that can show transactions per minute, and when clicked, it shows transactions per second?

How can I combine stats from multiple servers from 1 site as 1 row to build a stats table for multiple sites?

how to plot count of distinct value over time?

How do I get Splunk to recognize the full Date AND Time in the timestamp of this CSV?

Search _raw for values in a csv?

addcoltotals : do not sum percentages

samples for the chord chart vis?

Building Reliable Asset and Identity Frameworks in Splunk ES

Cloud Monitoring Console - Unlocking Greater Visibility in SVC Usage Reporting

Automatic Discovery Part 3: Practical Use Cases

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions