Splunk Search

Ask a Question

Discussions

Thread Info

splunk

How to create empty.csv lookup in web

by Contributor in

data extraction from log without any links between them

Hello Team, I have logs with the below pattern 08/31/2023 8:00:00:476 am ........ count=0 08/31/2023 8:00:00:37...

by Path Finder in

Filtering o365 data with a search query

I have a question about filtering in data. We have a customer who is requesting a set of fields to be sent in from 03...

by Communicator in

All hosts without specific event

Hello Splunk Community, I'm trying to write a query to show me a chart (or table) for all hosts in my index in the ...

by Explorer in

Using Splunkbase Maps+

Hello All, I am hoping for some guidance here. I am using Maps+. It seems to be a decent application. There are t...

by Builder in

Query to get volume of specific word

I want to get the volume for a specific word "ERROR" occurrence in a specific server in last 7 days. How to do that? ...

by New Member in

How to query a field in DBXQuery that contains colon?

Hello,How to query a field in DBXQuery that contains colon? I ran the following query and got an error. Thank you |...

by Motivator in

List top 10 values for each fields of an index

Hello, I'm new to Splunk and despite searching extensively on this community site, I was not able to find a solutio...

by Explorer in

How to Compare two fields and exclude if the values are same?

Hi,I have two fields: field 1 and field 2field1 field 2 ABC AA\ABC DEF DD\DEF GHI...

by Path Finder in

Help with using lookups for combinations of values

I have a simple lookup file with two fields, user and host user host Bob ...

by Explorer in

[REX] : How to extract 2 words OR one if the line contains only one with rex

Hi, I need to extract with rex the two first words of one event but sometimes they are only one word. For exa...

by Explorer in

License usage

How to see daily licensing usage of 1 index in Splunk.

by Contributor in

How to combine multiple events from two indexes in Splunk

1st query: index="A" event_tag="event1" build_number=1 job_name=job1 type=completed 2nd query: index="B" event_...

by Engager in

How to add a new row to my table that add the counts of three fields and subtract from another field?

I want to add three fields insert ,update and error then subtract it from count_carmen and add new row .

by Path Finder in

string fields with numbers to be compared

I have another issue in comparing and want to compare should_be with server_installed_package . Sometime package inst...

by Explorer in

How to change text color based on Threshold in Dashboard table

Hello, I'm not sure how to achieve this, or if it's possible. I have a Column that I am using as a Status indicato...

by Path Finder in

How to use a sub-search result value as a search query in the main search

Hello, I've been attempting to use the results of a sub-search as input for the main search with no luck. I'm gett...

by Explorer in

Timechart with Failurepercentage and appendcols

I am using below query to get search result and calculate the failure percentage but not getting the expected result....

by Explorer in

Why are All indexes not showing up in the UI dropdown when sourcetype is set custom?

our app's addon's Inputs.config the sourcetype is set to custom name and the index is set to default. shown in below...

by Engager in

How to evaluate the following string as a fields

Hi , I have two servers with plugin details . I want to evaluate a column as Package_installed and Package_shouldbe b...

by Explorer in

App Add-on - During data input flow .. how to enable user input string to search for an index

As an app add-on creater we don't have control on the Indexes available on the Splunk Cloud on user environment. In ...

by Engager in

Telephone in range of site

good morning. for example I have number the following +140871771234, +140871771245, +140871771286 +171522334321...

by Loves-to-Learn in

how to create dependent dropdown based on saved search

Hello All, How to create dependent dropdown based on saved search I am using a saved search but when I add: |sear...

by Path Finder in

How to escape all possible special characters

Hi Splunk Experts, I've a table and based on a click, I'm holding the value of field in token and using it in a dif...

by Contributor in

How to color trend in single value?

I can not figure out how to color the trend instead of the value. This is my search: I found a documentati...

by Contributor in

Get Updates on the Splunk Community!

Splunk Search

Discussions

splunk

data extraction from log without any links between them

Filtering o365 data with a search query

All hosts without specific event

Using Splunkbase Maps+

Query to get volume of specific word

How to query a field in DBXQuery that contains colon?

List top 10 values for each fields of an index

How to Compare two fields and exclude if the values are same?

Help with using lookups for combinations of values

[REX] : How to extract 2 words OR one if the line contains only one with rex

License usage

How to combine multiple events from two indexes in Splunk

How to add a new row to my table that add the counts of three fields and subtract from another field?

string fields with numbers to be compared

How to change text color based on Threshold in Dashboard table

How to use a sub-search result value as a search query in the main search

Timechart with Failurepercentage and appendcols

Why are All indexes not showing up in the UI dropdown when sourcetype is set custom?

How to evaluate the following string as a fields

App Add-on - During data input flow .. how to enable user input string to search for an index

Telephone in range of site

how to create dependent dropdown based on saved search

How to escape all possible special characters

How to color trend in single value?

Reduce and Transform Your Firewall Data with Splunk Data Management

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions