Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Splunk Search
Splunk Search
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | Hi, I'm sure this is very simple, but I'm fairly new to regex and rex. I'm trying to use rex to extract a string fr... by vil505 Explorer in Splunk Search 06-06-2016 0 5 | 0 | 5 | |
| | I have a database with multiple fields, one being a phone number field that has a ton of phone numbers. But certain v... by zsplunka New Member in Splunk Search 06-06-2016 0 1 | 0 | 1 | |
| | I have a lookup file as CSV which contains > 27 million rows and is 2GB in size. When zipped it is 500MB. I need to... by charltones Explorer in Splunk Search 06-06-2016 0 6 | 0 | 6 | |
| | Hi all, How to extract the fields UDP_PORT and TCP_PORT from this result? FIXED_SEVERITY_3=10, FIXED_SEVERITY_2=14... by kranthi851 New Member in Splunk Search 06-06-2016 0 2 | 0 | 2 | |
 | Scenario: Ultimately, I would like to create an alert for an event in index A. Then I would like the alert to kicko... by packet_hunter Contributor in Splunk Search 06-06-2016 0 26 | 0 | 26 | |
| | **Problem #1** ** I am struggling to avoid the 10k limit on subsearches within Splunk. I have two data sources and... by hokieb New Member in Splunk Search 06-06-2016 0 5 | 0 | 5 | |
| | I have access to Splunk.com without issue. However when I try to install any app such as SoS and Sideview Utils, fr... by jbsplunk Splunk Employee  in Splunk Search 06-06-2016 6 3 | 6 | 3 | |
| | Hi all, From a scan report of Qualys, I will get IP and its PORT, TCP_PORT, UDP_PORT. Now when the scan is done afte... by kiran331 Builder in Splunk Search 06-06-2016 0 3 | 0 | 3 | |
 | Hi, Do someone have experience using the Splunk Add-on for Azure app, and retrieving Azure Table storage data? Th... by thilleso Path Finder in Splunk Search 06-06-2016 0 3 | 0 | 3 | |
| | Here is the regex that I have: ^\(\d+\)\s+\d+/\d+/\d+\s+\d+:\d+:\d+\s+\w+\s+\-\s+\(\w+\s+\w+\s+\w+\)\s+\(\d+\.\d+\.\... by krasay New Member in Splunk Search 06-06-2016 0 2 | 0 | 2 | |
| | When running a search in splunk such as 'index=syslog date_hour=12' we get the below error to do with memory configur... by aaron_harris Engager in Splunk Search 06-06-2016 0 2 | 0 | 2 | |
| | I have tried multiple time ranges. no luck. Cisco app shows data coming in. License section of Splunk Utilization Mon... by harry_hodge Explorer in Splunk Search 06-06-2016 0 4 | 0 | 4 | |
| | OK one of our devs discovered a weird bug where if a lookup is being performed on a CSV where the field to match cont... by phoenixdigital Builder in Splunk Search 06-05-2016 0 6 | 0 | 6 | |
 | Can anyone explain the time commands in Splunk with a use case? I see few of these searches in Splunk Answers, but I ... by prakash007 Builder in Splunk Search 06-05-2016 0 1 | 0 | 1 | |
| | I am getting the below error while running Splunk integration spring adapter. org.xml.sax.SAXParseException; lineNum... by maximus_reborn Path Finder in Splunk Search 06-05-2016 0 2 | 0 | 2 | |
 | Hi! Is it possible to create a correlation of fields over several different events? For example, I have to find all... by splaccount123 New Member in Splunk Search 06-05-2016 0 5 | 0 | 5 | |
 | To put it as simply as possible: Imagine 8 log entries with only two fields per log, t = time & ID = Identifier Lo... by farismitri Explorer in Splunk Search 06-04-2016 0 7 | 0 | 7 | |
 | Has anyone faced this problem - root@ip-172-31-19-68:/home/ubuntu# tail /opt/splunkforwarder/var/log/splunk/streamfw... by satishsdange Builder in Splunk Search 06-04-2016 0 1 | 0 | 1 | |
| | Scenario: I need to extract the User out of the following field msg using rex. So, I need abcdefg Group <XGroupPoli... by packet_hunter Contributor in Splunk Search 06-03-2016 0 12 | 0 | 12 | |
 | I have the following search and takes a lot of time to output data. Is there a way to optimize the search? eventtype... by jkalra Explorer in Splunk Search 06-03-2016 0 8 | 0 | 8 | |
 | Hi , I am trying to update a multivalued field in a KV store. So let's say there are 3 values in the field: A,B,A. ... by diliptmonson Explorer in Splunk Search 06-03-2016 0 2 | 0 | 2 | |
| | I am using appendcols to put two timecharts in one graph to show the correlation, however, the values are off in diff... by tinhuty Engager in Splunk Search 06-03-2016 0 11 | 0 | 11 | |
| | This morning after rebooting my computer with splunk on it, Splunk refuses to start. Trying to investigate the probl... by MidGe Explorer in Splunk Search 06-03-2016 1 15 | 1 | 15 | |
| | For Example: Suppose you have 3 numbers from search results: 1,000 2,000 and 3,000. I want to be able to display... by jcouture Explorer in Splunk Search 06-03-2016 0 6 | 0 | 6 | |
 | I have the following search index=iis | eval WebShellActive=if(match($Webshell$,"true"),"Yes",WebShellActive) | eva... by DanielFordWA Contributor in Splunk Search 06-03-2016 0 2 | 0 | 2 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Become An Expert
Top Labels
-
administration
3 -
alert action
3 -
alert condition
2 -
Analytics Workspace
2 -
authentication
1 -
chart
944 -
Classic dashboard
1 -
configuration
2 -
correlation search
1 -
count
1,003 -
Dashboard Studio
3 -
data
3 -
data model
1 -
development
6 -
distributed search
1 -
drilldown
1 -
email
1 -
eval
2,609 -
field extraction
2,017 -
fields
2,061 -
host
1 -
index
4 -
indexer
2 -
inputs.conf
1 -
intermediate forwarder
1 -
introduction
5 -
join
1,058 -
JSON
2 -
Linux
2 -
login
1 -
lookup
1,565 -
metadata
307 -
monitoring console
2 -
other
153 -
panel
2 -
PDF
1 -
Python
1 -
regex
1,498 -
report acceleration
2 -
rex
1,246 -
SAML
1 -
saved search
5 -
scheduled search
4 -
scripted input
1 -
search
2 -
search head
3 -
search job inspector
681 -
search peer
1 -
simple XML
1 -
source
1 -
sourcetype
4 -
Splunk Web Framework
1 -
splunk-assist
1 -
splunkd
1 -
stats
3,559 -
subsearch
1,721 -
summary indexing
4 -
table
1,750 -
time
1 -
timechart
1,156 -
transaction
451 -
transforms.conf
1 -
troubleshooting
8 -
tstats
566 -
universal forwarder
5 -
using Splunk Cloud
2 -
using Splunk Enterprise
13 -
Windows
3
- « Previous
- Next »
Get Updates on the Splunk Community!
App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community
As we step into 2026, it’s the perfect moment to reflect on what an extraordinary year 2025 was for the Splunk ...
Operationalizing Entity Risk Score with Enterprise Security 8.3+
Overview
Enterprise Security 8.3 introduces a powerful new feature called “Entity Risk Scoring” (ERS) for ...
Unlock Database Monitoring with Splunk Observability Cloud
In today’s fast-paced digital landscape, even minor database slowdowns can disrupt user experiences and ...
