Splunk Search

Community Activity

How to delete duplicate events? I've been looking into some ways to remove duplicate events using a search. Finding them is not an issue. We can use ... by Flynt Splunk Employee in Splunk Search 09-01-2023 12 17	12	17
How to do splunk field extraction from a summary index? I have an event log that looks like this search_name=x, search_now=3.000, info_min_time=1692741600.000, info_max_tim... by Mostafa3081 New Member in Splunk Search 09-01-2023 0 2	0	2
Need help in creating graphs for a value extracted from log Hello Team,I have log like this,File Records count is 2 File Records count is 5File Records count is 45File Records c... by Devi13 Path Finder in Splunk Search 09-01-2023 0 3	0	3
Generate values for IN search How do I use a search to generate values to use inside of an IN search? For example: index=syslog src_ip IN ( \| tsta... by makelovenotwar Path Finder in Splunk Search 09-01-2023 0 3	0	3
Events data processing / rename variables Hi there, im pretty new in Splunk, so sorry if it is easy task. I have following example events in my index - It is a... by PetrK Engager in Splunk Search 09-01-2023 0 2	0	2
splunk How to create empty.csv lookup in web by Siddharthnegi Contributor in Splunk Search 09-01-2023 0 4	0	4
data extraction from log without any links between them Hello Team,I have logs with the below pattern08/31/2023 8:00:00:476 am ........ count=008/31/2023 8:00:00:376 am ....... by Devi13 Path Finder in Splunk Search 09-01-2023 0 4	0	4
Filtering o365 data with a search query I have a question about filtering in data. We have a customer who is requesting a set of fields to be sent in from 03... by Abass42 Communicator in Splunk Search 08-31-2023 0 2	0	2
All hosts without specific event Hello Splunk Community,I'm trying to write a query to show me a chart (or table) for all hosts in my index in the las... by erick4x4 Explorer in Splunk Search 08-31-2023 0 5	0	5
Using Splunkbase Maps+ Hello All,I am hoping for some guidance here. I am using Maps+. It seems to be a decent application.There are two thi... by eholz1 Builder in Splunk Search 08-31-2023 0 0	0	0
Query to get volume of specific word I want to get the volume for a specific word "ERROR" occurrence in a specific server in last 7 days. How to do that? ... by Himani88jain New Member in Splunk Search 08-31-2023 0 1	0	1
How to query a field in DBXQuery that contains colon? Hello,How to query a field in DBXQuery that contains colon? I ran the following query and got an error. Thank you \|... by LearningGuy Motivator in Splunk Search 08-31-2023 0 4	0	4
List top 10 values for each fields of an index Hello,I'm new to Splunk and despite searching extensively on this community site, I was not able to find a solution f... by fabienpe Explorer in Splunk Search 08-31-2023 0 2	0	2
How to Compare two fields and exclude if the values are same? Hi,I have two fields: field 1 and field 2field1 field 2 ABC AA\ABC DEF DD\DEF GHI ... by Woodpecker Path Finder in Splunk Search 08-31-2023 0 5	0	5
Help with using lookups for combinations of values I have a simple lookup file with two fields, user and hostuser hostBob ... by neilsmith2 Explorer in Splunk Search 08-31-2023 0 1	0	1
[REX] : How to extract 2 words OR one if the line contains only one with rex Hi, I need to extract with rex the two first words of one event but sometimes they are only one word.For example, wit... by tchounga Explorer in Splunk Search 08-31-2023 0 9	0	9
License usage How to see daily licensing usage of 1 index in Splunk. by Siddharthnegi Contributor in Splunk Search 08-31-2023 0 1	0	1
How to combine multiple events from two indexes in Splunk 1st query: index="A" event_tag="event1" build_number=1 job_name=job1 type=completed 2nd query: index="B" event_tag... by welcome Engager in Splunk Search 08-31-2023 0 7	0	7
How to add a new row to my table that add the counts of three fields and subtract from another field? I want to add three fields insert ,update and error then subtract it from count_carmen and add new row . by avi7326 Path Finder in Splunk Search 08-31-2023 0 6	0	6
string fields with numbers to be compared I have another issue in comparing and want to compare should_be with server_installed_package . Sometime package inst... by Hema_Nithya Explorer in Splunk Search 08-31-2023 0 1	0	1
How to change text color based on Threshold in Dashboard table Hello,I'm not sure how to achieve this, or if it's possible. I have a Column that I am using as a Status indicator i... by mninansplunk Path Finder in Splunk Search 08-30-2023 0 10	0	10
How to use a sub-search result value as a search query in the main search Hello, I've been attempting to use the results of a sub-search as input for the main search with no luck. I'm getting... by leykmekoo Explorer in Splunk Search 08-30-2023 0 2	0	2
Timechart with Failurepercentage and appendcols I am using below query to get search result and calculate the failure percentage but not getting the expected result.... by yuvrajsharma_13 Explorer in Splunk Search 08-30-2023 0 3	0	3
Why are All indexes not showing up in the UI dropdown when sourcetype is set custom? our app's addon's Inputs.config the sourcetype is set to custom name and the index is set to default. shown in below... by samsign Engager in Splunk Search 08-30-2023 0 3	0	3
How to evaluate the following string as a fields Hi , I have two servers with plugin details . I want to evaluate a column as Package_installed and Package_shouldbe b... by Hema_Nithya Explorer in Splunk Search 08-30-2023 0 4	0	4