Splunk Search

Ask a Question

Discussions

Thread Info

how to calculate growth total

Can you please tell us, how to calculate growth total, We have values like downloads_total for each week, but we w...

by Builder in

Count for each ID depending on EXEC time

Hello, I'm searching a way to sort a number of events depending on the value of a field : One event has a field EX...

by Path Finder in

Search/Macro using a variable as a condition

Hi all, I am trying to use a variable as a search condition based on input in a text box. In order to make it simp...

by Communicator in

Stats by date

Hi , I need the below splunk search to be shown in stats. Stats should be in date wise. please help. | eventcou...

by Explorer in

How to check status of specific indexed file using .../services/admin/inputstatus endpoint?

I have imported "xyz "folder into splunk and after indexing I want to check status of particular abc.txt file from th...

by Explorer in

Why splunk do not scan all events to search a specific keyword?

Suppose I have 1 Lac events with sourcetype = java and i am searching for keyword "xyz" with query: sourcetype=java x...

by Explorer in

How to build a query to find the request and response of the main service and sub services

Hi, I have a request and response logs for service.here is the question. service A(main service)(id:1111): ---Inte...

by Explorer in

Rename a field based on the the value of another field?

If I have a table like the following and want to combine the values into a single row for further evaluation, how wou...

by Champion in

Group results by common value

Alright. My current query looks something like this: sourcetype=email action=accept ip=127.0.0.1 | stats count(sub...

by Engager in

combine two pieces of code

Hi, I have two pieces of codes executed in orders. The first piece generates a lookup table by "|outputlookup test...

by Path Finder in

RegEx to Find First Match of OR

Hi, banging my head... 04/22/2016 09:23:50,865 - ERROR - exception occurred --- FOO BAR Severity: Error Mes...

by Contributor in

How to create a timechart on license usage to show the max usage and the individual usage for each of our Splunk environments?

I have been trying to create a timechart on license usage. I did try this search below.. index=_internal source=*...

by Builder in

How to compute Windows service uptime and use those totals to produce an uptime percentage?

I am trying to determine uptime duration on Windows 7036 events. Below is sample data: TIME SERVICE STATE 10:00 sp...

by Explorer in

How can I integrate the time constraint from my time input token in JavaScript for a table with expandable rows?

Hi, I have created a table with expandable rows: Code for the table: <form script="expand_alerts.js"> <lab...

by New Member in

Weekly change percentage query

Can you please help us to find the weekly change percentage, we have a splunk query index="mobileapps" sourcetype...

by Builder in

Stability issues with db connect 2 'The read operation timed out'

Hi, I'm running Splunk 6.3.1, db connect 2.0.6. Splunk was updated 2 days ago. This problem already showed up with ea...

by Explorer in

Extracting each value from a multi-valued field

I have a column with some information as follows traffic_location ABC 23 EFG RKY ABC 12 HIJ 23 ABD 23 HIJ 12 ABD...

by Communicator in

lookup faup url restricted specific fields

Hi everyone, I want to run this sourcetype=x | lookup faup url but am ONLY interested in url, url_scheme, url_p...

by New Member in

How to convert an IP address to binary?

I need to convert an IP address to binary. i.e. IP Address:10.171.230.151 -->10 171 230 151 -->1100000010101000000...

by Explorer in

More help with regex

I am again in need of help with regex. In a scrubbed example (there are thousands more lines) of the following dns lo...

by Communicator in

How to create an automatic lookup where lookup input fields are similar to the CSV fields?

HI Folks, I'm trying to get automatic lookups working for a custom CSV file import. I'm trying to key in on two fi...

by New Member in

Should I use an index-time field extraction?

Dear fellow Splunkers, I have seen the docs on index-time field extractions and a few related answers here, there ...

by Explorer in

creating an 'other' field with eval

I am quite knew to this and not remotely wedded to eval as the solution for this problem, I am eager to know if there...

by Engager in

Unexpected inner join results

Hi, I have two tables like below: table 1 (nl_t1.csv): IP Source1 1 a 1 b table 2 (nl_t2.csv): IP Source2 1 ...

by Path Finder in

how can i extract a quoted field value that includes a quoted string?

(a question from a customer) I have a field named string that reads: string="This is "an extraordinary" event,...

by Splunk Employee in

Get Updates on the Splunk Community!

Splunk Search

Discussions

how to calculate growth total

Count for each ID depending on EXEC time

Search/Macro using a variable as a condition

Stats by date

How to check status of specific indexed file using .../services/admin/inputstatus endpoint?

Why splunk do not scan all events to search a specific keyword?

How to build a query to find the request and response of the main service and sub services

Rename a field based on the the value of another field?

Group results by common value

combine two pieces of code

RegEx to Find First Match of OR

How to create a timechart on license usage to show the max usage and the individual usage for each of our Splunk environments?

How to compute Windows service uptime and use those totals to produce an uptime percentage?

How can I integrate the time constraint from my time input token in JavaScript for a table with expandable rows?

Weekly change percentage query

Stability issues with db connect 2 'The read operation timed out'

Extracting each value from a multi-valued field

lookup faup url restricted specific fields

How to convert an IP address to binary?

More help with regex

How to create an automatic lookup where lookup input fields are similar to the CSV fields?

Should I use an index-time field extraction?

creating an 'other' field with eval

Unexpected inner join results

how can i extract a quoted field value that includes a quoted string?

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions