Splunk Search

Ask a Question

Discussions

Thread Info

How to sort the month when using the field in chart over command?

Hi Below is a query which returns the latency over month by cust_id. Events contain fields as month=April, month=M...

by Communicator in

What's the output of the following eval and now() function query?

Hi All, Could you please help me here in confirming what would be the output of the below eval command? "eval a...

by Communicator in

show one instance of an error (out of many errors coming repeatedly) from a given time

I am getting many errors while just writing keyword error when searched from a single log file like Retrying connecti...

by Engager in

Can you help me build a KVStore record deletion query?

hello, Short background.. One of the application populates some ids for deletion of multiple types like type A, B,...

by Path Finder in

Process delayed - Could you suggest a way to speed up our search?

We have a search with some subsearches that runs for about 40 seconds. "This search has completed and has returned 1...

by Explorer in

set a column's max-width in a chart

Hi, I have a JSChart like this and I want to set a max width for graph's column. I want to avoid this huge column whe...

by Communicator in

How do I search for users logging into our Splunk server remotely?

We had a user log in remotely either with ESXI, with a VM, with Remote Desktop or with the command prompt using SSH. ...

by New Member in

How to create a static column in a table?

I would like to create one column with labels that should not be changed. For example: column title: my_own fir...

by Path Finder in

How to count the number of events by types that occurred during each period of time

How to count the number of events by types that occurred during each period of time (for example, yesterday and the d...

by New Member in

Why are events not sorting in Chronological Order with a basic search?

Today, I noticed that, when performing a basic search, the events are not sorted chronologically. Additionally, not a...

by Path Finder in

How to perform targeted searches on rex fields?

I have some unstructured events, and I've been using rex field to create a variety of fields to better organize every...

by Explorer in

Comparison and condition function help. Multiple If, case or like statements in search

index=foo | eval Compliant=case(like(AppVersion,"14.12%"), "OK", like(AppVersion,"14.11%"),"OK" , like(AppVersion,"14...

by Path Finder in

How to speed up my old correlated threat intel search using tstats & datamodel accelerations?

Hello Splunker> I would like to convert my old correlation search which used the join function below:- index=main sou...

by New Member in

Can you help me format a table that would generate the highest CPU users per hour over a day?

G'Day I've got some data I'm pulling out of some events with a search: HOUR - Two digit hour of the day PROCESS...

by Explorer in

Can you help me write a subsearch?

Firstly, i am trying to separate 1) cachekey=false in one query and 2) cachekey=true in another query and 3) with bot...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

How to sort the month when using the field in chart over command?

What's the output of the following eval and now() function query?

show one instance of an error (out of many errors coming repeatedly) from a given time

Can you help me build a KVStore record deletion query?

Process delayed - Could you suggest a way to speed up our search?

set a column's max-width in a chart

How do I search for users logging into our Splunk server remotely?

How to create a static column in a table?

How to count the number of events by types that occurred during each period of time

Why are events not sorting in Chronological Order with a basic search?

How to perform targeted searches on rex fields?

Comparison and condition function help. Multiple If, case or like statements in search

How to speed up my old correlated threat intel search using tstats & datamodel accelerations?

Can you help me format a table that would generate the highest CPU users per hour over a day?

Can you help me write a subsearch?

Enterprise Security Content Update (ESCU) | New Releases

Announcing the 1st Round Champion’s Tribute Winners of the Great Resilience Quest

We’ve Got Education Validation!

How to change pie chart font color from within Spl...

Users with the same roles, in the same app, and sa...

auto_generated_pool_download-trial

Automatic lookup during data ingestiont (Splunk cl...

Working with OpenTelemetry Cumulative Histogram Bu...