Splunk Search

Discussions

Thread Info

Dynamic table - Create three tables in one

Hi, I have three reports, each with a different index. And I wanted to join them in the same table. Example: ...

by Path Finder in

How to create a stats table with field values based off of other fields in same stats table?

Hello! I am sure my wording is way more complicated than what I want. Basically, the end result being a stats table a...

by Explorer in

Lookup File Issues

Hello I have multiple Questions about Lookup Files. Can you upload a lookup file into Splunk and search fields in ...

by New Member in

How to search by variable created within a join query?

I want join/combine two searches by their common value to compare transaction success/failure rate at both places. i ...

by New Member in

How to implement a Serial Number decoder in Splunk Enterprise?

Hello, I am a trying to implement Serial Number decoding in Splunk in anyway possible. For eg. I have 100 test uni...

by Path Finder in

Eval Case Statement Help

I would like to put a case statement under the values in the attached image. I tried something along the lines of eva...

by Engager in

How to get Total Sum of Error Type Counts per day?

I'm trying to add a column to the right of OTHER, which sums up the entire row counts of each errorType per day. So f...

by Explorer in

Listing hosts that haven't been locked for 24 hours

I'm new to splunk, and logical switch statements have me a bit confused. I'd like to produce a list of hosts that ...

by Explorer in

Table query

I cannot seem to find the right query for getting the following (table): Time | field 1 | field 2 | field 3 201...

by Engager in

Change reference date

When we use "-3d@". Data is captured from now until 3 days ago. How to set a different date? Not "now". For example,...

by Path Finder in

rex every first event in the pair

Hello splunkers! I have event in this format: id_param1,id_value1,id_param2,id_value2,...,id_paramX,id_valueX ...

by Communicator in

Using Check box

How can i use something like checkbox?? I want to index multiple values based on the number of checkbox selected? ...

by New Member in

Make search faster

Hello I have the following search: index=test sourcetype=Perfmon:* | lookup khi_threshold_id counter AS counte...

by Path Finder in

DB Connect 1.2.2 - Cannot connect to MSSQL - Connection Reset

Upgraded from DB Connect 1.0 and started getting these error messages: 2016-03-08 22:41:35.033 monsch1:ERROR:Sched...

by Communicator in

REGEX format to remove unwanted log data using specific text with quotes and spaces

I have a log that sends ( eventtype=dlp level=notice vd="PERIM" filteridx=0 filtertype=none filtercat=none severity=m...

by New Member in

Find search by the search id

I'd like to find the search query by search id. When searching the audit.log I can find the search id, but unable to ...

by Splunk Employee in

How can I exclude a group of the mac address found at specific time?

I have a dataset with a lot of mac address captured. I would like to excluded all mac address that arrived between 0h...

by Engager in

index'd Time extractions

Hey guys, So I am looking at index'd time extraction as a possibly helping with my search time field extraction t...

by Builder in

Timechart Per Day With Tick Mark Per Calendar Week

Ee would like to see a timechart of a chart with a time-based x-axis with a resolution per day, one bar per day but t...

by Splunk Employee in

show only infected with vulnerability on 1 machine

hi, I am a newbie in splunk I have this one use case I am trying. search for a machine that have malware infect...

by New Member in

change color of column chart for each type?

Hello all , I ran the below query ....| chart count by SRC_ID which gives me the count for each SRC_ID . ...

by Builder in

Using Geostats to display count on Map

Hi, I've tried looking at various Geostats solutions but I'm struggling to get any results out. I have a search wh...

by Engager in

Is it possible to create a dashboard where you must manually select a panel before a search is run to improve performance?

Hi, I have the task of improving some of the performance issues with our instance of Splunk. One of the issues I s...

by Path Finder in

tstats and using timechart not displaying any results

I am trying to use the tstats along with timechart for generating reports for last 3 months. We have accelerated data...

by Builder in

Control Alerting Based on Host Groups

I want to be able to create searches that will only look at hosts from different levels of our SDLC environment so fo...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Dynamic table - Create three tables in one

How to create a stats table with field values based off of other fields in same stats table?

Lookup File Issues

How to search by variable created within a join query?

How to implement a Serial Number decoder in Splunk Enterprise?

Eval Case Statement Help

How to get Total Sum of Error Type Counts per day?

Listing hosts that haven't been locked for 24 hours

Table query

Change reference date

rex every first event in the pair

Using Check box

Make search faster

DB Connect 1.2.2 - Cannot connect to MSSQL - Connection Reset

REGEX format to remove unwanted log data using specific text with quotes and spaces

Find search by the search id

How can I exclude a group of the mac address found at specific time?

index'd Time extractions

Timechart Per Day With Tick Mark Per Calendar Week

show only infected with vulnerability on 1 machine

change color of column chart for each type?

Using Geostats to display count on Map

Is it possible to create a dashboard where you must manually select a panel before a search is run to improve performance?

tstats and using timechart not displaying any results

Control Alerting Based on Host Groups

Tech Talk Recap | Mastering Threat Hunting

Observability for AI Applications: Troubleshooting Latency

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

In Splunk studio, is it possible to populate a tex...

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

Splunk Search

Are you a member of the Splunk Community?

Discussions