Splunk Search

Ask a Question

Discussions

Thread Info

Trying to download splunk logs using python script using bamboo

when running my bamboo paln i am unable to generate splunk log json file this is log build 02-Apr-2025 11:57:27...

by New Member in

Search head error in Email action

Hi Team, We have 2 search head cluster, and few reports scheduled with email action, reports running on one sea...

by Path Finder in

How can i use my global_time token in an averaging search

Maybe a dumb question but its been making me mad, maybe im overthinking it. I have a very simple search: index=...

by Path Finder in

knowledge bundle

Hi Base, what is the impact when the content of $Splunkhome$/var/run/searchpeers will be deleted? In an installati...

by Path Finder in

ES8 + Mission Control Usage rest API

Hello everyone, We have recently started using ES8 with Mission Control and we would like to use Mission Control's ...

by Explorer in

Time field value not getting returned from inner search

index=aws* Method response body after transformations: sourcetype="aws:apigateway" business_unit=XX aws_account_alias...

by Path Finder in

case eval only showing 1 result

I've scowered the internet trying to find a similar issue with no avail. | rex field=userRiskData.general "do\...

by Engager in

find change in url category.

Hello Experts, looking for query where i can find list of urls blocked today which were allowed yesterday under ...

by Explorer in

more in depth info on itsi_summary index

Hello Experts, Is there any document available which can give me more in-depth knowledge about itsi_summary in...

by Explorer in

submit button not working

Hi Submit button is not working1.First time when i load the dashboard ,i select data Data Entity from dropdown and hi...

by Communicator in

Error in 'stats' command: The argument 'span=1min' is invalid.

Help: when i try to run the following a get Error in 'stats' command: The argument 'span=1min' is invalid. ...

by Explorer in

How To Use Eval to Capture Inconsistent key:values

I am searching for a key:value report app where the values are inconsistent but include a report cluster name consist...

by Path Finder in

How to append domain to hostname at search time?

I've done a bit of searching and haven't quite found a solution to what I'm trying to accomplish (or I haven't unders...

by Explorer in

Comparing results to identify values that have a certain value in previous records

The two raw results are as follows : (1) EventType="Device" Event="InstallProfileConfirmed" User="sysadmin" Enro...

by Engager in

Send Separate Alert Email notification based on email column and result returned

Hi All,I have a lookup that contains set of email ids and associated accounts.Example : Account IDOWNER_EMAIL34234...

by Communicator in

Curl Command SSL Error on Search Head

We have a total of five search heads, and while four of them are successfully executing the curl command, one search ...

by Explorer in

How do I edit this search to give me the views I have access to not the views I own

Simple search but Im having issues nailing down what I want to see.This search returns all the views the logged in us...

by Path Finder in

how to maintain order in stats command

Fields value of 2nd and 3rd events are enter changing. please suggest how to maintain order in Splunk status command....

by Explorer in

Multiple results

hello i have this search| inputlookup lkp-all-findings| lookup lkp-findings-blacklist.csv blfinding as finding OUTPUT...

by Path Finder in

identify forwarders from a CSV with 0 results from a specific search

I do have a solution for this, but I just wonder if there is a more straight forward approach to get a better underst...

by Path Finder in

Missing events in a sourcetype

I’ve encountered an issue while working on a configuration for a Splunk deployment. I was creating a stanza in the in...

by Loves-to-Learn Lots in

Multiselect dropdown with wildcards

I have a field that I need to search on that is a long string of comma-separated values. It comes from our vulnerabi...

by Path Finder in

Best practice dedup: should I use it as early as possible, or postpone it since it is non-streaming?

In the fundamentals 1 course lab 8 tells us to: "As a best practice and for best performance, place dedup as early in...

by Explorer in

List the count of hosts by index for each day- My search gave me the right format but incorrect number?

I would like to get the number of hosts per index in the last 7 days, the query as below gave me the format but not t...

by Engager in

bandwidth utilization percentage

I have the below search and I want to modify it to get the bandwidth utilization percentage. Whats the best way to go...

by Explorer in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Trying to download splunk logs using python script using bamboo

Search head error in Email action

How can i use my global_time token in an averaging search

knowledge bundle

ES8 + Mission Control Usage rest API

Time field value not getting returned from inner search

case eval only showing 1 result

find change in url category.

more in depth info on itsi_summary index

submit button not working

Error in 'stats' command: The argument 'span=1min' is invalid.

How To Use Eval to Capture Inconsistent key:values

How to append domain to hostname at search time?

Comparing results to identify values that have a certain value in previous records

Send Separate Alert Email notification based on email column and result returned

Curl Command SSL Error on Search Head

How do I edit this search to give me the views I have access to not the views I own

how to maintain order in stats command

Multiple results

identify forwarders from a CSV with 0 results from a specific search

Missing events in a sourcetype

Multiselect dropdown with wildcards

Best practice dedup: should I use it as early as possible, or postpone it since it is non-streaming?

List the count of hosts by index for each day- My search gave me the right format but incorrect number?

bandwidth utilization percentage

Tech Talk Recap | Mastering Threat Hunting

Observability for AI Applications: Troubleshooting Latency

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

In Splunk studio, is it possible to populate a tex...

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

Splunk Search

Are you a member of the Splunk Community?

Discussions