Splunk Search

Start a Conversation

Discussions

Start a Conversation

Thread Info

How to get stats average with a where clause in the same search?

If I run this search: index=main sourcetype=Metrics MEASUREMENT_POINT_NAME = "Test" | stats avg(ELAPSED_TIME) ...

by Explorer in

Why am I not getting results running a search on an extracted field?

Hi at all, I have a very strange behavior in one of my searches: I extracted a field from a raw as a part of a ...

by Legend in

How do I convert binary files to human readable format?

I'm getting this error in Splunk: 04-13-2016 11:13:58.607 -0500 WARN FileClassifierManager - The file '/opt/wasse...

by Builder in

Calculating percentage and placing in a radial gauge

I am trying to a radial gauge to report a percentage. I've built my search and the field that I want to report on has...

by New Member in

How to create a search that shows a trending value based on the selected time range picker value?

Hello, I need to make a search in a dashboard which creates a trending value comparing the range of time you pick ...

by Explorer in

Search help to identify when start/finish tasks fail to finish properly.

Need some advice on a search. I have a logfile that clearly states starting and finishing tasks for each of the Batch...

by Path Finder in

Chart the actual value over time and not an average, etc.

I know this should be a simple thing but I am trying to just chart out the trend of a value over time. I don't want a...

by Path Finder in

How to edit my search to get the sum of the maximum value per day for the month?

So I have my accurite weather sensor pumping its data into Splunk. (If you want to know how I did that just ask  ). ...

by Path Finder in

How to write a search to return unique field values for a certain time range that did not exist before that period?

Hello, I am trying to make a search that will return the messages from logs from one set, but not from the other. ...

by Explorer in

does snap-to mean snap forward or snap back?

For example, if the time is 8:55 and I look for events -h@h, does that mean 7:00 (8:55-1=7:55, then to @h is 7) or 8:...

by Path Finder in

Subsearch limits. Better approach?

I'm a Splunk rookie, so i apologize if I'm unclear on my question. I have one index which contains, among other th...

by Engager in

How do I edit my search to join multiple search results for user authentication failure counts?

Hi All, Am trying to join multiple searches for authentication failures from UserType (i.e, Windows User, Linux Us...

by Path Finder in

How do I compare distinct counts of a given field between two different time ranges within the same Splunk search?

I have a CSV file that a list of customers and their orders. The format is as follows: OrderDate, OrderNumber, Cus...

by New Member in

How to combine my two searches and create a time chart with the resulting data?

I have to add 2 searches. Each search's output is FileName and Time....and I have to create a graph with the 2 types ...

by New Member in

How to search the count of a field's values in a comma delimited list and display it as a table?

Hi, I have a serious problem. I'm trying to get the counts of all the values for a field in a comma delimited lis...

by New Member in

How to append zeros to the beginning of existing numeric values for a field to make each value 6 digits long?

Hi I was wondering if anyone may be able to help. We have an existing field with numbers from 2 up to 6 digits. ...

by Path Finder in

How to populate multiple tokens from a single drop-down input search in an HTML dashboard?

I've got a text input that is used to populate a second drop-down input based on a search. Right now, that drop-down ...

by Communicator in

How do I configure the retention period for users' search history?

by Explorer in

How to write a search to get the week number of the month from the given _time?

We need to extract the week number of the month for matching the SLA. Have SLA such as 2nd or 4th week of a month. So...

by Explorer in

can we have multiple salesforce connections to single instance of SPLUNK Cloud

Hi Team. We are planning to use SPLUNK Cloud for reporting on Event Logs from Salesforce. I would like to unde...

by Explorer in

Get Updates on the Splunk Community!

Splunk Search

Discussions

How to get stats average with a where clause in the same search?

Why am I not getting results running a search on an extracted field?

How do I convert binary files to human readable format?

Calculating percentage and placing in a radial gauge

How to create a search that shows a trending value based on the selected time range picker value?

Search help to identify when start/finish tasks fail to finish properly.

Chart the actual value over time and not an average, etc.

How to edit my search to get the sum of the maximum value per day for the month?

How to write a search to return unique field values for a certain time range that did not exist before that period?

does snap-to mean snap forward or snap back?

Subsearch limits. Better approach?

How do I edit my search to join multiple search results for user authentication failure counts?

How do I compare distinct counts of a given field between two different time ranges within the same Splunk search?

How to combine my two searches and create a time chart with the resulting data?

How to search the count of a field's values in a comma delimited list and display it as a table?

How to append zeros to the beginning of existing numeric values for a field to make each value 6 digits long?

How to populate multiple tokens from a single drop-down input search in an HTML dashboard?

How do I configure the retention period for users' search history?

How to write a search to get the week number of the month from the given _time?

can we have multiple salesforce connections to single instance of SPLUNK Cloud

Improve Your Security Posture

Maximize the Value from Microsoft Defender with Splunk

This Week's Community Digest - Splunk Community Happenings [6.27.22]

Why are there Different results with "earliest" th...

Why is website monitoring app not pulling data?

How to achieve readable date format for scatter pl...

How to change the date format of the Date Picker i...

Maximun disk usage quota- Why are alerts not sendi...