Splunk Search

Start a Conversation

Discussions

Start a Conversation

Thread Info

Use search results for another search

Hi, I want to use the search results as an argument for another search (with different source), like this more or ...

by New Member in

Translate ID to Name

Hi I'm using 4.1 and I want to translate an ID, which came from a search result, into a Name from an importet csv ...

by Communicator in

Timechart with avg from calculated values

I am trying to build a timechart that includes the avg rate we pay our carrier per min over time. The issue is for me...

by Path Finder in

Extracting unique IP addresses by Username

Currently working on a IIS log file with standard fields. I’m looking to first determine the unique Usernames contain...

by Explorer in

Trying to split the message text in a Windows event log

We are collecting Windows 2008R2 Printer server logs and have identified event_id = 307 as the log that contains info...

by New Member in

Report on Busiest Hour

If I have an eventtype with a duration=X seconds field, I can chart the concurrency with eventtype=ABC | concurrency ...

by Splunk Employee in

Show time reports for a count search

Dear All, I'm doing a search with a summarize count at the end. The search is the following: (eventtype="search...

by New Member in

Conditional-ish Sums

This is killing me. I'm trying to sum the bytes crossing my boundary in each direction. For TCP sessions, I have a...

by Communicator in

tostring commas on a negative number

Hello ALL! x=-241 eval final_x=tostring(x,"commas") It shows [-,241], but it should be [-241]. How could ...

by Path Finder in

Compare values in search

Hello, I've read through some of the other questions on here to try and find an answer to my question, but i'm sti...

by Builder in

Assuming implicit lookup table with filename blah.csv

Why do I get this message? Assuming implicit lookup table with filename sidtodn.csv It seemed to me that I was...

by Path Finder in

How can I associate and display uncollected user data from a DB2 server with user data collected and parsed in Splunk??

Hello, When performing a search, can Splunk perform a DB2 database lookup of uncollected user data, associate it w...

by Engager in

splunkd - hardcoded pause on directory traversal?

Since the rewrite of the tailing processor in 4.1, on the whole it seems much better than previous incarnations, but ...

by Path Finder in

At the beginning of the search, the Search Inspector indicated that the cursorTime in the year 2038. What does this mean?

The Search Inspector indicated that the cursorTime in the year 2038. What does this mean? example from search job ...

by Splunk Employee in

Splunk Search

Discussions

Use search results for another search

Translate ID to Name

Timechart with avg from calculated values

Extracting unique IP addresses by Username

Trying to split the message text in a Windows event log

Report on Busiest Hour

Show time reports for a count search

Conditional-ish Sums

tostring commas on a negative number

Compare values in search

Assuming implicit lookup table with filename blah.csv

How can I associate and display uncollected user data from a DB2 server with user data collected and parsed in Splunk??

splunkd - hardcoded pause on directory traversal?

At the beginning of the search, the Search Inspector indicated that the cursorTime in the year 2038. What does this mean?

Relating 2 different fields within a transaction

wildcards and inputs.conf -- directory recursion

Lookup table from external file for search exclusions possible?

Using " | reverse" in the command line returns duplicate results?

Search by file name?

field extraction trouble with forwarders

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!

Read the report >

Help request for Streamed search execute failed

search query - categorizing results based on a fie...

AnomaliDetection does not detect outlier data

SPL2 for onpremise

ML query to detect categorial outlier per field pe...

Splunk Search

Discussions

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.Find out what your skills are worth! Read the report >

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!

Read the report >