Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Splunk Search
Splunk Search
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | Search String index=myindex sourcetype=mysourcetype | rex "\.(?<host_domain>.+)$" field=host | lookup host_do... by dasveruckte New Member in Splunk Search 11-19-2015 0 3 | 0 | 3 | |
 | Given the following snippets of log statements: src=feed value=5 src=calc value=37 src=feed value=20 src=calc value=... by wadesworld Engager in Splunk Search 11-19-2015 0 1 | 0 | 1 | |
 | I'm trying to create a new field based on the host field. The new field (hostname) should only contain the shortname.... by renems Communicator in Splunk Search 11-19-2015 0 2 | 0 | 2 | |
| | I have results with field names A, B, C, D that will look something like this; A B C D 0 10 0 0 1 ... by lynchs61 New Member in Splunk Search 11-19-2015 0 1 | 0 | 1 | |
| | I have a table like below: CPU0 CPU1 CPU2 CPU3 0: 1826872 0 0 ... by sankalpsah New Member in Splunk Search 11-19-2015 0 6 | 0 | 6 | |
| | I want to know how to determine if a user logged on to multiple machines within a certain time window, and also ident... by suvamondal New Member in Splunk Search 11-19-2015 0 1 | 0 | 1 | |
| | Hello there, I know this question might be worded a little weird. I'm trying to create a report that shows the top wo... by ldjamesl New Member in Splunk Search 11-19-2015 0 3 | 0 | 3 | |
| | I have a custom log file with entries like the one below, I want to pull 8 fields out at index time so I can graph an... by daveowens Engager in Splunk Search 11-19-2015 2 7 | 2 | 7 | |
| | I have an enterprise scale MVC website with 4 or 5 major modules/views that runs on a Windows server with full IIS lo... by madrum Explorer in Splunk Search 11-18-2015 0 2 | 0 | 2 | |
| | Is there a way I can generate a report with a list of deployed forwarders and its installation path on the remote ser... by anoopambli Communicator in Splunk Search 11-18-2015 0 2 | 0 | 2 | |
| | Hello all, I've recently observed activity that smells like beaconing. After trying to modify the searches provided ... by leotoa New Member in Splunk Search 11-18-2015 0 1 | 0 | 1 | |
 | Can I set a token using a field found in a lookup table? I've been researching online, but I haven't found a real sol... by jamesmarlowww Path Finder in Splunk Search 11-18-2015 1 6 | 1 | 6 | |
| | Hi, I only want to index files containing the string #! in the first 5 characters of the file. Therefore, I created ... by stanvv New Member in Splunk Search 11-18-2015 0 7 | 0 | 7 | |
 | Do these settings take effect on both SH and indexer? # the maximum number of concurrent searches per CPU max_search... by the_wolverine Champion in Splunk Search 11-18-2015 1 1 | 1 | 1 | |
| | I have a search: sourcetype="my_data"| stats count by queue which aggregates data in a table by the field queue. ... by track16 Engager in Splunk Search 11-18-2015 0 4 | 0 | 4 | |
| | I have a long, that gets pretty long, and currently splunk is ingesting it as a whole. this log gets up a couple hund... by tmarlette Motivator in Splunk Search 11-18-2015 0 8 | 0 | 8 | |
| | So I have the following search: Index="Cyber" sourcetype=Response queue = "Incident" status ="resolved" | dedup tic... by mjd555 Path Finder in Splunk Search 11-18-2015 1 10 | 1 | 10 | |
| | I have email address' that are used as user names in two different source types in two different indices. I am tryi... by pmccomb Explorer in Splunk Search 11-18-2015 0 8 | 0 | 8 | |
| | Hello, I would like to find the difference between values in a couple of fields for two months. I figured out how t... by akawacz Path Finder in Splunk Search 11-18-2015 0 3 | 0 | 3 | |
| | Hi, Obviously Splunk has some native understanding of LDAP for authentication, but my desire is to use it to look up... by howyagoin Contributor in Splunk Search 11-18-2015 2 2 | 2 | 2 | |
| | Hi, I want to do this, but I'd prefer to do it in Simple XML. Is it possible? http://docs.splunk.com/Documentation/S... by lassel Communicator in Splunk Search 11-18-2015 0 2 | 0 | 2 | |
 | Hello, I'm trying to solve for a standard error formula in the number of observations I have for all hbss dlp events... by steenbergend New Member in Splunk Search 11-17-2015 0 2 | 0 | 2 | |
| | Evening Splunk experts, I am stuck trying to perform an extraction. I am using the built-in tool, but it keeps gene... by splunker1981 Path Finder in Splunk Search 11-17-2015 0 7 | 0 | 7 | |
| | I am experiencing a problem with finding logs using keyword searching for anomalies in log files. The search string b... by rlaan Path Finder in Splunk Search 11-17-2015 0 3 | 0 | 3 | |
 | I have an HTML panel and custom javascript on my dashboard. The panel has a few inputs that I want the user to popula... by bruceclarke Contributor in Splunk Search 11-17-2015 0 1 | 0 | 1 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Become An Expert
Top Labels
-
administration
3 -
alert action
3 -
alert condition
2 -
Analytics Workspace
2 -
authentication
1 -
chart
944 -
Classic dashboard
1 -
configuration
2 -
correlation search
1 -
count
1,003 -
Dashboard Studio
3 -
data
3 -
data model
1 -
development
6 -
distributed search
1 -
drilldown
1 -
email
1 -
eval
2,609 -
field extraction
2,017 -
fields
2,061 -
host
1 -
index
4 -
indexer
2 -
inputs.conf
1 -
intermediate forwarder
1 -
introduction
5 -
join
1,058 -
JSON
2 -
Linux
2 -
login
1 -
lookup
1,565 -
metadata
307 -
monitoring console
2 -
other
153 -
panel
2 -
PDF
1 -
Python
1 -
regex
1,498 -
report acceleration
2 -
rex
1,246 -
SAML
1 -
saved search
5 -
scheduled search
4 -
scripted input
1 -
search
2 -
search head
3 -
search job inspector
681 -
search peer
1 -
simple XML
1 -
source
1 -
sourcetype
4 -
Splunk Web Framework
1 -
splunk-assist
1 -
splunkd
1 -
stats
3,559 -
subsearch
1,721 -
summary indexing
4 -
table
1,750 -
time
1 -
timechart
1,156 -
transaction
451 -
transforms.conf
1 -
troubleshooting
8 -
tstats
566 -
universal forwarder
5 -
using Splunk Cloud
2 -
using Splunk Enterprise
13 -
Windows
3
- « Previous
- Next »
Get Updates on the Splunk Community!
App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community
As we step into 2026, it’s the perfect moment to reflect on what an extraordinary year 2025 was for the Splunk ...
Operationalizing Entity Risk Score with Enterprise Security 8.3+
Overview
Enterprise Security 8.3 introduces a powerful new feature called “Entity Risk Scoring” (ERS) for ...
Unlock Database Monitoring with Splunk Observability Cloud
In today’s fast-paced digital landscape, even minor database slowdowns can disrupt user experiences and ...
