Splunk Search

Community Activity

Data from extracted fields not showing unless wildcards or where= is used We had a problem that certain fields weren't searchable. index=foo bar=* did not show any result even though interest... by FelixLeh Contributor in Splunk Search 08-11-2023 0 1	0	1
How to add new member to SHC? Hi All, I have a requirement to add new members to the existing SH Cluster.I have gone through the below link where i... by vinothkumark Path Finder in Splunk Search 08-11-2023 0 2	0	2
how to extract partial value from filed and show as column Hi , Im trying to extract distinct email is as column and preparing some counts .For this im thinking to extract the ... by naresh_553 New Member in Splunk Search 08-11-2023 0 2	0	2
Correct syntax of eval string case I have a "Severity Level" field in both index A and index B.Their structure is like: ==index A=== Severity Level 1 2... by itnewbie Explorer in Splunk Search 08-11-2023 0 2	0	2
How to use a summary index and collect command to pull large data by month? Hi all. I’m kind of new to Splunk. I have data by day - this is the response time for each API call by day. I want to... by user33 Path Finder in Splunk Search 08-10-2023 0 5	0	5
How to assign the 2 start_time and stop_time of one event into _time field ? Hi all,I have an table with the start time and stop time in each case as below.IDCase NameStart TimeStop Timeuser_1Ca... by Jouman Path Finder in Splunk Search 08-10-2023 0 1	0	1
How to extract the element from a structure? Hi all,I am in a trouble to extract values from a structure. Here is the structure of a event: Event{ ID: user... by Jouman Path Finder in Splunk Search 08-10-2023 0 2	0	2
How to compare day to same day for N weeks? I got a question where someone is looking for the hits to a page, but only on Fridays between 6PM and 2 AM the follow... by michaudel Explorer in Splunk Search 08-10-2023 1 5	1	5
Why are all Pages are not displaying in search result? Hello, When i getting results while doing search query, the complete pages doesn't display. For example, I searched 9... by adminpulse Loves-to-Learn Lots in Splunk Search 08-10-2023 0 0	0	0
How to do column sorting in descending order after timechart? Hello splunkers, i have a simple timechart query for avg USED_SPACE of disks for last 4 days index=abc sourectype=di... by venky1544 Builder in Splunk Search 08-10-2023 0 4	0	4
Splunk collect command We have an index, say 'index1' that has log retention upto 7 days. As the log volume is huge, we dont want to retain ... by jpillai Path Finder in Splunk Search 08-10-2023 0 11	0	11
How to add two Splunk queries output in Single Panel Hi All,I am trying to pass a token link to another dashboard panel. My requirement is when I pass Windows Server Toke... by devsru Explorer in Splunk Search 08-10-2023 0 20	0	20
How to do One field extraction for similar sourcetypes? Hello to everyone. After reading the post linked down below, I tried to use the same approach for sourcetypes from Wi... by NoSpaces Contributor in Splunk Search 08-10-2023 0 5	0	5
How to create Splunk Map display result and link to another dashboard? Hi Everyone When I click on an area on the map, link to another dashboard, how to setting ? such as the picture, whe... by Jianming Explorer in Splunk Search 08-10-2023 0 8	0	8
How to discover fields that have the same values? I have sourcetype=apple and sourcetype=orange. They are both network related sourcetypes. Is there an automated way o... by automayt Explorer in Splunk Search 08-10-2023 0 8	0	8
using addcoltotals Can you leverage the total derived using the addcoltotals command to support other calculations? i.e. can you use it ... by dolj Explorer in Splunk Search 08-09-2023 0 2	0	2
How to Retrieve Matched Events in Splunk Without Waiting for Search Completion? Hello Splunk Community,I'm encountering an issue with my search queries in Splunk that I hope someone can help me wit... by pinggru New Member in Splunk Search 08-09-2023 0 1	0	1
How to add a variable from a lookup table to filter results? I am trying to do a tstats command to get the last logged time a server has sent logs. My server list i want in the ... by Gggflyer New Member in Splunk Search 08-09-2023 0 1	0	1
How to convert time duration in minutes? I want convert minutes like (1.78,1.80,1.84,1.95) to (1h:44m,1h.55m,1h.44m,1h.58m) for example we have 1 hour 95 minu... by ramkyreddy Explorer in Splunk Search 08-09-2023 0 7	0	7
How to create Splunk lookup query? I have a lookup test_lookup with 2 fields a1 and b1. The field a1 is common with the fields in the raw data.the value... by phularah Communicator in Splunk Search 08-09-2023 0 3	0	3
How to extract the below mentioned fields from the raw date to interesting fields to apt the efficient query Hi Team,I was trying to find out the workstations clock out of sync logs in splunk by using the below query. but I ca... by Muni9066 New Member in Splunk Search 08-09-2023 0 2	0	2
How to extract and rename field from JSON I have an index, where each event is a JSON object, the structure is as follows: { "otherFields": "othe... by itnewbie Explorer in Splunk Search 08-09-2023 0 6	0	6
Why is multiple OR not working as expected with AND clause in search query? Hi Everyone,I have a requirement to implement a search query where I have 3 unique values and one common value3 uniqu... by hgoyal Engager in Splunk Search 08-09-2023 0 10	0	10
How to create Alert query when date in field is less that 30days? Hi Team, I am setting up an alert on Splunk where my data is in below format. I am writing a query where it returns ... by drogo Explorer in Splunk Search 08-09-2023 0 1	0	1
How to flatten xyseries results multiple columns? Trying to do a cross-reference multi-search that gathers specific result counts for two outputs (column1 & column2). ... by interrobang Explorer in Splunk Search 08-08-2023 0 8	0	8