Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Splunk Search
Splunk Search
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | What I am trying to do is write a report on bandwidth from firewall logs based upon different sites and work out the ... by lmaclean Path Finder in Splunk Search 10-27-2015 0 1 | 0 | 1 | |
| | When I run the search below, I get correct results without any decimal value in it. `linux-cpu` | search applicatio... by splunksurekha Path Finder in Splunk Search 10-27-2015 1 1 | 1 | 1 | |
| | I have a numeric field. For example: 123 2356 35896 24569 0052 00201 0053 82300521 8350053 I need to convert a value... by irhen New Member in Splunk Search 10-27-2015 0 4 | 0 | 4 | |
| | Hi, Can FOREACH commnad can read text value ? I am having issue to create new columns foreach IM_* [eval TYPE='<<F... by akawacz Path Finder in Splunk Search 10-27-2015 0 6 | 0 | 6 | |
 | I want to verify the correctness of my searches without using the Splunk server. It will be good enough if I can copy... by niqbal Engager in Splunk Search 10-27-2015 0 1 | 0 | 1 | |
 |  I am searching through the router and switch syslog data trying to find spanning tree state changes for a given time ... by mydog8it Builder in Splunk Search 10-26-2015 0 2 | 0 | 2 | |
| | Hi all, Currently I have the following search- | eval nowstring=strftime(now(), "%Y-%m-%d") | eval nowstring2=strpti... by raby1996 Path Finder in Splunk Search 10-26-2015 0 2 | 0 | 2 | |
| | Hi, I need a better search than this: index=shop sourcetype="source1" | chart count by action,productId | append [s... by siddhu_93 Engager in Splunk Search 10-26-2015 0 4 | 0 | 4 | |
| |  Hi Everyone, I would like to add a row, about a total (sum), for each segment list (see the picture), and if a list ... by bruno_eduardo Path Finder in Splunk Search 10-26-2015 0 5 | 0 | 5 | |
| | I have logs that have the following two formats 1. Oct 26 13:22:55 1.2.3.4 1 2015-10-26T13:22:51.480-04:00 Device.do... by reswob4 Builder in Splunk Search 10-26-2015 0 3 | 0 | 3 | |
 | A noob here, but I have a need that I cannot seem to figure out. Due to some internal politics that are slow in gett... by peterdawood New Member in Splunk Search 10-26-2015 0 2 | 0 | 2 | |
 | Hey folks, sup? Can anyone tell me if this is something about software licensing or sorta? I have just extracted li... by vtsguerrero Contributor in Splunk Search 10-26-2015 0 6 | 0 | 6 | |
 | I'm learning splunk and I would like to write Regex commands. Can anyone suggest best way to master Regex commands. ... by anushareddy6767 Explorer in Splunk Search 10-26-2015 1 3 | 1 | 3 | |
| | Hello, I'm trying to create an eval statement that evaluates if a string exists OR another string exists. For exam... by jclemons7 Path Finder in Splunk Search 10-26-2015 1 2 | 1 | 2 | |
 | Using splunk to look at some auth data, and want to get search results that show the number of countries each user ha... by n_young New Member in Splunk Search 10-26-2015 0 2 | 0 | 2 | |
| | I have the following search: index="commercial_performance" $month_token$ $Customer_token$ Cat1="Efficiency *" OR C... by deanamite91 Explorer in Splunk Search 10-26-2015 1 1 | 1 | 1 | |
| | I am using below query : `linux-cpu` | search application=pc4_BizX host=* sub_module=* | stats avg(pctIdle) AS pctLo... by splunksurekha Path Finder in Splunk Search 10-26-2015 1 2 | 1 | 2 | |
| | Hi I'm using field extractor for messages like the one below. The first message is fine. For some reason the extract... by jsven7 Communicator in Splunk Search 10-26-2015 0 2 | 0 | 2 | |
 | I want to be able to enrich my Splunk search results using data in a MySQL database. Where the 'hostname' field in m... by joea9 Explorer in Splunk Search 10-25-2015 0 4 | 0 | 4 | |
| | Can I real-time search for the last 48 hours and hide the results in the last 24 hours? How about now-30d to now-29d?... by hylam Contributor in Splunk Search 10-25-2015 0 21 | 0 | 21 | |
| | Apologies for the confusing title We have 1 search that gives us Revenue To Date - (*s are to mask sensitrive info) ... by akhanVG Path Finder in Splunk Search 10-24-2015 0 2 | 0 | 2 | |
| | Need your help, Can you please help me to get the maximum totalresponsetime for the top 5 URL grouped by testtime? C... by dhavamanis Builder in Splunk Search 10-24-2015 0 4 | 0 | 4 | |
 | I like to find out how a particular field is extracted from a given sourcetype. Can I find this via splunk front end ... by aartist New Member in Splunk Search 10-24-2015 0 2 | 0 | 2 | |
| | I have a search that tells me when a system doesn't report into splunk after a threshold of an hour: |metadata index... by hlarimer Communicator in Splunk Search 10-23-2015 1 7 | 1 | 7 | |
| | In my log file, I have lot of messages saying upload or search got completed in x seconds. Like - Search Completed s... by runiyal Path Finder in Splunk Search 10-23-2015 0 1 | 0 | 1 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Become An Expert
Claim a $25 Cisco Store Gift Card
Help us improve the Splunk Community and complete our survey today!
Top Labels
-
administration
3 -
alert action
3 -
alert condition
2 -
Analytics Workspace
2 -
authentication
1 -
chart
943 -
Classic dashboard
1 -
configuration
2 -
correlation search
1 -
count
1,002 -
Dashboard Studio
3 -
data
3 -
data model
1 -
development
6 -
distributed search
1 -
drilldown
1 -
email
1 -
eval
2,607 -
field extraction
2,015 -
fields
2,057 -
host
1 -
index
4 -
indexer
2 -
inputs.conf
1 -
intermediate forwarder
1 -
introduction
5 -
join
1,056 -
JSON
2 -
Linux
2 -
login
1 -
lookup
1,559 -
metadata
307 -
monitoring console
2 -
other
140 -
panel
2 -
PDF
1 -
Python
1 -
regex
1,497 -
report acceleration
2 -
rex
1,245 -
SAML
1 -
saved search
5 -
scheduled search
4 -
scripted input
1 -
search
2 -
search head
3 -
search job inspector
680 -
search peer
1 -
simple XML
1 -
source
1 -
sourcetype
4 -
Splunk Web Framework
1 -
splunk-assist
1 -
splunkd
1 -
stats
3,553 -
subsearch
1,718 -
summary indexing
4 -
table
1,747 -
time
1 -
timechart
1,156 -
transaction
451 -
transforms.conf
1 -
troubleshooting
8 -
tstats
565 -
universal forwarder
5 -
using Splunk Cloud
2 -
using Splunk Enterprise
13 -
Windows
3
- « Previous
- Next »
Get Updates on the Splunk Community!
Index This | Why did the turkey cross the road?
November 2025 Edition
Hayyy Splunk Education Enthusiasts and the Eternally Curious!
We’re back with this ...
Enter the Agentic Era with Splunk AI Assistant for SPL 1.4
🚀 Your data just got a serious AI upgrade — are you ready?
Say hello to the Agentic Era with the ...
Feel the Splunk Love: Real Stories from Real Customers
Hello Splunk Community,
What’s the best part of hearing how our customers use Splunk? Easy: the positive ...
