Splunk Search

Ask a Question

Discussions

Thread Info

How to Count string matches in event record and calculate percentage?

I have a log that documents call results for phone calls as a CSV event recordThere is a field in the event...

by Explorer in

How to fix weird futuristic time range in timechart with tstats?

Consider these three searches that end with timechart. The second one skews time range all the way to year 2038! Ho...

by SplunkTrust in

Why are there Splunk wineventlog?

Hi All, urgent help here. I check whether is any activity done by a user on a client machine, so i use this query in ...

by New Member in

Can you help me fix my Splunk search?

Hello Splunkers!! I am facing an issue while running below search. As you can see in the screenshot. Can anyone he...

by Motivator in

Dynamic Lookup - How to do addition & removal Of entries?

Dear Team I have a splunk lookup with two fields, username and location. The lookup is populated every time the...

by Path Finder in

How to click on an item in a table and get all its info?

Hi I was wondering on a dashboard if you could click on an item and it shows all the information for that single inst...

by Explorer in

How to change color of field if it is a certain value?

Hi looking to change a color of a field based on its value in a monitoring context like failed , successful kind of t...

by Explorer in

Dynamically generated field names for table or other operation

I've been trying to solve this every which way and another and I always come up just short of the target. When sear...

by Builder in

How to dynamically change index value based on different time span selected?

Hi there, need a bit of help here. Context: Our organisation recently changed the `index` thus we need to upd...

by Explorer in

How to get rid of fields/columns generated by stats and eval commands?

I want to find time difference between two events (duration some operation took) and plot a graph which shows how muc...

by Explorer in

How to extract json field if field name is same in json message log?

Hi , I am trying to extract aggregated errors from json message log coming from splunk event and categorising them ba...

by Explorer in

How to rename an operation field which is being computed from json (message log)?

I am retrieving operation details like operation name, total time etc from json message log coming as a part of splun...

by Explorer in

How to extract and filter fields with rex and regex?

Hi I need help to extract and to filter fields with rex and regex 1) i need to use a rex field on path wich end...

by Motivator in

How to get the time difference of two timestamp in minutes?

I 've two fields one is _time and another one is received_time. I want to get the time differences between these tw...

by Communicator in

How to extract a string from a field using Splunk Regex?

I m having a hard time trying to extract a string from a field from a splunk search using splunk regex , can someone ...

by Engager in

Create splunk chart from seach with totals over time

Hello Members, I have seen and used the accum command, but it does not quite give me what I want. I have this s...

by Builder in

How can I extract attachments?

I am attempting to extract attachment fields from our email logs using regex. Attachments like .jpg, .png, pdf, etc. ...

by Explorer in

Unable to find percentage of two values stored in two separate fieldnames

I'm facing a weird issue. I'm not able to calculate percentage value when I use two variables/fields. I have a look...

by Communicator in

Splunk search alert to check if CPU utilization is high and send emails if bad samples 5 of 6 intervals met?

Hi, Alert Query to monitor CPU usage every 5 minutes and send an email if it matches 5 of 6 bad samples (i.e., if ...

by Path Finder in

Help to convert a unix time

Hi I use a | stats min(_time) as time_min stats max(_time) as time_max command in my search The time is displayed...

by Motivator in

Display time chart grouping by 2 fields

I have a Splunk query that helps me to visualize different APIs vs Time as below. Using this query I could see each l...

by Explorer in

averaging the CPU values from the recent six events

Hi, I'm attempting to calculate the average of the last six CPU event values. If the average of those six events is...

by Path Finder in

Field Extraction Issue - Need True/False comparison of all Values to Max Value of Same Field

I'm wanting to avoid using saved searches and lookup tables as much if possible so it's easily maintainable by anyone...

by Engager in

need help with regex field extraction between square brackets

I am still trying to get my head around regular expressions in splunk, and would like to use regex that could parse t...

by Path Finder in

Getting max/last value on different period

Hello, I have an index with a field that record how long a computer has been running. Basically, when I display the...

by New Member in

Get Updates on the Splunk Community!

Splunk Search

Discussions

How to Count string matches in event record and calculate percentage?

How to fix weird futuristic time range in timechart with tstats?

Why are there Splunk wineventlog?

Can you help me fix my Splunk search?

Dynamic Lookup - How to do addition & removal Of entries?

How to click on an item in a table and get all its info?

How to change color of field if it is a certain value?

Dynamically generated field names for table or other operation

How to dynamically change index value based on different time span selected?

How to get rid of fields/columns generated by stats and eval commands?

How to extract json field if field name is same in json message log?

How to rename an operation field which is being computed from json (message log)?

How to extract and filter fields with rex and regex?

How to get the time difference of two timestamp in minutes?

How to extract a string from a field using Splunk Regex?

Create splunk chart from seach with totals over time

How can I extract attachments?

Unable to find percentage of two values stored in two separate fieldnames

Splunk search alert to check if CPU utilization is high and send emails if bad samples 5 of 6 intervals met?

Help to convert a unix time

Display time chart grouping by 2 fields

averaging the CPU values from the recent six events

Field Extraction Issue - Need True/False comparison of all Values to Max Value of Same Field

need help with regex field extraction between square brackets

Getting max/last value on different period

Observability Unlocked: Kubernetes Monitoring with Splunk Observability Cloud

Update Your SOAR Apps for Python 3.13: What Community Developers Need to Know

October Community Champions: A Shoutout to Our Contributors!

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions