Splunk Search

Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Community Activity
gmelasecca

How to chart a .csv file

I have a CSV file which runs every 5 minutes and gathers data from separate data sources. A sample of what is compile...
by gmelasecca Engager in Splunk Search 09-10-2015
0 4
0
4
sunnyparmar

Why am I getting this error trying to extract 2 strings? "The extraction failed. If you are extracting multiple fields, try removing one or more fields..."

Hi, I am using Splunk 6.2 and when going to extract the field, it is giving me the following error: The extraction ...
by sunnyparmar Communicator in Splunk Search 09-10-2015
0 2
0
2
florapere

Is there a service that I can call without any local installation in order to connect to Splunk Cloud to perform one search?

I have Splunk Cloud and an account to connect to my Splunk Cloud. The only thing I want is to not install the service...
by florapere New Member in Splunk Search 09-09-2015
0 4
0
4
raby1996

How do I edit my search to filter results using a CSV file?

Hi all, So I'm having trouble combining my search data and CSV data so that "Bundle" has to match "Bundle Version" i...
by raby1996 Path Finder in Splunk Search 09-09-2015
0 4
0
4
emma

I keep getting this "Max concurrent searches reached" error. What does it mean and how do I fix it?

On some of my dashboards, I get an error that says either "Max concurrent searches reached" or "Maximum concurrent sy...
by emma Splunk Employee Splunk Employee in Splunk Search 09-09-2015
18 6
18
6
brooklynotss

How to separate multiple values from a single Windows event log entry?

An example of a SINGLE Windows application log event I'm looking at in my environment is: 09/09/2015 09:46:05 AM Log...
by brooklynotss Path Finder in Splunk Search 09-09-2015
0 5
0
5
inbroker

How to search the difference between the stats output per field and fill "0" values in the stats output if an event does not exist?

I have two source files, SourceA and SourceB, representing different months e.g. logs from June and July Each source...
by inbroker New Member in Splunk Search 09-09-2015
0 2
0
2
santorof

How to create a timechart with multiple fields by their event count and rename their lines for the visualization?

I currently have a search that is appending two more searches to the original for a single line chart that will show ...
by santorof Communicator in Splunk Search 09-09-2015
0 10
0
10
edwardrose

Host_Regex not working

Hello All, I know that there are lots of questions for host_regex not working. Here is mine. [monitor:///var/log2/...
by edwardrose Contributor in Splunk Search 09-09-2015
0 2
0
2
kevinjacks

How to add hours to _time for specific events using eval?

I need to add 3 hours to records which have SITE=1 and not change anything for other sites. I started with this, b...
by kevinjacks Explorer in Splunk Search 09-09-2015
0 2
0
2
landen99

How to create a list of fields in a table with stats displayed on the Selected Fields sidebar, including rare 10 values, their counts, and percentages?

I want to take a list of fields and show the stats displayed on the Selected fields sidebar in a table. When we do a...
by landen99 Motivator in Splunk Search 09-09-2015
0 3
0
3
splunker1981

Why am I getting "Error in 'rex' command...Regex: missing )"?

Hello All, I am brand new to Splunk and can't for the life of me figure out what I am doing wrong. I would like to ...
by splunker1981 Path Finder in Splunk Search 09-09-2015
0 3
0
3
jodros

How to extract these individual fields for iostat data?

I am having a difficult time extracting fields for data returned by iostat. Has anyone been able to extract these in...
by jodros Builder in Splunk Search 09-09-2015
0 1
0
1
dcdd

How to display the Interesting Fields in a custom search view using the Splunk web framework?

I'm using the web framework to create my own custom search view. However, from http://docs.splunk.com/DocumentationSt...
by dcdd New Member in Splunk Search 09-09-2015
0 2
0
2
brent_weaver

How to parse CEF files with key value pairs that contain white space?

Hello all! I am a Splunk "newb" when it comes to parsing out files for ingestion. Here is my situation. I have a CE...
by brent_weaver Builder in Splunk Search 09-09-2015
0 5
0
5
pinVie

How can I use values in a table for a gauge?

Hi all, I have a search that returns a table with only one line and four int values. What I'd like to do, is to cre...
by pinVie Path Finder in Splunk Search 09-09-2015
0 1
0
1
dkoops

R Project: How do I use commands involving paths with R language in Splunk?

I want to use R to train a machine learning model, export it using saveRDS(), and then importing it again within Splu...
by dkoops Path Finder in Splunk Search 09-09-2015
1 2
1
2
matt_cunningham

How to incorporate a pattern into a search?

If I can see a pattern forming that will help me track users in my environment, how can I set up a search to serve t...
by matt_cunningham New Member in Splunk Search 09-09-2015
0 1
0
1
jameskerivan

How to search the total distinct count on two different fields?

Hi, This is kind of a silly question, but currently my application is logging the session id as two separate fields,...
by jameskerivan Explorer in Splunk Search 09-08-2015
0 2
0
2
matt_cunningham

I need to find an IP Address or user agent for a client that visits 5 uri stems, how can I incorporate this into a query

An group of IP Addresses, continue to hit a set of 5 uri stems. If they change their IP Address, I would still like t...
by matt_cunningham New Member in Splunk Search 09-08-2015
0 4
0
4
akawacz

What can I use instead of the join command for my search?

Hi, I would like to use something different instead of join index=test STATUS=Closed | stats dc(ID) as TOTAL by PE...
by akawacz Path Finder in Splunk Search 09-08-2015
0 6
0
6
rubeniturrieta

Why isn't my index available for search in a distributed search environment?

Hi to everyone I have a "Distributed Environment", with two indexers, and two search heads. In the Master Node Index...
by rubeniturrieta Communicator in Splunk Search 09-08-2015
0 7
0
7
Michael_Schyma1

Transforms.conf and props.conf field extractions

Hey fellow Splunker's. I am trying to figure out what i am doing wrong in the transforms.conf to create the proper fi...
by Michael_Schyma1 Contributor in Splunk Search 09-08-2015
0 11
0
11
wpreston

Week number and Month/Day of the begining of that week

I report on a count of events by week number, it displays like this: Week Number Count ----------- -...
by wpreston Motivator in Splunk Search 09-08-2015
3 7
3
7
idab

Why is my time search not showing expected results with a relative time picker input?

Hello everyone, Need your help. I have this dashboard to display some counter information for each host over a certa...
by idab Path Finder in Splunk Search 09-08-2015
0 1
0
1
Claim a $25 Cisco Store Gift Card
Help us improve the Splunk Community and complete our survey today!
Top Labels
Get Updates on the Splunk Community!

Splunk Enterprise Security(ES) 7.3 is approaching the end of support. Get ready for ...

Hi friends!    At Splunk, your product success is our top priority. With Enterprise Security (ES), we're here ...

Splunk Enterprise Security 8.x: The Essential Upgrade for Threat Detection, ...

Watch On Demand the Tech Talk, and empower your SOC to reach new heights! Duration: 1 hour  Prepare to ...

Splunk Observability for AI

Don’t miss out on an exciting Tech Talk on Splunk Observability for AI!Discover how Splunk’s agentic AI ...