Splunk Search

Discussions

Thread Info

How can I extract fields based on headers from a CSV file in .gz format?

I tried providing a csv file location in inputs.conf, [monitor:///path/to/*.csv.gz] source = testcsv sourcetype =...

by Explorer in

How to take index names from a CSV file and run a stats count on the listed index names?

I need to find various information (counts, last and first event received time, etc) on indexes listed in a CSV file....

by Communicator in

how to transpose ?

field1,field2,field3 1, a, b 1, b, c 1, c, d 2, r, s 2, s, k 2, k, l 2, l, m field 1 is the key based on above...

by New Member in

How to search users who had concurrent access on different PCs within the same logon and logoff period from my sample data set?

Sample data set user, pc, logon, logoff, durationOfLogon User11, HNA1E8I, 01-06-15 13:49:09, 01-06-15 13:49:11, 0:...

by New Member in

How can I keep only first 6k bytes of single line event by transforms.conf

How can I keep only first 6k bytes of single line event. I have syslog type of data. They are single line and some...

by Splunk Employee in

How do I split the output of the join in Splunk

I have a splunk join between a synchornous event and an asynchornous event. The only join condition between these are...

by Path Finder in

How to Use * in escape sequence?

We can use \ as an escape sequence for special characters ",",(,),[,] and so on. How to use for * character?

by Path Finder in

How to convert this numeric field to a date format? "20150223" to "2015-02-23"

Hi everybody, I need your help please, i want to convert a numeric field to a date. Ex: "20150223" >> "2015-02-23"...

by Engager in

How to combine stats count results?

I have this string and I want the output for this result to be combined on one line and also sum the results index...

by Communicator in

What time modifiers do I need to look at 1 hour of data for yesterday relative to today?

I want to just look at 1 hour for yesterday, but I want it to be relative to today so no matter when I look at it in ...

by Motivator in

How to use mvfilter with multiple regexes?

I am building an alert based on file accesses to certain files. This is what I have so far: index=wineventlog sour...

by Path Finder in

How to count and chart by minute an error exists, not the count of the number of errors? (ex: each minute = 1 count)

Hi, Anyone know what's the best way to count by minute the error exists, and not by the count of the number of er...

by Contributor in

How to create a PDF report with a varying number of timecharts, dependent on unique stats results?

Hi, I have a search w/ a stats function that illustrates multiple individual errors. Once that search completes, I...

by Contributor in

Using D3 donut with real-time search

Hi all, I'm tying to use D3 donut chart with splunk real-time search. I've defined SearchManager this way : var searc...

by Path Finder in

How to create a Geomap with the geostats command using source IP and destination IP?

I wrote this Splunk search that gives me the lat and lon for both the destination IP address and source IP address ba...

by New Member in

How to create a drop-down to show counter information based on host?

Hi everyone, Need help with my XML below. I need to create a drop-down to display certain data based on the host a...

by Path Finder in

How can I subtract two results from stats?

Hi all. I'm having a hard time trying to make a subtraction.. This is my entry csv: Date,category,amount,per...

by Communicator in

What's your best Humans vs Zombies query?

As a spin on the rabbit/coyote population cycle I've come up with one for humans vs zombies (somewhat at boss' reques...

by Motivator in

Rename a Column?

I'm processing some IIS log files with a search: stats count max(time_taken) avg(time_taken) as avgTT by cs_uri_stem ...

by Path Finder in

Field Extract returns different results than inline rex field

Using Splunk 6.2, I have a few regex commands that return drastically different results when they are set up using...

by Engager in

How to grep a number from a string?

Hi, I have a column in my source with different severity levels, for example - Severity 1 - High 2 - Medium ...

by Explorer in

Using the Splunk Python SDK, how do I get my custom generating search command to use the result of a subsearch as parameter?

I am in the process of writing a custom command using the Python SDK. It is a generating command. I would like the...

by Path Finder in

How to compare and filter results from an inputlookup table?

Hi all, So I have a search that currently is giving me a stats table where one of the fields is "Bundle", and wha...

by Path Finder in

Is it possible to use dedup or "|" commands in the base search of a data model?

I have an instance using ServiceNow data where I want to dedup the data based on sys_updated_on to get the last updat...

by Path Finder in

How to chart a varying number of fields?

I have message data similar to as follows, which is the count of active user processes on a host: host=hostA user1...

by Engager in

Get Updates on the Splunk Community!

Splunk Search

Discussions

How can I extract fields based on headers from a CSV file in .gz format?

How to take index names from a CSV file and run a stats count on the listed index names?

how to transpose ?

How to search users who had concurrent access on different PCs within the same logon and logoff period from my sample data set?

How can I keep only first 6k bytes of single line event by transforms.conf

How do I split the output of the join in Splunk

How to Use * in escape sequence?

How to convert this numeric field to a date format? "20150223" to "2015-02-23"

How to combine stats count results?

What time modifiers do I need to look at 1 hour of data for yesterday relative to today?

How to use mvfilter with multiple regexes?

How to count and chart by minute an error exists, not the count of the number of errors? (ex: each minute = 1 count)

How to create a PDF report with a varying number of timecharts, dependent on unique stats results?

Using D3 donut with real-time search

How to create a Geomap with the geostats command using source IP and destination IP?

How to create a drop-down to show counter information based on host?

How can I subtract two results from stats?

What's your best Humans vs Zombies query?

Rename a Column?

Field Extract returns different results than inline rex field

How to grep a number from a string?

Using the Splunk Python SDK, how do I get my custom generating search command to use the result of a subsearch as parameter?

How to compare and filter results from an inputlookup table?

Is it possible to use dedup or "|" commands in the base search of a data model?

How to chart a varying number of fields?

Building Reliable Asset and Identity Frameworks in Splunk ES

Cloud Monitoring Console - Unlocking Greater Visibility in SVC Usage Reporting

Automatic Discovery Part 3: Practical Use Cases

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Using Machine Learning Toolkit to detect auth abus...

Splunk Search

Are you a member of the Splunk Community?

Discussions