Splunk Search

Community Activity

How can i export a list of all services in APM I am trying to get a list of all services that are in APM. The APM usage report does not provide the name and only pr... by asif_khan1 New Member in Splunk Search 05-30-2025 0 0	0	0
How do you list Index, sourcetype and source using the REST command? Hi, I am working to list all the index with underlying sourcetypes and sources in it. For which I am currently usin... by harshal_chakran Builder in Splunk Search 05-30-2025 0 7	0	7
comparing the data of lookup with index data and extrcat the info from Index index=sap sourcetype=FSC\| fields _time index Eventts ID FIELD_02 FIELD_01 CODE ID FIELD* source\| rex field=index "^... by smanojkumar Contributor in Splunk Search 05-30-2025 0 12	0	12
Splunk search is not working in Splunk Cloud platform Hi Team,On May 20th, we successfully migrated from Splunk On-Prem to Splunk Cloud. We have a scheduled search that ru... by Pooja1 Loves-to-Learn Everything in Splunk Search 05-29-2025 0 2	0	2
unable to sort the month fields chronological instead of alphabetically in output Hi Everyone!I wrote a search query to get the blocked count of emails for last 6months and below is my query-\| tstats... by mchoudhary Explorer in Splunk Search 05-29-2025 0 9	0	9
Can't convert timeformat to unix Hopefully I've only got a small problem this time, but I've had no luck fixing it despite hours of trying. All I'm tr... by dtaylor Path Finder in Splunk Search 05-28-2025 0 2	0	2
How to show the line when its value is NULL with chart command / chartコマンドで行の値が0の時表示する方法 Hi, I try to display the number of events per day from multiple indexes.I wrote the below SPL, but when all index val... by mint_choco Explorer in Splunk Search 05-28-2025 0 1	0	1
remove timepart and convert to date so that i can aggregate at the date level Hi , I have this scenario where i am getting data from one of the index with 2 other specified filters likeindex=ind... by Raj_Splunk_Ing Path Finder in Splunk Search 05-28-2025 0 5	0	5
Search for a path the might not exist Hi I have the following data (Below).I have a situation where I want to search for "*" on a search and have it return... by robertlynch2020 Influencer in Splunk Search 05-28-2025 0 8	0	8
How to Mute Alert using Lookup table This is what I have setupindex=xxxxxx\| eval HDate=strftime(_time,"%Y-%m-%d")\| search NOT [ \| inputlookup Date_Test.cs... by Cheng2Ready Communicator in Splunk Search 05-27-2025 0 13	0	13
Eventtype 'wineventlog_security' does not exist or is disabled Hi,got some problem in my searches since a few days.I really don´t know what happend and no one changed the configura... by Benny87 Loves-to-Learn in Splunk Search 05-27-2025 0 7	0	7
Why is INDEXED_EXTRACTIONS=csv not working in props.conf? I have a distributed Splunk instance with the search head separated from the Indexers. I want to drop a CSV file with... by ebailey Communicator in Splunk Search 05-22-2025 2 10	2	10
Using multiple lookups in a search hello So i want to make a search .i am using index=endpoint_defender source="AdvancedHunting-DeviceInfo" \| rex field=... by SN1 Path Finder in Splunk Search 05-22-2025 0 7	0	7
Alternates to join/append to avoid limitations Situation: I have 2 data sets:Dataset 1 is a set of logs which includes IP addresses. When aggregated, there are 200,... by kaeleyt Path Finder in Splunk Search 05-22-2025 0 3	0	3
Splunk search lookup Have a data that returns ip field and values as below.Ip = 0.0.0.11Ip= 0.0.0.12There is a lookup that contains field ... by Harikiranjammul Explorer in Splunk Search 05-22-2025 0 2	0	2
Accessing Elasticsearch Data from Splunk Using SPL (Without Data Duplication) Hi Splunk Community,I’m working on a use case where data is stored in Elasticsearch, and I’d like to use Splunk solel... by kn450 Explorer in Splunk Search 05-21-2025 0 6	0	6
Search Within Results To Show Only Last Month I have 3 searches that I'm appending. Each returns a Name and Date. Then I take the maximum of each of the Dates and ... by andrewkenth Communicator in Splunk Search 05-21-2025 0 4	0	4
Is it possible to replace null fields at index-time? Hi, I have to search saved as quickly as possible. I CSV indexes whose columns are sometimes empty. I have to put a ... by bvivi57 Observer in Splunk Search 05-21-2025 0 9	0	9
Suming up fields only once based on field Hi all, I have the following situation with a query returning a table of this kind:fieldAfieldBA2A2B4B4 I need to add... by Jimenez Explorer in Splunk Search 05-21-2025 0 3	0	3
Splunk Answers Content Calendar May 2025! Hello Splunk Community! Welcome to another week of fun curated content as a part of our Splunk Answers Community Cont... by Anam Community Manager in Splunk Search 05-20-2025 2 0	2	0
Dedup is extremely Slow Hello,I have a Search that is taking 5 min to complete when looking at only the last 24 hrs. If possible, could some... by tdavison76 Path Finder in Splunk Search 05-20-2025 0 5	0	5
greater than, less than operator changed to xml code, after table command? Hello ,My splunk query is simple: index=abc,source=xxx.trc\| transaction host source max events=100000\| table _time ho... by sarvesh_11 Communicator in Splunk Search 05-20-2025 0 14	0	14
lookup/ inputlookup in search not providing any results Hello @Splunkers,Can someone please help me on this ? Trying to use "lookup/ inputlookup" command in search.Use case:... by mpk_24 Explorer in Splunk Search 05-19-2025 0 6	0	6
Rex command help Hey @Splunkers,Looking for valuable insights for this use case. I wanted to extract the numbers at the end of the log... by mpk_24 Explorer in Splunk Search 05-19-2025 0 2	0	2
Alert when firewall stops reporting to syslog Hello. I am working on creating an alert in Splunk for detecting when a firewall stops sending logs. We have all logs... by te25 Engager in Splunk Search 05-19-2025 0 3	0	3