Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Splunk Search
Splunk Search
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | I need help with a REGEX that needs to match multiple conditions in a log event. The event looks like this: 02:02:0... by roguepacket Engager in Splunk Search 07-17-2015 2 4 | 2 | 4 | |
 | Hi, My question is divided into 2 parts - 1.) I have a log file in which there are about 20-22 columns but i want t... by sunnyparmar Communicator in Splunk Search 07-17-2015 0 7 | 0 | 7 | |
| | Why splunk adds the date and time to the beginning of a log. How to clean it? Jul 15 09:27:20 172.16.19.1 Jul 15 201... by vinchakov_a Path Finder in Splunk Search 07-16-2015 0 5 | 0 | 5 | |
| | I've got a KeywordList.csv lookup table with 3 columns (URI, URI_Keyword, URI_KeywordType). URI is a pre-existing fi... by mistergreen28 New Member in Splunk Search 07-16-2015 0 3 | 0 | 3 | |
| | I have a file: racf_username.csv located in /opt/splunk/etc/system/lookups which looks like; racf,username A123456,A ... by RVDowning Contributor in Splunk Search 07-16-2015 0 4 | 0 | 4 | |
| | Hi guys, I need to have multiple searches running that pull up a word from the same field and replace it with anothe... by BITSIntern Path Finder in Splunk Search 07-16-2015 0 10 | 0 | 10 | |
| | Is there any way to run Splunk queries from the RStudio IDE rather than from within the search bar? by mgianola Explorer in Splunk Search 07-16-2015 0 1 | 0 | 1 | |
| | I have a field "F1" with values as following: I want to add a filed "F2" with value 'a' to all 'a*', with value 'b'... by lys1030 Explorer in Splunk Search 07-16-2015 0 2 | 0 | 2 | |
| | We have a set of hosts that all begin with the letter 'm' and we want to set DATETIME_CONFIG = CURRENT for them. If ... by cjosephson Engager in Splunk Search 07-16-2015 0 4 | 0 | 4 | |
| | I have a log containing memory usage over a period of time. How can I plot a line graph where the x-axis is the time,... by Blackninja5431 New Member in Splunk Search 07-16-2015 0 2 | 0 | 2 | |
 | We have a key value pair where the value begins with a newline '\n'. It used to not have that newline and old search... by jeastman Path Finder in Splunk Search 07-16-2015 1 3 | 1 | 3 | |
| | Fairly new to Splunk so forgive the, what must be, fairly obvious question. We have an alert setup to email us if we... by alexlomas Path Finder in Splunk Search 07-16-2015 0 2 | 0 | 2 | |
| |  Hi guys, Thanks for reading this question. I have a dashboard on which I display several fields in a table as you can... by clairebesson Explorer in Splunk Search 07-16-2015 0 5 | 0 | 5 | |
| | Hi, I am trying to pull some statistics on what is the most recent time a value in a lookuptable appeared in my Splu... by octavian_i New Member in Splunk Search 07-16-2015 0 1 | 0 | 1 | |
| | I would like to extract from my log file user details on how many time they have had a request to the SGW where the n... by ssaenger Communicator in Splunk Search 07-16-2015 0 1 | 0 | 1 | |
| | Hello , I am trying to calculate time diff between two fields in a single event. My current search: sourcetype="XX... by ambujhbti New Member in Splunk Search 07-16-2015 0 4 | 0 | 4 | |
 | Hey everybody, I'm making a comparison between two files: one uploaded as an index and the second as a lookup file. ... by isedrof Engager in Splunk Search 07-16-2015 0 8 | 0 | 8 | |
| | Can transaction be used with endswith only without use of startswith? I read that transaction is processing events fr... by Ahmedkhalil Communicator in Splunk Search 07-16-2015 0 10 | 0 | 10 | |
| | I am writing a query to lookup processed web domains against a lookup list. I have defined a lookup named ss3url_loo... by borgy95 Path Finder in Splunk Search 07-16-2015 0 5 | 0 | 5 | |
| | Hi, I have a simple report/saved search with fixed time (-8@w1 to +1@w1) that calculates a timechart from a long lis... by big_twilde Engager in Splunk Search 07-16-2015 0 1 | 0 | 1 | |
 | delivery.csv contains the fields- key,name,product,priceorder.csv contains the fields- key,shipdate,location,delivery... by Madhan45 Path Finder in Splunk Search 07-16-2015 0 3 | 0 | 3 | |
| | Hi splunkers, Good day! How can I write a search if I don't want all HOST and PROCESS fields. Say for example, I do... by sympatiko Communicator in Splunk Search 07-16-2015 0 5 | 0 | 5 | |
| | Hi guys, I am inputting wordlists into splunk and in some of the wordlists there are certain words like "racist" and... by BITSIntern Path Finder in Splunk Search 07-16-2015 0 3 | 0 | 3 | |
| | my query looks like stats max(KPI1) as "Traffic of Sessions Answered (Erl)" max(KPI2) as "Traffic of Sessions Conn... by HattrickNZ Motivator in Splunk Search 07-16-2015 0 3 | 0 | 3 | |
| | Hi, I have a customer scenario where I receive complete machine events from parent component to deepest child compon... by shreyans Path Finder in Splunk Search 07-16-2015 0 3 | 0 | 3 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Become An Expert
Top Labels
-
administration
3 -
alert action
3 -
alert condition
2 -
Analytics Workspace
2 -
authentication
1 -
chart
943 -
Classic dashboard
1 -
configuration
2 -
correlation search
1 -
count
1,003 -
Dashboard Studio
3 -
data
3 -
data model
1 -
development
6 -
distributed search
1 -
drilldown
1 -
email
1 -
eval
2,608 -
field extraction
2,015 -
fields
2,061 -
host
1 -
index
4 -
indexer
2 -
inputs.conf
1 -
intermediate forwarder
1 -
introduction
5 -
join
1,058 -
JSON
2 -
Linux
2 -
login
1 -
lookup
1,564 -
metadata
307 -
monitoring console
2 -
other
149 -
panel
2 -
PDF
1 -
Python
1 -
regex
1,497 -
report acceleration
2 -
rex
1,246 -
SAML
1 -
saved search
5 -
scheduled search
4 -
scripted input
1 -
search
2 -
search head
3 -
search job inspector
680 -
search peer
1 -
simple XML
1 -
source
1 -
sourcetype
4 -
Splunk Web Framework
1 -
splunk-assist
1 -
splunkd
1 -
stats
3,557 -
subsearch
1,721 -
summary indexing
4 -
table
1,749 -
time
1 -
timechart
1,156 -
transaction
451 -
transforms.conf
1 -
troubleshooting
8 -
tstats
566 -
universal forwarder
5 -
using Splunk Cloud
2 -
using Splunk Enterprise
13 -
Windows
3
- « Previous
- Next »
Get Updates on the Splunk Community!
Data Management Digest – December 2025
Welcome to the December edition of Data Management Digest!
As we continue our journey of data innovation, the ...
Index This | What is broken 80% of the time by February?
December 2025 Edition
Hayyy Splunk Education Enthusiasts and the Eternally Curious!
We’re back with this ...
Unlock Faster Time-to-Value on Edge and Ingest Processor with New SPL2 Pipeline ...
Hello Splunk Community,
We're thrilled to share an exciting update that will help you manage your data more ...
