Splunk Search

Discussions

Thread Info

Why do Stats and Evenstats return different results when calculating percentiles?

I am trying to work out the 99th percentile of some response times and after seeing discrepancies in a couple of sear...

by Engager in

Is it possible to use the same subsearch twice in a search?

Hello, Is it possible to use the same subsearch twice in a search? Of course without having Splunk to execute the ...

by Path Finder in

Why does my search in curl return empty results?

Hi guys, I tried to make a search using curl, but the problem is when the command finalizes, it return empty. H...

by Path Finder in

How to edit my search to remove duplicate source, sourcetype, and _time values by host?

Hi, This is my search and need to remove duplicate source, sourcetype, and last_time by host. Please suggest how t...

by New Member in

how can i get two different events individually where both are separated by pipe "|" in the splunk data base.

i am using splunk to get the logs. we build a data base where 2 or 3 log events are separated by pipe "|" and tagged ...

by New Member in

How do you show events on a timeline?

Assuming I'm showing events on a timeline, say for example, timechart count(sign_ins) by date_hour date_hour | use...

by Path Finder in

how search things which do not belong to inner join?

would like find things which can not inner join, meaning left side and right side which no common things how search t...

by Explorer in

how to search successful or failure connection for firewall log?

i use this log for 24 hours but no result even in last 7 days, however individual search inbound and outbound sepa...

by Explorer in

Joining two eventtypes based on an ID

I currently have two sets of data where one includes all of the product views, and one includes all of the downloads ...

by Explorer in

Regex help!

Hi How can i extract a dn from the following result. identity: acd123 cn=abc,ou=..,ou=.., xyz234 cn=acd,ou=abc,....

by New Member in

How to highlight the lowest value in a statistics table with yellow or red?

Hi, I have the search below and it works great. It outputs a table with the customer name, then a trendline, and t...

by Motivator in

How to extract these fields from my sample data?

I have raw data like this, 09:00:06 08/01/2016 good TSMONW46PRDV [TSMONW46PRDV][AP] Disk Space Disk/File S...

by Communicator in

How to change "infraction" data model to have global permissions and make it accessible across all apps.

Can anyone suggest me where to change the settings to make the data model global.

by New Member in

How to remove field values

Hi, I want to remove source and source type field value of Unix:Service Unix:Uptime Unix:Version package ps ...

by New Member in

How to compare same field values at different times?

How can I do a comparison with values from same field at different times? The logs belongs to the same index/sourcety...

by Communicator in

How to timechart events that occurred once in the last 5 minutes and more than once in the past 24 hours

Hello Splunkers, The question here is straightforwarder  How can I count on a timechart of events that occurr...

by Super Champion in

It is possible to use the delta command to calculate the percentage difference?

Hello! I wanted a way to calculate the difference as the Delta, but in percentage. It's possible? Thank you!

by Path Finder in

Hostname returned as IP in different domain

Hi I'm having a problem with some records that are being sent from our web application - the hostname of the web s...

by New Member in

How to edit our props.conf and transforms.conf to parse a CSV file we are indexing in Hunk?

I am trying to configure the props and transforms conf files for logs that's in .csv format that we're querying via a...

by Influencer in

Field Extraction not working

Hey ninjas Im almost biting my tongue off because of a strange issue, I know eventlog is kind of nasty when it com...

by Communicator in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Why do Stats and Evenstats return different results when calculating percentiles?

Is it possible to use the same subsearch twice in a search?

Why does my search in curl return empty results?

How to edit my search to remove duplicate source, sourcetype, and _time values by host?

how can i get two different events individually where both are separated by pipe "|" in the splunk data base.

How do you show events on a timeline?

how search things which do not belong to inner join?

how to search successful or failure connection for firewall log?

Joining two eventtypes based on an ID

Regex help!

How to highlight the lowest value in a statistics table with yellow or red?

How to extract these fields from my sample data?

How to change "infraction" data model to have global permissions and make it accessible across all apps.

How to remove field values

How to compare same field values at different times?

How to timechart events that occurred once in the last 5 minutes and more than once in the past 24 hours

It is possible to use the delta command to calculate the percentage difference?

Hostname returned as IP in different domain

How to edit our props.conf and transforms.conf to parse a CSV file we are indexing in Hunk?

Field Extraction not working

Splunk Observability Cloud | Customer Survey!

Happy CX Day, Splunk Community!

.conf23 | Get Your Cybersecurity Defense Analyst Certification in Vegas

Field EventDescription and Splunk Add-on for Sysmo...

searching for specific result

How to Add Datamodel Fields in Search and Reportin...

AD servers with indexing delays when evt_resolve_a...

Using comparison function within mstats