Splunk Search

Discussions

Thread Info

How to add the stacked column feature in Django app dashboard?

Hi I had a column chart in my dashboard and I copied it to my new Django-Splunk App, but it's stacked column feature ...

by Builder in

How to edit my search to output results to separate rows based on multiple values?

Hi - I have been trying to get this search below to result in separate rows depending on the values. I have the infor...

by New Member in

Custom search script returning only first value in array/dictionary

I have a custom search script (Python) which is nothing more than a dummy script at the moment, as I want to get the ...

by Explorer in

Lookup default_match for multiple columns?

We are using a CSV to map one field to two more: status,status_title,status_type,status_ok -,Network connection su...

by Explorer in

Is it possible to perform stats within a transaction?

I have a transaction with multiple values for the same field. Is it possible for me to do a dc(other_field) within a ...

by Champion in

Transform for sourcetype issue

I am trying to make a minor update to take some data that is coming in via syslog and change the sourcetype to infobl...

by Path Finder in

Identify which data is useful

Is there an app or some documented searches that can help identify things like Indexes frequently searchedUsers wh...

by SplunkTrust in

display result with specific condition matched

Hi All, If I want to display the result with contain the below number(+61011 or +61012) the first 5 digits numbers...

by New Member in

How to: Splunk without any formatting?

Hello, So I have written a very simple Django app that displays a basic HTML and CSS webpage. The only reference t...

by Path Finder in

How to extract part of an XML message from the log file in the form of a table?

Hi, I have a log file named Audit.Log and has content something like below. < AuditLog > < Comp name="samsung"/ > ...

by New Member in

Automatic extraction of DATE from path in Splunk 6.2

Hi Could anyone help me with the configuration for extraction of date from path, which is done automatically? [...

by Motivator in

Simple XML view only shows 10 results in table

I have a dashboard/view that is built using simple XML. There are tables on this view that are built from saved searc...

by Path Finder in

How to define "latest" based on "earliest" in order to act on the group of events happening in a certain duration.

I have a search challenge where I need to pick a _time from SearchA and look for all the events happening in SearchB ...

by New Member in

How to count two file paths?

I'm very new to spiunk so bare with me. I'm trying to count the number of events on two seperate file paths and have ...

by Engager in

Mail Journal Header Log

Hi All! Today I index a log created from a script that extract some interesting fields from each received (from jo...

by Path Finder in

Lookup Search

Dear Experts, I need to write the custom search where user x can login from 5 sources , I am thinking to use looku...

by Path Finder in

Regex for extraction of Pattern from existing field

I want to extract a pattern from existing field "source" whose value is /abc/Prod/log/p123ot12. I want to extract p12...

by Communicator in

Splunk 6.0.1 recusrsive directory search not hapening

Hi, I have a series of Particular file types in a Direcotry of Directories, I tried to index them with monitor on ...

by Explorer in

Exporting search results to a specified path

I have looked at commands "outputlookup" and "outputcsv". Is there a way to export your search results to a specified...

by Path Finder in

Find rogue splunk servers

I have a list of computers running splunkweb , I am trying to remove results that are logging to the _internal index ...

by Path Finder in

Line breaks being removed from raw data in email alerts after upgrade to 6.1

Hi all, I have tried modifying the scheduled alert email actions to use raw and table format for the emailed alert...

by Path Finder in

exclude asterisk character from a search

Hi at all, I have a field (called uid) with some values = "*" and I'd like to exclude them from the results of my sea...

by SplunkTrust in

How do I write a combined search query that allows me to pick a time from the first search and then use this time to look for log events in the second search that happened witthin 30 seconds of the first.

I would like to write a search query that allows me to pick a _time from the first and use it to search all the event...

by New Member in

Index time field extraction: regexp issue

Hello, Since I often search a specific expression in a large set of events, I would like to index it. Every sin...

by Explorer in

Help to Write the Custom Query

Dear Experts, I am creating the custom search in ES app , | tstats allow_old_summaries=true dc(Authentication....

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

How to add the stacked column feature in Django app dashboard?

How to edit my search to output results to separate rows based on multiple values?

Custom search script returning only first value in array/dictionary

Lookup default_match for multiple columns?

Is it possible to perform stats within a transaction?

Transform for sourcetype issue

Identify which data is useful

display result with specific condition matched

How to: Splunk without any formatting?

How to extract part of an XML message from the log file in the form of a table?

Automatic extraction of DATE from path in Splunk 6.2

Simple XML view only shows 10 results in table

How to define "latest" based on "earliest" in order to act on the group of events happening in a certain duration.

How to count two file paths?

Mail Journal Header Log

Lookup Search

Regex for extraction of Pattern from existing field

Splunk 6.0.1 recusrsive directory search not hapening

Exporting search results to a specified path

Find rogue splunk servers

Line breaks being removed from raw data in email alerts after upgrade to 6.1

exclude asterisk character from a search

How do I write a combined search query that allows me to pick a time from the first search and then use this time to look for log events in the second search that happened witthin 30 seconds of the first.

Index time field extraction: regexp issue

Help to Write the Custom Query

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions