Splunk Search

Discussions

Thread Info

Adding a column from a subsearch

I have this query that i've lightly changed from the winfra app, but i want to add a PID into it, that would be in th...

by Explorer in

Display table issue

Currently I have a table generate by my query as below query: index=a | stats count by name code signature name ...

by Communicator in

Splunk conditional count/aggregation

I have some CSV data about files imported in to Splunk. The data looks like this: "\\domain\path\to\file\","<filen...

by Explorer in

search against a lookup table

Need help. How to I obtain the following output? I tried the following SPL but doesn't work. index=car_record | se...

by New Member in

Can I use regex to assign a sourcetype?

Hello. I new to regex and have been trying to understand how it works. Let say i have a log containing strings of...

by New Member in

Calculating Source type info indexing rate and EPS

Hello Splunkers, I would like to calculate below EPS values for 30 days time period for each source type on one c...

by Path Finder in

How to do eval and percentage based calculations?

I want to calculate the amount of change in between today's score and yesterdays. This is a file with a few days data...

by Path Finder in

I want to find the difference in count of processes from last 2 months

My 1st search: earliest=-2mon@mon latest=-1mon@mon index=linux (host=abc OR host=xyz) COMMAND=LMN|dedup host,PID|stat...

by Communicator in

How do I merge events on the basis of time and fields?

I want to merge events that are in between state=" STARTED" and state="COMPLETED" i.e. All the following events of st...

by Explorer in

Search Query Help

Hi Team, I got a scenario as below: index=* host=A or host=B Type=Info "Service down" In this i want the follow...

by Path Finder in

How to build a multi-level piechart?

Hello, I am searching for a possibility to build a multi-level piechart in Splunk. Does anyone knew if the is an b...

by Path Finder in

How to extract a field from a GET request?

Hi All - I am having trouble extracting the following fields from a GET request . GET **/TSGene/**images/literatu...

by Path Finder in

how can you run one search and share that data with multiple panels

How can or is there a way of running one search and sharing the resulting data amongst multiple panels in a Dashboard...

by Explorer in

Nested JSON and SPATHING

Hi, I have another question similar to the question I asked at https://answers.splunk.com/answers/624148/expanding...

by Path Finder in

Pivot search

hello , someone can help me to translate this pivot command in search command | pivot proofpoint proofpoint_search...

by New Member in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Adding a column from a subsearch

Display table issue

Splunk conditional count/aggregation

search against a lookup table

Can I use regex to assign a sourcetype?

Calculating Source type info indexing rate and EPS

How to do eval and percentage based calculations?

I want to find the difference in count of processes from last 2 months

How do I merge events on the basis of time and fields?

Search Query Help

How to build a multi-level piechart?

How to extract a field from a GET request?

how can you run one search and share that data with multiple panels

Nested JSON and SPATHING

Pivot search

What’s New in Splunk Cloud Platform 9.1.2308?

Index This | Why do they call it hyper text?

State of Splunk Careers 2023: Career Resilience and the Continued Value of Splunk

Users with the same roles, in the same app, and sa...

auto_generated_pool_download-trial

Automatic lookup during data ingestiont (Splunk cl...

Working with OpenTelemetry Cumulative Histogram Bu...

Better PDF report visualization