Splunk Search

Start a Conversation

Discussions

Start a Conversation

Thread Info

how to add row fields as column fields in splunk

example: I have Current output sha256 md5 000sadasd asdasdasdsad Desired Output Hash_type values sha256 ...

by Explorer in

How to extract fields from JSON which is stored in another field?

Hi I am new here and I have an issue which is unsolvable for me. I hope some of you can help me. The result of...

by Engager in

How can we exclude weekends from the count of the number of days for the age of a ticket?

Hi , We have a field called AGING which tells how many days a ticket exists. In order to get the accurate age,...

by Path Finder in

How to combine data from different sources and get one report?

Hi Team, May be you feel that this is a repetitive questio,n but I didn't get response, so I opened a new question...

by Communicator in

Regular expression removal of identical placement values?

Let's say I have a service that spits out information such as the following: localhost;PING;PING OK - Packet loss ...

by Explorer in

How to use a drop-down form for a search?

I have below search which has a CSV input (example host and category) host server1 server2 server3...

by New Member in

How to troubleshoot Splunk 6 search performance issues?

Doing a simple search index=test over 10mln events gives me browsing speed around 5000 events per second. Extremely s...

by Explorer in

How to extract multiple values on one field from XML structured data?

Hi, I want to split data from this XML structure, but I cannot because the extracted field only gets the first el...

by Path Finder in

How to match the beginning of a log line in a Splunk search?

I have events from an application containing various logger type messages, I.e: INFO, WARN, ERROR... Searching just f...

by Path Finder in

How to dedup a field for each day over 30 days?

I have this search that I run looking back at the last 30 days index = ib_dhcp_lease_history dhcpd OR dhcpdv6 r - ...

by Explorer in

How to hide a column in a table, but use the hidden field in the chart for a report?

Hello experts, I have a case where I need to show a field in a table, but I need to hide it in the chart. Sear...

by Explorer in

Is there a way to hide column in a table but still use it for drilldown in HTML Dashboards in Splunk 6

I have a scenario where I have a table panel I would like to hide the last column of that table but still be able to ...

by Contributor in

How to search the count of adds/removes (new hosts vs host decoms) month on month?

What I want is to many adds/removes (new hosts vs host decoms) month on month index=* | stats dc(Host_Name) by dat...

by Path Finder in

Calculating Percentage

Hello, I'm having trouble finding the correct syntax and function to get the desired end result. I have a search base...

by Explorer in

How to display individual URI counts by user with timechart or stats?

I am looking to display individual URI count by User on a timechart. Is this possible? My current search returns t...

by Path Finder in

How can I compare these two fields?

Hello Fellow Splunkers, I am trying to write a search to compare the sitename and referrer to find all results whe...

by Explorer in

Why is my REGEX in transforms.conf not working to filter data to nullQueue?

Hi, I want to filter Windows Security event logs in (/etc/system/local/)props.conf/transforms.conf. Here is my ...

by Engager in

How to calculate the time range between two events?

I have data like below. How do I calculate the time difference between A.1-B. 1, A.2-B.2......A.n-B.n Time Offset ...

by New Member in

After upgrading Splunk from 6.2 to 6.3.1, why am I getting no results searching any indexes?

Hi Team, I have upgraded Splunk from 6.2 to 6.3.1 version. I restored backup, but still I am not getting any outpu...

by New Member in

Anonymize only some Email Addresses

Hi, I need help writing a regex which must anonymize email address which doesn't below to the company domain. I al...

by Communicator in

Get Updates on the Splunk Community!

Splunk Search

Discussions

how to add row fields as column fields in splunk

How to extract fields from JSON which is stored in another field?

How can we exclude weekends from the count of the number of days for the age of a ticket?

How to combine data from different sources and get one report?

Regular expression removal of identical placement values?

How to use a drop-down form for a search?

How to troubleshoot Splunk 6 search performance issues?

How to extract multiple values on one field from XML structured data?

How to match the beginning of a log line in a Splunk search?

How to dedup a field for each day over 30 days?

How to hide a column in a table, but use the hidden field in the chart for a report?

Is there a way to hide column in a table but still use it for drilldown in HTML Dashboards in Splunk 6

How to search the count of adds/removes (new hosts vs host decoms) month on month?

Calculating Percentage

How to display individual URI counts by user with timechart or stats?

How can I compare these two fields?

Why is my REGEX in transforms.conf not working to filter data to nullQueue?

How to calculate the time range between two events?

After upgrading Splunk from 6.2 to 6.3.1, why am I getting no results searching any indexes?

Anonymize only some Email Addresses

Build Scalable Security While Moving to Cloud - Guide From Clayton Homes

Mission Control | Explore the latest release of Splunk Mission Control (2.3)

Cloud Platform | Migrating your Splunk Cloud deployment to Python 3.7

How to transpose or untable one column from table ...

How to find events that were sent to HEC?

How to index data from zigbee2mqtt?

How to use a list of output as the input parameter...

how to set specific colors to 3 pie charts trellis...