Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Splunk Search
Splunk Search
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | I have data like this: one_field="value_a|value_b|value_c", other_field="value_x|value_y" How can I instruct MV_AD... by gesman Communicator in Splunk Search 04-28-2015 0 1 | 0 | 1 | |
| | Hi, Is there any way i can monitor how much time is being taken for query to execute and also which part of query is... by luckymaddy Explorer in Splunk Search 04-28-2015 0 2 | 0 | 2 | |
| | I have gone over Splunk's tutorial to create Pivot tables. Now that I know the process, I would appreciate some dire... by Splunk2016 Path Finder in Splunk Search 04-28-2015 0 2 | 0 | 2 | |
| | hi, pretty new to splunk. I'm setting up a realtime search that will refresh every 30 sec. Here's my query on the ... by sou128 Explorer in Splunk Search 04-28-2015 0 1 | 0 | 1 | |
| | How do I use the IFA or even better erex and specify mutiple values that contain a comma? I've tried putting them in ... by tb5821 Communicator in Splunk Search 04-28-2015 0 3 | 0 | 3 | |
| | One of the fields in my data is the form "lastname,firstname". Splunk extracts the last name and moves on to the next... by garywiner New Member in Splunk Search 04-28-2015 0 2 | 0 | 2 | |
| | I have a query index=casm_prod sourcetype=smtrace "Center realm" | rex "(?i) Realm\\]\\[\\]\\[\\]\\[\\]\\[\\]\\[\\]\... by moiezuddin Explorer in Splunk Search 04-28-2015 0 20 | 0 | 20 | |
 | I have a few multivalue fields which I created using stats list(A) as A_list, list(B) as B_list, list(_time) as time_... by singhbc Path Finder in Splunk Search 04-28-2015 2 7 | 2 | 7 | |
| | … | where like(src, “10.9.165.%”) OR cidrmatch(“10.9.165.0/25”, dst) What will this search return as a result? An... by rashokciet New Member in Splunk Search 04-28-2015 0 5 | 0 | 5 | |
| | I've got the start time for my events in a external xml-file. Is there a easy way to access this information in a sea... by seam0n Explorer in Splunk Search 04-28-2015 0 5 | 0 | 5 | |
| | Hi All, I have Splunk running on my machine. I am using Nodejs (Javascript sdk) to search a query. I am using onesho... by blazergun Engager in Splunk Search 04-27-2015 0 2 | 0 | 2 | |
| | Hello, I am basically stuck on this problem that I hope the Splunk community can help me with. I have 2 files. Tha... by anhtrantech Engager in Splunk Search 04-27-2015 0 1 | 0 | 1 | |
 | Hi I had a similar problem last month. I received a solution but now I encountered the same problem but the solution... by edrivera3 Builder in Splunk Search 04-27-2015 0 6 | 0 | 6 | |
| | I am trying to calculate a moving average and overlay those values on a bar chart of actual values. This is what I h... by krwinters11 Path Finder in Splunk Search 04-27-2015 2 10 | 2 | 10 | |
| | Hi, Once we get data into splunk, what is the basic testing we have to do? What are the basic searches we need to ru... by luckymaddy Explorer in Splunk Search 04-27-2015 0 3 | 0 | 3 | |
| | I have a little confusion about how time stamp actually works. I want to do a very simple query to combine the result... by shengcow Explorer in Splunk Search 04-27-2015 0 6 | 0 | 6 | |
| | I am trying to understand better how splunk regex works. I have the below example: This is a sample of the data I a... by HattrickNZ Motivator in Splunk Search 04-27-2015 0 7 | 0 | 7 | |
| | I have log data like this: 2015-04-22 14:10:02,351 [ACTIVE] PerfLogger [CCID] - Message: subprocess.name.1; Duration:... by wjblazek Explorer in Splunk Search 04-27-2015 0 4 | 0 | 4 | |
| | Hey folks, I have a web application that logs several log lines per request. Each line is tagged with the request id... by fw42 New Member in Splunk Search 04-27-2015 0 6 | 0 | 6 | |
| | Currently, a log file is being written to every 5 minutes that displays each user logged in at that specific point in... by Splunkster45 Communicator in Splunk Search 04-27-2015 0 3 | 0 | 3 | |
 | Hi, I am new to Splunk, but I already like its features. I was trying to extract a field from my loaded .csv file a... by skender27 Contributor in Splunk Search 04-27-2015 0 4 | 0 | 4 | |
| | What is going on here? All fields are technically working correctly, as I can filter by them, use them in stats or e... by StevenPol Engager in Splunk Search 04-27-2015 3 1 | 3 | 1 | |
| | Hi, what is the easiest way to filter out event duplicates without adding every field in the dedup command? Is |... by HeinzWaescher Motivator in Splunk Search 04-27-2015 2 6 | 2 | 6 | |
| | For example, on one result I have a field 'Transactionid' equal to '12345' and on another result I have a field 'tran... by chrismeyer75 New Member in Splunk Search 04-27-2015 0 11 | 0 | 11 | |
| | Is there a splunk search that I can use to find the latest timestamp when an app was installed? Is there an internal ... by nibinabr Communicator in Splunk Search 04-27-2015 0 2 | 0 | 2 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Become An Expert
Claim a $25 Cisco Store Gift Card
Help us improve the Splunk Community and complete our survey today!
Top Labels
-
administration
3 -
alert action
3 -
alert condition
2 -
Analytics Workspace
2 -
authentication
1 -
chart
943 -
Classic dashboard
1 -
configuration
2 -
correlation search
1 -
count
1,002 -
Dashboard Studio
3 -
data
3 -
data model
1 -
development
6 -
distributed search
1 -
drilldown
1 -
email
1 -
eval
2,607 -
field extraction
2,015 -
fields
2,057 -
host
1 -
index
4 -
indexer
2 -
inputs.conf
1 -
intermediate forwarder
1 -
introduction
5 -
join
1,056 -
JSON
2 -
Linux
2 -
login
1 -
lookup
1,559 -
metadata
307 -
monitoring console
2 -
other
141 -
panel
2 -
PDF
1 -
Python
1 -
regex
1,497 -
report acceleration
2 -
rex
1,245 -
SAML
1 -
saved search
5 -
scheduled search
4 -
scripted input
1 -
search
2 -
search head
3 -
search job inspector
680 -
search peer
1 -
simple XML
1 -
source
1 -
sourcetype
4 -
Splunk Web Framework
1 -
splunk-assist
1 -
splunkd
1 -
stats
3,553 -
subsearch
1,718 -
summary indexing
4 -
table
1,747 -
time
1 -
timechart
1,156 -
transaction
451 -
transforms.conf
1 -
troubleshooting
8 -
tstats
565 -
universal forwarder
5 -
using Splunk Cloud
2 -
using Splunk Enterprise
13 -
Windows
3
- « Previous
- Next »
Get Updates on the Splunk Community!
Index This | Why did the turkey cross the road?
November 2025 Edition
Hayyy Splunk Education Enthusiasts and the Eternally Curious!
We’re back with this ...
Enter the Agentic Era with Splunk AI Assistant for SPL 1.4
🚀 Your data just got a serious AI upgrade — are you ready?
Say hello to the Agentic Era with the ...
Feel the Splunk Love: Real Stories from Real Customers
Hello Splunk Community,
What’s the best part of hearing how our customers use Splunk? Easy: the positive ...
