Splunk Search

Ask a Question

Discussions

Thread Info

Unknown search command 'gauge'.

Hi Guys, i am new to SPLUNK. when i search a query with non admin user i am getting below error, Unknown sea...

by Explorer in

Sum a series of values based on the distinctness of another column

i think its easier to ask my question by showing you some of the data I'm working with: Mon Feb 23 16:35:07 2015 ...

by Explorer in

I am try to to find the number of business days between two extracted fields

I am trying to follow what the others have done, but I am stumped as to why things are not functioning for me. I have...

by Path Finder in

Search in multiple indexes

Hi guys, I need some help. I have 2 index, and in both there are the field "ip", How can I create a search that...

by Contributor in

How to compare two weeks ?

Hi, I use Splunk 6.2. I try to compare two values between two differents weeks. index="market_logs" host="1...

by Engager in

Splunk treats any number that uses E (instead of *10) as a string

Any number such as 1.23456E-3 (equivalent to 1.23456*10^-3 or 0.00123456) is recognised by splunk as a string rather ...

by Path Finder in

How to customize raw data into fields using regex before exporting to CSV?

We are ingesting syslog logs. While doing a search and exporting to csv, we would like the raw data column to be spli...

by Explorer in

Why are certain events not showing in '| stats count' output?

Hello, The following search: index=app_win source=service State=Stopped StartMode (Auto OR Manual) Name=*IBM*...

by Communicator in

Why is my timechart search WHERE duration > 8 not returning any data?

I have a lot of SOAP req/resp pairs and I was able to match them up and find the time between them (duration). I then...

by SplunkTrust in

How can I pipe search results to syslog?

Example: I'd like to run a search on windows logs, do some data transformation and then pipe the output to a syslo...

by Engager in

How to edit my search to get a table of data from multiple indexes?

Hello, I’m looking for to get a table from the the search results from two indexes: index="imwaccesslog" OR ind...

by Explorer in

how to extract from java.lang

My events look like this TYP=ERR, TS1=1423574799157, TS2=1423574799157, CMP=PUR, EDESC=Unknown Host java.lang.Except...

by New Member in

How to extract the file name from full path using regex/rex?

I am trying to extract a file name from the entire path using rex. An example log is: ....request=http://66.228.48...

by Communicator in

time range picker in Splunk 6.1.3 build 220630

Hi, I´m trying to get the Time range picker to work in a test dashboards and in some cases it does work but not when ...

by Path Finder in

Finding x number of log entries that happened prior to search results

I'm looking to find the last 5 log entries that occurred before a certain event, but I don't know how to craft the se...

by Path Finder in

Real time search, how to check if event doesn't exist and return something if it doesn't.

Hello, I have some logs arriving into splunk every 5 minutes from a script running on an application server. The f...

by Super Champion in

How to find the total count of users who had logged in from last 30 days in siteminder and tyayd applications

How to find the total count of users who had logged in from last 30 days in siteminder and tyayd applications From in...

by Explorer in

Can i have the autocomplete option for textbox ?

Hi , I have a created a form with a textbox. Can i create autocomplete option for this textbox..ie while typing it...

by Motivator in

How to search cisco firewall Deny actions based on internal source IPs against multiple external IP subnets?

Hi There, This is my first post so wanted to say Hello! I am trying to create an alert for possible Deny action on...

by New Member in

How to convert my time field for use in a timechart search?

Any suggestions on how to timechart an unusual timestamp that comes inside the log entry. These logs come in every ni...

by Contributor in

Extract multiple values from a single field?

I'm trying to extract multiple values from a single field. I noticed that Splunk field extractor will only extract on...

by SplunkTrust in

How to edit my search to create a more detailed report including date and time of events for management?

index="index" "some form of data" | top limit=100 User showperc=f I have the above search string which works grea...

by Explorer in

How to combine my two searches pulling data from two different indexes into one search?

Need help. We have two indexes and one index data stats as another index query input, Over all cost calculatio...

by Builder in

Clarification on using dump command

There's a requirement to export the search results from Splunk to a custom location in Unix server. The search has to...

by Path Finder in

How initiate second search after getting field values from my first search?

I have two different searches. How do I concatenate them? Search 1: string1 | rex field=_raw "{(?\d+)" Sear...

by Explorer in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Unknown search command 'gauge'.

Sum a series of values based on the distinctness of another column

I am try to to find the number of business days between two extracted fields

Search in multiple indexes

How to compare two weeks ?

Splunk treats any number that uses E (instead of *10) as a string

How to customize raw data into fields using regex before exporting to CSV?

Why are certain events not showing in '| stats count' output?

Why is my timechart search WHERE duration > 8 not returning any data?

How can I pipe search results to syslog?

How to edit my search to get a table of data from multiple indexes?

how to extract from java.lang

How to extract the file name from full path using regex/rex?

time range picker in Splunk 6.1.3 build 220630

Finding x number of log entries that happened prior to search results

Real time search, how to check if event doesn't exist and return something if it doesn't.

How to find the total count of users who had logged in from last 30 days in siteminder and tyayd applications

Can i have the autocomplete option for textbox ?

How to search cisco firewall Deny actions based on internal source IPs against multiple external IP subnets?

How to convert my time field for use in a timechart search?

Extract multiple values from a single field?

How to edit my search to create a more detailed report including date and time of events for management?

How to combine my two searches pulling data from two different indexes into one search?

Clarification on using dump command

How initiate second search after getting field values from my first search?

Splunk Observability Synthetic Monitoring - Resolved Incident on Detector Alerts

Video | Tom’s Smartness Journey Continues

3-2-1 Go! How Fast Can You Debug Microservices with Observability Cloud?

Cluster Map - Show Country Border

ES8 + Mission Control Usage rest API

Search for triggered save searches and their actio...

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static