Splunk Search

Start a Conversation

Discussions

Start a Conversation

Thread Info

Help with Drilldown and token condition in Dashboard

Hi everybody, I am creating a Dashboard using Splunk and I'm searching for a solution. I have a list machine ac...

by Communicator in

Do not display certain elements of a search?

Hello community, I am having a problem with a dashboard that I am setting up based on Splunk OnCall data, in order...

by Path Finder in

How can we convert milliseconds to seconds?

Hi, How can we calculate milli seconds to seconds for this field -> transactionDuration=20058?

by Explorer in

Can I generate a table in which I list every event with the four variables?

Hey Guys, I have the following data in Splunk. Each eventdata has 4 lines (which are seperated through newLines) and ...

by Loves-to-Learn in

How to use a multivalue field in a dropdown list?

Hello as you can see "type" field as 3 values : stand, vd or xe if the "type" field is "vd" or "xe", I need to ...

by Motivator in

Multisearch or union for this case- How to show for 5 user id's?

i All There are query splunk like this : (index=Prod sourcetype=ProdApp (host=Prod01 OR Prod02) sourc...

by Loves-to-Learn Everything in

How to convert timestamp to date for below timestamp to just date 2022-10-04?

How can i convert timestamp to date for below timestamp to just date 2022-10-04. timestamp: 2022-10-04 19:52:00.1...

by Explorer in

Is it possible to extract nested data make 2 keys?

Hi Splunkers, I have data like this, Primary Key_1: subkey_1 : subvalue_1 subkey_2 : subvalue_...

by Path Finder in

How to feed results of a query into another query of a different time and index?

Hi all, I am trying to feed results of a query into another of a different time and index and I'm facing issues with ...

by Engager in

[Solution] Dashboard global_time token value not set

For the search record: I edited an already functional dashboard in the studio, tweaking the layout. Part of that w...

by Engager in

How can I extract data with delimiter?

I have a log entry with the current format: field=A_B (delimited by underscore) How can I extract this...

by Path Finder in

How to possibly use spath within a tstats query?

Hello, I have an API call that is bringing in json data to my Splunk environment. When I do a basic query of the i...

by Communicator in

How can I parse a log containing multiple JSON records?

I have the following log: Requests over Threshold found: {"kv":{"top_requests":[{"operation_name":"get...

by Path Finder in

Dashboard for host,sourcetype, latest event received,Total Eventcount and sparkline for count of 1month?

Hi, | tstats earliest(_time) as Earliest latest(_time) as Latest where index=_internal by _time, index, s...

by Path Finder in

How to regex the field = "URI path" values by "/" character where the values are varying length?

Hi, I am b/t a rock and a wall, looking for any suggestion to solved this. I am using the URL ToolBox to dissec...

by Communicator in

Default Table sort order not working as expected?

host="*" index=main sourcetype=WwanSignal uid="3F77F61645E8323E205F832212" | table _time deviceName user quality prev...

by Contributor in

How to compare the values from same fields?

I want to create the new_field when other values of field_1 is less than of first value.Here in below example as 23 g...

by Explorer in

Help with Regex to extract values inside of the []

Good afternoon Splunk ninjas, i will require your assistance in designing regex that will help me take the values ins...

by Explorer in

How to create pie charts with column values?

Hi guys, I am quite new to the Splunk world, pls forgive me for asking a very basic question. So I have a tab...

by Explorer in

How to hide some values in field?

When i have query data result from search in field worker id it show >> domain\worker_id search result Example A...

by Explorer in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Help with Drilldown and token condition in Dashboard

Do not display certain elements of a search?

How can we convert milliseconds to seconds?

Can I generate a table in which I list every event with the four variables?

How to use a multivalue field in a dropdown list?

Multisearch or union for this case- How to show for 5 user id's?

How to convert timestamp to date for below timestamp to just date 2022-10-04?

Is it possible to extract nested data make 2 keys?

How to feed results of a query into another query of a different time and index?

[Solution] Dashboard global_time token value not set

How can I extract data with delimiter?

How to possibly use spath within a tstats query?

How can I parse a log containing multiple JSON records?

Dashboard for host,sourcetype, latest event received,Total Eventcount and sparkline for count of 1month?

How to regex the field = "URI path" values by "/" character where the values are varying length?

Default Table sort order not working as expected?

How to compare the values from same fields?

Help with Regex to extract values inside of the []

How to create pie charts with column values?

How to hide some values in field?

Devesh Logendran, Splunk, and the Singapore Cyber Conquest

There's No Place Like Chrome and the Splunk Platform

Customer Experience | Join the Customer Advisory Board!

Using comparison function within mstats

Search to match high temp events, but ignore speci...

splunk search statement using keyword from input b...

Ex Cisco - run a report for all DFS users who logg...

Splunk query to list all the queries that time out