Splunk Search

Community Activity

How to move values on alternating rows onto the same row in my search results? Hi, I'm using postgres regex to pull two sets of values into my search. I've got all the data I want, but it seems t... by mrfredman Path Finder in Splunk Search 04-08-2015 0 2	0	2
How do I search for events where a specific field value in a multivalue field is NOT the first value per event? Hi I extracted a multivalue field called error_number which contains all errors in each event. I would like to make ... by edrivera3 Builder in Splunk Search 04-08-2015 1 5	1	5
Get a count all events by event type that happened 24hrs before a different ending event I am trying to get counts of all certain events that happened before a user purchased on our site and so far, I am wo... by metersk Path Finder in Splunk Search 04-08-2015 1 4	1	4
how do I re-run a search that I typed in previously? hi, how do I re-run a search that I typed in previously? Thanks, by alexl1 Path Finder in Splunk Search 04-08-2015 0 5	0	5
Is it possible to have a dashboard that is populated with scheduled searches to also have the ability to specify a time range and run manual searches? Hi: This is an odd question, but it pops up every so often. Is it possible to have a dashboard that is populated with... by jeffreyjewitt Explorer in Splunk Search 04-07-2015 0 3	0	3
How to filter my search results to only return events with a field value greater than 35 and a duration of at least 10 minutes? I have a csv file indexed containing the fields "Timestamp" and "Event1" Sample data is as follows Timestamp Eve... by venkatv1520 Engager in Splunk Search 04-07-2015 0 3	0	3
how to position a column as the left most column in the statistics view I have the following search And I add this column row to show the row numbers but it positions in as the right most c... by HattrickNZ Motivator in Splunk Search 04-07-2015 0 5	0	5
How to edit my inputlookup search to find the count of unique values of FieldA per FieldB? I have the following search \| inputlookup msckpr_test_trunkgroups95_lookup_define \| stats values(TG_NAME) as TG_NAM... by HattrickNZ Motivator in Splunk Search 04-07-2015 0 3	0	3
Does Hunk support SPL? This could be a premature question and a bit hypothetical too. I have a visual analytics based webapp based on Splu... by mohitab Path Finder in Splunk Search 04-07-2015 0 2	0	2
chart percentage over over item by user Let say I have a chart that reports the count of what user has purchased what item. I can create a nice table using ... by wang Path Finder in Splunk Search 04-07-2015 0 2	0	2
How reliable is the metadata command and how can I learn more about how it works? Hello I've been using metadata command for many reports and alarms for new host added, eps and reporting status and ... by hcheang Path Finder in Splunk Search 04-07-2015 0 1	0	1
What in this search causes it to take so long? Is there any suggestions on how to improve search time on this particular search? This search literally takes 12-15 h... by hagjos43 Contributor in Splunk Search 04-07-2015 1 9	1	9
Mobile Access Server: Why can't I just access the Search & Reporting app within the Splunk Mobile App? I have the Mobile Access Server up and running. I am able to log in and view dashboards and reports. I have a basic... by jodros Builder in Splunk Search 04-07-2015 0 3	0	3
How to configure line breaking for mixed single line and multiline logs? Given the following log format, is it possible to store the consecutive GROUPED/GROUPED_DET lines into one event whil... by jamesvz84 Communicator in Splunk Search 04-07-2015 0 1	0	1
How to extract and create a field named "type" using regex "(?m)^(?P([A-Za-z])[^,]+)" and multikv in a search? I have a splunk search which has multikv and regex. index=os OR index=advantage sourcetype="nmon" \|multikv\|rex fie... by d29priyanka New Member in Splunk Search 04-07-2015 0 9	0	9
How to use field values from a search results to make a new search non related to the previous one? Hi After a search I extracted the field "test_number". Now I would like to use those extracted field values to make ... by edrivera3 Builder in Splunk Search 04-07-2015 0 1	0	1
How to write a search to output a table showing open ports by host? Hi, I'm having problems using mvfilter to filter out NULL strings. This is my search: index=nmap* \| eval state=mvf... by darthsplunk Explorer in Splunk Search 04-07-2015 2 7	2	7
How to get the details of a field value that does not appear in search results? How to get the details of field app=sencer, when it not shown in the values for the app field? by moiezuddin Explorer in Splunk Search 04-07-2015 0 5	0	5
How to Extract Fields from McAfee Vulnerability Manager The events collected from the MVM have multiline fields, I would like to extract vendor_description,vendor_observatio... by mzorzi Splunk Employee in Splunk Search 04-07-2015 0 4	0	4
Lookup led to repplication of results, why & how to avoid it? I had a query being called from my webApp which was getting XML results nicely. Query: search index="timedata" \| ... by mohitab Path Finder in Splunk Search 04-07-2015 1 2	1	2
How to join multiple child objects of a data model? We have a situation where we need to join multiple child objects of a data model. e.g. ProjectInformation (Datam... by sanjay_shrestha Contributor in Splunk Search 04-07-2015 0 1	0	1
Why am I unable to store a result into a new field using eval? Hai I tried following search: sourcetype="smaple12" OR sourcetype="sample22" OR sourcetype="sample32" Install_Mod... by vasavigangana Explorer in Splunk Search 04-07-2015 2 3	2	3
Need help gathering information from logs including first event timestamp and last event timestamp. I want to gather specific information out of unique sessions. There are 4 bits of information, I've been able to gath... by ferza Explorer in Splunk Search 04-06-2015 0 3	0	3
How to create multiple files from a single file? I’m analyzing events that may contain one or more file names. Extracting a file name when there’s only one per even... by lenafried New Member in Splunk Search 04-06-2015 0 2	0	2
Jobs not geting purged in dispatch In our dispatch directory jobs are getting purged though we didn't set any parameters explicitly,all are default only... by viswanathsd Path Finder in Splunk Search 04-06-2015 0 4	0	4

Get Updates on the Splunk Community!

Monitoring AI Agents with Splunk Observability Cloud

Let’s say I’m running a travel planning AI app in production. A user asks for three concise hotel options in ...

[Puzzles] Solve, Learn, Repeat: Tiling

This puzzle (first published here) is based on finding groups of tessellated tiles (inspired by floor tiles I ...

SOK it to Me: Top 3 Benefits of Using Splunk Operator on Kubernetes that’ll Make ...

Thursday, July 9, 2026 | 11:00AM–12:00PM PDT Duration: 1 hour (includes Q&A) Managing can feel like a ...

Splunk Search

How to move values on alternating rows onto the same row in my search results?

How do I search for events where a specific field value in a multivalue field is NOT the first value per event?

Get a count all events by event type that happened 24hrs before a different ending event

how do I re-run a search that I typed in previously?

Is it possible to have a dashboard that is populated with scheduled searches to also have the ability to specify a time range and run manual searches?

How to filter my search results to only return events with a field value greater than 35 and a duration of at least 10 minutes?

how to position a column as the left most column in the statistics view

How to edit my inputlookup search to find the count of unique values of FieldA per FieldB?

Does Hunk support SPL?

chart percentage over over item by user

How reliable is the metadata command and how can I learn more about how it works?

What in this search causes it to take so long?

Mobile Access Server: Why can't I just access the Search & Reporting app within the Splunk Mobile App?

How to configure line breaking for mixed single line and multiline logs?

How to extract and create a field named "type" using regex "(?m)^(?P([A-Za-z])[^,]+)" and multikv in a search?

How to use field values from a search results to make a new search non related to the previous one?

How to write a search to output a table showing open ports by host?

How to get the details of a field value that does not appear in search results?

How to Extract Fields from McAfee Vulnerability Manager

Lookup led to repplication of results, why & how to avoid it?

How to join multiple child objects of a data model?

Why am I unable to store a result into a new field using eval?

Need help gathering information from logs including first event timestamp and last event timestamp.

How to create multiple files from a single file?

Jobs not geting purged in dispatch

Monitoring AI Agents with Splunk Observability Cloud

[Puzzles] Solve, Learn, Repeat: Tiling

SOK it to Me: Top 3 Benefits of Using Splunk Operator on Kubernetes that’ll Make ...

How to get an extract of threshold values set in s...

how to query OCI Audit logs from Datasafe

SPLUNK ES 8.2.3 Drill Down not appearing

Using Splunk to Analyze Web Traffic & Machine-Gene...

How can i export a list of all services in APM

Splunk Search

Join the Conversation