Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Splunk Search
Splunk Search
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | I would like to suppress all messages in the search app. It would be nice to be able to suppress then by role so tha... by rmorlen Splunk Employee  in Splunk Search 04-02-2015 3 5 | 3 | 5 | |
| | Hey guys, I am trying to create a custom search which the question directly states. How would I go about doing that?... by splunkman341 Communicator in Splunk Search 04-01-2015 0 5 | 0 | 5 | |
| | Hi: I am looking at having greater control over our indexes. The problem I have, is that there are tons of searches ... by jeffreyjewitt Explorer in Splunk Search 04-01-2015 0 1 | 0 | 1 | |
 | I have 4 basic web services (I'll add more later) which are called throughout the day. My CalculateTax web service is... by skoelpin SplunkTrust  in Splunk Search 04-01-2015 0 5 | 0 | 5 | |
| | I have a query that tells me the count of unique devices running a particular software version (major.minor.release.b... by dbendixen Explorer in Splunk Search 04-01-2015 1 2 | 1 | 2 | |
| | Hi there. Trying to join a few .ai file (created in Adobe Illustrator) to my query in Microsoft Query i get the follo... by Helna Engager in Splunk Search 04-01-2015 0 2 | 0 | 2 | |
| | 0 | 1 | ||
| | Hi, If i wish to find out the duration for the first event and the last event in hour, minutes and second, what would... by newbiesplunk Path Finder in Splunk Search 04-01-2015 0 1 | 0 | 1 | |
 | I have some XML data broken down into events that have multiple child attributes that share the same name but are dis... by bwheelock Path Finder in Splunk Search 03-31-2015 0 7 | 0 | 7 | |
 | I am using this search to get license use over 30 days index="summary_indexers" | timechart partial=f span=1d sum(k... by hartfoml Motivator in Splunk Search 03-31-2015 1 3 | 1 | 3 | |
| | I have created a dashboard with hourly sum(added) values for all users. In the dashboard I want to give the option of... by sushmitha_mj Communicator in Splunk Search 03-31-2015 0 5 | 0 | 5 | |
| | Hi all, I'm getting events like this: time=11111 file=aaaa time=11111 file=bbbb time=11111 file=cccc time=11111 fil... by andreas_roth Engager in Splunk Search 03-31-2015 0 3 | 0 | 3 | |
| | Hi, I am writing a search: timechart span=1h sum(Bytes) AS "MBytes " In the same search, I want it to return Mb ... by sundaresh83 Explorer in Splunk Search 03-31-2015 1 9 | 1 | 9 | |
| | Hi, I am working on a distributed splunk environment. I have created an app and a separate indexer for this app to l... by sushmitha_mj Communicator in Splunk Search 03-31-2015 2 5 | 2 | 5 | |
| | I'd like to understand the mathematical meaning of the below search on documentation. Is this my understanding right ... by Shisa Explorer in Splunk Search 03-31-2015 0 1 | 0 | 1 | |
| | Hi everyone, I have this search: index=main sourcetype=WinEventLog:Security | eval Logon_failur = case((EventCode... by Federica_92 Communicator in Splunk Search 03-31-2015 0 5 | 0 | 5 | |
| | I have 2 searches index=test field1=abc field2=xyc | stats dc(field3) as Devices and index=test field1=abc field2... by jmonroe516 Engager in Splunk Search 03-31-2015 1 2 | 1 | 2 | |
 | So I'm working on a new App, one that generates summary data based on eventtypes and fields. The summary data looks l... by alacercogitatus SplunkTrust in Splunk Search 03-31-2015 1 1 | 1 | 1 | |
| | Hi, Im currently building a dashboard and one of my search strings is the one below. I currently see the values GPS ... by robertspeckmann Explorer in Splunk Search 03-31-2015 0 9 | 0 | 9 | |
| | Hi all, just getting started and trying to get something together quickly to show management so forgive asking what i... by chriselst Engager in Splunk Search 03-31-2015 0 1 | 0 | 1 | |
| | I have a timechart with the Duration average (ca. 16ms) per second. timespan is 4s, the timechart itself is over 1 h... by hofer Explorer in Splunk Search 03-30-2015 1 2 | 1 | 2 | |
| | Hi everyone, I need your help. My current search is like this: index="ihs_test" uri_path="*.jhtml" OR uri_path="*.... by dovelsh12223621 Path Finder in Splunk Search 03-30-2015 0 2 | 0 | 2 | |
| | I have 3 tables. I want 2 things here: a) Click on Source 1, in Table 1, and Table 2 should show up b) Click on Sour... by kshanky143 Path Finder in Splunk Search 03-30-2015 1 2 | 1 | 2 | |
| | I currently have a dashboard with 24 panels on it. I went ahead and set each report/panel to accelerated and also put... by skoelpin SplunkTrust in Splunk Search 03-30-2015 0 4 | 0 | 4 | |
 | Hi, For query (SEVERE OR exception OR CRITICAL OR "[error]")|rex field=_raw "(?^\d\d-\w\w\w-\d\d\d\d\s\d\d:\d\d:\d\... by lim2 Communicator in Splunk Search 03-30-2015 0 4 | 0 | 4 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Become An Expert
Top Labels
-
administration
3 -
alert action
3 -
alert condition
2 -
Analytics Workspace
2 -
authentication
1 -
chart
943 -
Classic dashboard
1 -
configuration
2 -
correlation search
1 -
count
1,003 -
Dashboard Studio
3 -
data
3 -
data model
1 -
development
6 -
distributed search
1 -
drilldown
1 -
email
1 -
eval
2,608 -
field extraction
2,017 -
fields
2,061 -
host
1 -
index
4 -
indexer
2 -
inputs.conf
1 -
intermediate forwarder
1 -
introduction
5 -
join
1,058 -
JSON
2 -
Linux
2 -
login
1 -
lookup
1,565 -
metadata
307 -
monitoring console
2 -
other
151 -
panel
2 -
PDF
1 -
Python
1 -
regex
1,497 -
report acceleration
2 -
rex
1,246 -
SAML
1 -
saved search
5 -
scheduled search
4 -
scripted input
1 -
search
2 -
search head
3 -
search job inspector
681 -
search peer
1 -
simple XML
1 -
source
1 -
sourcetype
4 -
Splunk Web Framework
1 -
splunk-assist
1 -
splunkd
1 -
stats
3,558 -
subsearch
1,721 -
summary indexing
4 -
table
1,750 -
time
1 -
timechart
1,156 -
transaction
451 -
transforms.conf
1 -
troubleshooting
8 -
tstats
566 -
universal forwarder
5 -
using Splunk Cloud
2 -
using Splunk Enterprise
13 -
Windows
3
- « Previous
- Next »
Get Updates on the Splunk Community!
Stay Connected: Your Guide to January Tech Talks, Office Hours, and Webinars!
What are Community Office Hours?
Community Office Hours is an interactive 60-minute Zoom series where ...
[Puzzles] Solve, Learn, Repeat: Reprocessing XML into Fixed-Length Events
This challenge was first posted on Slack #puzzles channelFor a previous puzzle, I needed a set of fixed-length ...
Data Management Digest – December 2025
Welcome to the December edition of Data Management Digest!
As we continue our journey of data innovation, the ...
