Splunk Search

Ask a Question

Discussions

Thread Info

Count unique users visiting each url per day

Sorry for newbie question but in a real rush. I'd like to count the number of unique users per day that are visiti...

by New Member in

How to control the number of top results shown from a search in Splunk 6.1.2?

I am trying to control how many of the top results are shown. I have the following search stats max(c1693801001...

by Motivator in

How to create a report on a user, their ad-hoc and scheduled searches, and the IP that is running them?

Hi, Is there a way to run a report that shows a specific user, their ad-hoc and scheduled searches, and the ip tha...

by Champion in

Trying to calculate a percentage of results within a range against the total number of events.

This seems like it should be rather simple, but I'm simply at a loss. All I'm trying to do is: Count the total num...

by Explorer in

How to addcoltotals the percentage of StatusCodes by index?

I am using the below query to get the status codes of different applications which have one common functionality...I ...

by Path Finder in

How To Generate A Fixed Eval Field?

I have a field in search time : | eval Volume = (QuantityA + QuantityB) How can I let this automatic, so I can...

by Contributor in

How to edit my search to display millisecond data for timechart?

Hello everyone, I assume this is a real beginner question, but I must have made a mistake in my way of operating d...

by Explorer in

How to extract and separate 2 fields from my sample data?

Hello, I have this field in a WindowsEvent sourcetype in SPLUNK under the name "unparsed_message" and it contains ...

by Path Finder in

Search for the biggest number in a field

I've got a long csv and extracted the fields. Now in one field, there's more than one information. Depending on how m...

by Explorer in

How to set up an alert to trigger when a site has multiple versions?

I have a table that shows something like this: Site X V 1.1 V 1.2 V 1.3 ...

by Path Finder in

Where should I configure settings for Splunk DB Connect in a search head clustering environment?

Hi, I am testing out SHC, and have a question on how DB Connect works with it. Where should I set the settings - i...

by Champion in

Why data that was searchable yesterday can no longer be found today?

We're currently running Splunk Enterprise 6.1.2. A few times in the past few months, we've run into a problem wher...

by Explorer in

graph only cumulative data with timechart and streamstats

I've found this on the Splunk wiki that gives great examples on how to graph several sources and their cumulative tot...

by Path Finder in

How to replace column values in a CSV with static text?

Hi, I have a CSV file as shown below: PARAMETER VALUE param1 val1 param4 val2 param2 val3 param1 ...

by Builder in

how do I trim a url to match a static csv?

Im trying to create a search that will check the proxy logs for any URL hits that match a static list of URLs in a cs...

by Path Finder in

Why does a line graph not show data for the current month in my dashboard?

is there a XML setting i do not know about because bar graphs show the current month stats and when i pic line, they ...

by Contributor in

How To Create a Date Chart Per Source?

I have a dynamic field that is the length of an event, it's currently generated by the eval length = (end_time - star...

by Contributor in

How to correct my regex to extract multiple KB number occurrences in a windowsupdate.log, not just the first?

I'm using the following regex to extract KB numbers in the windowsupdate.log | rex "\((?<KB>KB\d+)\)" It works...

by Contributor in

How to troubleshoot why props.conf field extractions are not being applied?

So I've been having a difficult time with doing field extractions and not getting the results I expect. In a single i...

by Contributor in

Domain/URI regex

Hi, I am kind of new to regex and trying to figure out how to construct a regex to match pattern from the web access ...

by New Member in

Intersect not working properly?

Hi all, I have an intersect search which tries to intersect two search queries with a field. This is the command: ...

by Path Finder in

Why am I getting "Unknown search command ..." when trying to run a macro form the Java SDK?

We have a macro set up under 'Advanced search » Search macros', it takes 3 parameters (host, neighborIP, days). To ru...

by Engager in

timechart overlay multiple strings

I want to search 2 strings in log file, like "A string" & "B String", A string should be treated as successful and B ...

by New Member in

List top values in field b for different values in field

Hi, given the following columns c1, c2 and time c1 c2 time a 1 10.01 a 2 10.02 a 3 10.03 b 4 10.04 ...

by Path Finder in

Field names in lookup search do not match field names in csv

I have a lookup file that is recreated daily and the last field is the current date. item id 2015-03-08 item1 1 i...

by Builder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Count unique users visiting each url per day

How to control the number of top results shown from a search in Splunk 6.1.2?

How to create a report on a user, their ad-hoc and scheduled searches, and the IP that is running them?

Trying to calculate a percentage of results within a range against the total number of events.

How to addcoltotals the percentage of StatusCodes by index?

How To Generate A Fixed Eval Field?

How to edit my search to display millisecond data for timechart?

How to extract and separate 2 fields from my sample data?

Search for the biggest number in a field

How to set up an alert to trigger when a site has multiple versions?

Where should I configure settings for Splunk DB Connect in a search head clustering environment?

Why data that was searchable yesterday can no longer be found today?

graph only cumulative data with timechart and streamstats

How to replace column values in a CSV with static text?

how do I trim a url to match a static csv?

Why does a line graph not show data for the current month in my dashboard?

How To Create a Date Chart Per Source?

How to correct my regex to extract multiple KB number occurrences in a windowsupdate.log, not just the first?

How to troubleshoot why props.conf field extractions are not being applied?

Domain/URI regex

Intersect not working properly?

Why am I getting "Unknown search command ..." when trying to run a macro form the Java SDK?

timechart overlay multiple strings

List top values in field b for different values in field

Field names in lookup search do not match field names in csv

Tech Talk Recap | Mastering Threat Hunting

Observability for AI Applications: Troubleshooting Latency

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

In Splunk studio, is it possible to populate a tex...

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

Splunk Search

Are you a member of the Splunk Community?

Discussions