Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Splunk Search
Splunk Search
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | Hi My search : index="abc" (source="tac.log" DebugLevelSrc=xxx "*ccc*") OR (source="crt.log" DebugLevelSrc=xxx "*... by prad18 Path Finder in Splunk Search 10-13-2014 1 4 | 1 | 4 | |
| | Hello everybody, I have a question that might have been responded before but I have a log file from a server that lo... by juancarlos_pola Explorer in Splunk Search 10-13-2014 0 3 | 0 | 3 | |
| | I hope someone can point me in the right direction because I really need help. SPL transforms are anything but easy a... by jtelep New Member in Splunk Search 10-13-2014 0 1 | 0 | 1 | |
| | Hi. We are trying to create a dashboard in which all the panels use the same information about the current (real tim... by arturoduran Engager in Splunk Search 10-13-2014 0 1 | 0 | 1 | |
| | HI All, Im have a search and its working great for calculating averages based on the domain, the problem is that I w... by brywilk_umich Path Finder in Splunk Search 10-13-2014 0 6 | 0 | 6 | |
 | I know I can override the default bins=100 in any particular search. Is there any way to set something slightly high... by Richfez SplunkTrust  in Splunk Search 10-13-2014 1 2 | 1 | 2 | |
| | I'm looking to change the format of the useful duration tool from seconds to hours. I found out how to do this via so... by Splunkster45 Communicator in Splunk Search 10-13-2014 2 4 | 2 | 4 | |
| | Hello guys, I installed hunk and followed its tutorial. I have checked the HDFS location and it seems fine. Hadoop v... by rameez Engager in Splunk Search 10-13-2014 0 1 | 0 | 1 | |
| | My actual search sourcetype="xyz" Operation=q | eval msg=if(Status == "fail",[search sourcetype="xyz" Operation="p" ... by tehale New Member in Splunk Search 10-13-2014 0 1 | 0 | 1 | |
 | I have some conditions for each search as follows: Search A index=users Channel=40 | eval Token = User."-".Channel... by vtsguerrero Contributor in Splunk Search 10-13-2014 0 10 | 0 | 10 | |
| | I have a set of URLs in a log like so: url1:"POST /stuff/test/" url2: "GET /stuff/test-type?" url:3"POST /stuff/tes... by atanasmitev Path Finder in Splunk Search 10-13-2014 0 2 | 0 | 2 | |
| | Hi All, we had configured splunk to get the perfmon counter data from server (every 5mins). The counter value gets r... by rsathish47 Contributor in Splunk Search 10-12-2014 0 2 | 0 | 2 | |
| | I've got users using 2 apps that I'm pulling from, and I'm looking at login reports. Given that the users have unique... by Cox_JoshS Explorer in Splunk Search 10-12-2014 1 4 | 1 | 4 | |
| | I have 26 days of events (Monday 9/15 through Friday 10/10) piped to a timechart span=7d. I'd like to have 3 buckets... by ruman Splunk Employee  in Splunk Search 10-11-2014 2 13 | 2 | 13 | |
| | Comparing regex strings... Log format: Thu 08/07/2014, 6:41:59.97,USERA,TERM1,XXXX-YYYAPP65-5 Thu 08/07/2014, 6:42... by NK_1 Path Finder in Splunk Search 10-11-2014 1 7 | 1 | 7 | |
| | In a lookup file, how can I configure more than one time-based fields (ex. start_date, update_date, expire_date)? W... by boris Path Finder in Splunk Search 10-11-2014 6 1 | 6 | 1 | |
| | I have an event with the field SRT and value as show below. SRT="0|0|NA1|FB1|FE2|FE0|FR1|IR2|FE3|FR1|IR3|FD1|ID21|FE... by ben_leung Builder in Splunk Search 10-10-2014 0 2 | 0 | 2 | |
| | Does this work? When my lookup table is updated every hour via a separate search, is my real-time search using that n... by thisissplunk Builder in Splunk Search 10-10-2014 0 4 | 0 | 4 | |
| | Hi I´m trying to create a search that basically count the number of unique UserId generated over a certain time in t... by Norling80 Path Finder in Splunk Search 10-10-2014 0 2 | 0 | 2 | |
 | I have exactly 7 spaces randomly in each line of my data such as below and I would like to trim exactly these number... by ishugupta Path Finder in Splunk Search 10-10-2014 0 2 | 0 | 2 | |
| | We are using the Juniper SA app, however I am trying to create a dashboard that will show a chart of unique VPN users... by casey18cc Explorer in Splunk Search 10-10-2014 0 2 | 0 | 2 | |
| | When input length exceeds a certain threshold, it seems that some rex match will fail while others do not. Consider ... by yuanliu SplunkTrust in Splunk Search 10-10-2014 1 2 | 1 | 2 | |
| | source="dbmon-tail://idwarehouse/idw_account" application=TFAYD [|inputlookup execSSO.csv |rename sso as owner] |eval... by siraj198204 Explorer in Splunk Search 10-10-2014 0 32 | 0 | 32 | |
 | The query is as follows: index="inverntory" source="s1" UUID="C64" | join UUID [search index="inverntory" source="s1"... by kelvin56887 Explorer in Splunk Search 10-10-2014 0 3 | 0 | 3 | |
| | I can't return _raw data from subsearch as below , but i can find this raw data if i use it in separate main search .... by anilchauhanmanu Explorer in Splunk Search 10-10-2014 1 4 | 1 | 4 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Become An Expert
Claim a $25 Cisco Store Gift Card
Help us improve the Splunk Community and complete our survey today!
Top Labels
-
administration
3 -
alert action
3 -
alert condition
2 -
Analytics Workspace
2 -
authentication
1 -
chart
943 -
Classic dashboard
1 -
configuration
2 -
correlation search
1 -
count
1,002 -
Dashboard Studio
3 -
data
3 -
data model
1 -
development
6 -
distributed search
1 -
drilldown
1 -
email
1 -
eval
2,606 -
field extraction
2,013 -
fields
2,055 -
host
1 -
index
4 -
indexer
2 -
inputs.conf
1 -
intermediate forwarder
1 -
introduction
5 -
join
1,056 -
JSON
2 -
Linux
2 -
login
1 -
lookup
1,557 -
metadata
307 -
monitoring console
2 -
other
132 -
panel
2 -
PDF
1 -
Python
1 -
regex
1,497 -
report acceleration
2 -
rex
1,245 -
SAML
1 -
saved search
5 -
scheduled search
4 -
scripted input
1 -
search
2 -
search head
3 -
search job inspector
679 -
search peer
1 -
simple XML
1 -
source
1 -
sourcetype
4 -
Splunk Web Framework
1 -
splunk-assist
1 -
splunkd
1 -
stats
3,552 -
subsearch
1,717 -
summary indexing
4 -
table
1,746 -
time
1 -
timechart
1,155 -
transaction
451 -
transforms.conf
1 -
troubleshooting
8 -
tstats
564 -
universal forwarder
5 -
using Splunk Cloud
2 -
using Splunk Enterprise
13 -
Windows
3
- « Previous
- Next »
Get Updates on the Splunk Community!
Splunk Enterprise Security(ES) 7.3 is approaching the end of support. Get ready for ...
Hi friends!
At Splunk, your product success is our top priority. With Enterprise Security (ES), we're here ...
Splunk Enterprise Security 8.x: The Essential Upgrade for Threat Detection, ...
Watch On Demand the Tech Talk, and empower your SOC to reach new heights!
Duration: 1 hour
Prepare to ...
Splunk Observability for AI
Don’t miss out on an exciting Tech Talk on Splunk Observability for AI!Discover how Splunk’s agentic AI ...
