Splunk Search

Discussions

Thread Info

Return the Field Name from a Common Value Across Sourcetypes

If I do a search like this: index=* sourcetype=* host=* 1.1.1.1 And I get millions of responses from dozens of ...

by Communicator in

Limited Search to 2 Categories

The search below is taking anything that contains IBC Allow in the category and repurposing it to a new Category. Onl...

by Engager in

lookup table mappings configuration and sample request

Can you please tell us how to setup the lookup table for the below case, We have indexed log like below pattern an...

by Builder in

can i hide and show the modules ??

Hi.. I have created a advanced xml with certain no of modules in it.can i hide the modules and display when ever i...

by Motivator in

LDAP lookup shell script inside python wrapper not executing in Splunk search

I have a proxy that logs to my SPLUNK and send it an information (userid). With that information I need to search my ...

by Path Finder in

Help with regex to extract field "failure" and add to field called "error"

Can anyone help me with a regular expression for an extraction please? Need to extract "failure" from below and ad...

by Path Finder in

How to update app with deployment server without overwriting current csv files?

I have an app that updates a lookup table from a saved search each night. The app is going to be updated periodically...

by Explorer in

How to add values and count of a field and use them in a stats command?

Hi Splunkers I need some assistance with a search. I need to add the values of a Field and then use them in a stat...

by Path Finder in

Splunk hangs browser doing simple search with ERROR StreamGroup log entry

Here is the log entry from splunkd.log: 12-23-2013 11:47:26.478 -0500 ERROR StreamGroup - Dumping contents of file...

by Explorer in

How to graph keep-alive timers from tcpdump

I am trying to use Splunk to monitor the time between keep alives between servers. The data has been captured using t...

by New Member in

Is there a way to put eval into a file to be called up as a function?

For various dashboards and whatnot, I have a particular eval that I use quite a bit over a couple of calculated field...

by SplunkTrust in

How many people login with the same IP in the same hour using stats?

Hi, I have a problem with "stats count by" command. I have login, ip and hour. I want to know how many people have...

by Engager in

Adding a column to a daily stats chart that adds up multiple fields

I have a simple stats chart that shows a daily total with 6 fields. I would like to add a column that adds 3 of those...

by Path Finder in

How to search and table IP addresses to see which ones are active?

Hello, I am trying to do a complex search for almost 500 IP addresses to see which ones are active. My query looks li...

by Explorer in

Problem with fields extractions using configuration files

Hello, I'm creating an add-on that sets a data source and fields extractions. First, I modify inputs.conf to set ...

by Explorer in

Use field result from one search to perform another search?

So I've searched the Splunk answers over and over, and read up on subsearches, but I must not be getting something qu...

by Path Finder in

Do newly added tags get updated for already indexed data or only new incoming data?

Hello All, Does the newly added tags get updated for already indexed data OR it applies for new in-coming data? ...

by Contributor in

Timechart count with split-by not adding up

I have 191 events logged for a specific day. When I do a timechart span=1d count I get count of 191...

by Explorer in

Share a search for multiple widgets in a Dashboard

Hi. I want to create a Dashboard containing several widgets that mainly, are views of the same set of information ...

by Engager in

avg value of a field based on the range of another field

Logs : Size ExecValue 3 400 4 200 13 150 2 300 Output: Size avg(ExecValue) ...

by Engager in

percent of sum over total elapsed time

I'd like to write a report in Splunk that would give me sum(downTimeInSec) as a percentage of total time, 3 days. ...

by Engager in

How to set up search to generate CEF format log from syslog using Real Time Output App?

Hi I am trying to use Real Time Output App to generate CEF format log from syslog but not getting the clue how I ...

by New Member in

Lookup limits

We have a CSV table from where we perform lookups. The CSV file has nearly 50000 rows. When I run the lookup query, r...

by Communicator in

Chart element majorTickVisibility value has no effect

Trying to customize line's chart 'extras' display and cannot get rid off major/minor ticks. Documentation states t...

by Path Finder in

Delta of overflowing counter for Bandwidth measurement

Hey there, today seems for me like the morning of many questions. So I have an other problem: I want to measu...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Return the Field Name from a Common Value Across Sourcetypes

Limited Search to 2 Categories

lookup table mappings configuration and sample request

can i hide and show the modules ??

LDAP lookup shell script inside python wrapper not executing in Splunk search

Help with regex to extract field "failure" and add to field called "error"

How to update app with deployment server without overwriting current csv files?

How to add values and count of a field and use them in a stats command?

Splunk hangs browser doing simple search with ERROR StreamGroup log entry

How to graph keep-alive timers from tcpdump

Is there a way to put eval into a file to be called up as a function?

How many people login with the same IP in the same hour using stats?

Adding a column to a daily stats chart that adds up multiple fields

How to search and table IP addresses to see which ones are active?

Problem with fields extractions using configuration files

Use field result from one search to perform another search?

Do newly added tags get updated for already indexed data or only new incoming data?

Timechart count with split-by not adding up

Share a search for multiple widgets in a Dashboard

avg value of a field based on the range of another field

percent of sum over total elapsed time

How to set up search to generate CEF format log from syslog using Real Time Output App?

Lookup limits

Chart element majorTickVisibility value has no effect

Delta of overflowing counter for Bandwidth measurement

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

Using splunk-sdk in user-defined functions in Spar...

Verification of SAML assertion using IDP's cert fa...

ジョブを消しても復活する現象について

splunk threat intelligence taxii data

Splunk DB connect add-on InfluxDB 2.6