Splunk Search

Discussions

Thread Info

Is it possible to use commands like makemv or nomv in data models?

Is it possible to use the commands like makemv or nomv in data models? I am using regular expressions while building ...

by Explorer in

How to block the unusual url

Hi team, I want to block unusual Url... could please suggest query for that Example www.abcd.com www.ykui.com ...

by New Member in

How to find the duration of overlapping transactions

Ok, I have two or more transactions like this: Host:abc123_01 start:08:00 end:10:00 Host:abc123_02 start:09:05...

by Path Finder in

How can I convert a naive timechart command to an efficient one?

The following works fine for me - sourcetype=<sourcetype> index=<index> | timechart span=1d count How can I ...

by Ultra Champion in

How to group rows together in a table and calculate the sum for each group?

Hi, I need to create table as shown in this screenshot: I have written this search for that: index=em7_srm_sum...

by Path Finder in

How to combine two fields in a subsearch and return them together

Hey guys, I have the next query: index=idx_rtd_prc sourcetype=rbt_rtd_src_type TIPO_ENTIDAD=PROVISION_COMISION MON...

by New Member in

How to use the where command

source="mhn-splunk.log" | where dest like "88ea2fb8-b579-11e7-8239-ce584c37994e" replace 127.0.0.1 WITH 37.139.29.33 ...

by Engager in

Issues with Case statement

I have reviewed a number of already answered questions related to case statements but none that seem to address the i...

by Explorer in

Counting duplicate values

Situation : I have fields sessionId and personName. This session ID has many-to-may mapping with personName. Need ...

by Explorer in

Regex field extraction question

Hi I have this log format for extracting Sep 01 09:55:11 @ipdest HSL: @ip1:port1 <-> @ip2:port2 | @ip3:port3 <-...

by Explorer in

Splunk removes all items from chart apart from OTHER

I have a timechart that shows timechart span=5s fixedrange=f limit=20 perc90(time_taken) by request over 70 m...

by SplunkTrust in

How to filter columns in a search query splunk

Hi Guys, I have a simple question. I have a search query, and it basically outputs lots of fields. Is there a way ...

by Path Finder in

Search for a random IP then place it in a variable

Currently I have many logs in most of which there are random IPs. I want to perform e search which will filter al...

by Explorer in

How to set time frame for base search as 30 minute interval?

Hi Everyone, Need your help in order to resolve issue. I need time frame for the base search of my dashboard as...

by Path Finder in

How to replace the value when another field has "error"?

If the "delta_value" is more than 2 then I'd like to replace the value1 to "error" Raw data No, _time, value1, de...

by Splunk Employee in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Is it possible to use commands like makemv or nomv in data models?

How to block the unusual url

How to find the duration of overlapping transactions

How can I convert a naive timechart command to an efficient one?

How to group rows together in a table and calculate the sum for each group?

How to combine two fields in a subsearch and return them together

How to use the where command

Issues with Case statement

Counting duplicate values

Regex field extraction question

Splunk removes all items from chart apart from OTHER

How to filter columns in a search query splunk

Search for a random IP then place it in a variable

How to set time frame for base search as 30 minute interval?

How to replace the value when another field has "error"?

What’s New in Splunk Cloud Platform 9.1.2308?

Index This | Why do they call it hyper text?

State of Splunk Careers 2023: Career Resilience and the Continued Value of Splunk

Users with the same roles, in the same app, and sa...

auto_generated_pool_download-trial

Automatic lookup during data ingestiont (Splunk cl...

Working with OpenTelemetry Cumulative Histogram Bu...

Better PDF report visualization