Splunk Search

Discussions

Thread Info

showing max and min value along with line chart

How to show a max value and min value along with line chart in Splunk dashboard. Currently splunk dashboard has a lin...

by Explorer in

Which search commands use MapReduce and which don't?

Is there a list published someplace? Or a rule? Thanks!

by New Member in

Why isn't my lookup working?

Lookup file testing.csv looks a bit like user,username 1234,bob 2345,jim 3456,mary In props.conf I have [we...

by Path Finder in

Finding substrings

When searching for index=myindex exception I only get events with the text "exception" surrounded by term sepa...

by Ultra Champion in

Request: Lookup Search Ability

It would be very convenient to be able to see all of the dashboards in which a lookup is being used - that way if I w...

by Path Finder in

Field-Extraction

I have a some data I am attempting to extract and then do lookups on. I am attempting to extract the FID number, whic...

by Motivator in

How to aggregate data from CSV file in Splunk Chart?

Hi guys, I have CSV file with following structure, TicketNumber,OpenDate 1,date1 2,date1 3,date1 4,date2 5,date...

by Explorer in

How do you extract timestamp in Mysql database column?

Hi splunkers, I am collecting data using dbconnect and I am studying about this application, then I installed mys...

by Communicator in

Updated lookup tables not reflected in the UI

After updating some lookup tables that define a server, its alias, and the environment it is apart of (stage, dev, pr...

by Path Finder in

Display all enabled user event without a corresponding create event and mark the time

Hello everybody, I'm trying to figure out the following problem - "Display all enabled user event without a corres...

by Engager in

Regex for extraction between text and second comma

I am working on a field extraction. I have created an extraction that pulls the field I want but I need it to pull ev...

by Path Finder in

Regex works inline search but not as field extraction...

I have a regex I am using to extract exception from a java stacktrace to get for error analysis. It would be much bet...

by Builder in

Using Transaction on one to many relationship data

I have following data from a log file and I am trying to create a Report on Splunk site. 2014-07-08 16:09:55.96647...

by Engager in

Is there a way to add a "country" field to logs based on their ip address

Hi, Obviously ip addresses can be pushed onto a world map. However, I'd like to create reports Split by country sp...

by Path Finder in

Automatic lookup on eventtype not working - same lookup works inline

I am working on a way to bucket java stacktraces and assign numbers to those signatures... lookups seem an obvious ch...

by Builder in

How to find the number or days between a fixed date and Today date

Hello Experts, Here's our requirement: We are performing an auto repair process based on the Splunk output. The go...

by Motivator in

New line with count eval match

Hi, I did a search of search engine bots and divide them by number and take their total calls. This one is for go...

by Explorer in

loadjob Encountered an error while reading file '/opt/splunk/var/run/splunk/dispatch/scheduler[...]/results.csv.gz'

Hello, I'm using Splunk 6, I have an issue when I want to load a basic savedsearch with the command line below : ...

by Path Finder in

search by linecount last 1 million lines.

how can i search only last 1 million lines of 4 million lined total log file?

by Explorer in

Subsearch calculating average of hits and showing list of values higher than the average?

I am trying to make a subsearch which calculates the avg of the hits . And showing the list of higher value than the ...

by Communicator in

calculate duration of multiple seperate log lines

Sometimes a single connection is interrupted in the logs, becoming two lines. (Lines 2 and 5) and sometimes the exact...

by Path Finder in

Search result based on max(field)

Log format ServiceName,ResponseTime,RequestTime,TransactionId Service1,10,12,12345 Service2,5,8,12346 Service2,7,3...

by Path Finder in

REGEX not working in transforms.conf

Here is my event: Contact=" (Contact){ Id -- '123' Email -- 'johnny@gmail.com' Name -- 'Johnny blah' Phone -- '333...

by Splunk Employee in

extract URI_Stem and combine based on lowest path

Hey all I have some IIS extractions that are pulling the field cs_uri_stem from my IIS 7.0-8.0 logs. I am tryi...

by Explorer in

Why search query not working ?

I am not able to run any search query and getting following error. Splunkd daemon is not responding: ('Error conne...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

showing max and min value along with line chart

Which search commands use MapReduce and which don't?

Why isn't my lookup working?

Finding substrings

Request: Lookup Search Ability

Field-Extraction

How to aggregate data from CSV file in Splunk Chart?

How do you extract timestamp in Mysql database column?

Updated lookup tables not reflected in the UI

Display all enabled user event without a corresponding create event and mark the time

Regex for extraction between text and second comma

Regex works inline search but not as field extraction...

Using Transaction on one to many relationship data

Is there a way to add a "country" field to logs based on their ip address

Automatic lookup on eventtype not working - same lookup works inline

How to find the number or days between a fixed date and Today date

New line with count eval match

loadjob Encountered an error while reading file '/opt/splunk/var/run/splunk/dispatch/scheduler[...]/results.csv.gz'

search by linecount last 1 million lines.

Subsearch calculating average of hits and showing list of values higher than the average?

calculate duration of multiple seperate log lines

Search result based on max(field)

REGEX not working in transforms.conf

extract URI_Stem and combine based on lowest path

Why search query not working ?

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions