Splunk Search

Discussions

Thread Info

Count of hosts

I have a search: index="proxy" ([|inputlookup proxy.csv|rename site as query | fields query] ) NOT www.google.com | s...

by Path Finder in

REX / REGEX question

Hi all, I am new to splunk. I am trying to extract a field from a line in a record where the field will always begin ...

by Engager in

Percentage in range - numeric search?

I have a field extraction that comes back with the literal values of 'X%'. Note that the % is part of the value retur...

by Path Finder in

replace with a where clause on a null field

I seem to be having a syntactical error that I can't resolve in splunk 6.1 when I have about 3 fields that may have u...

by Contributor in

use Rex to extract second IP address from message text

I am trying to extract the IP address from the field below, I can extract the first but am not sure how to extract th...

by Explorer in

host regex does not seem to work

Hello all, I am new to Splunk and I am currently evaluating 6.1. We collect logs from a bunch of devices (routers...

by Explorer in

Clarification on the search in Form

Hi, A form was created using simple XML containing two components as two text boxes named as Filename and Status.When...

by Path Finder in

How to filter data quickly

Hi! I would like to get advice for search command. I have a search that looks like below. index=A | MySearch...

by Communicator in

Lexicographic comparison of version strings?

I have version strings in my log output, and I'd like to filter on these, like | where version < 2.3.5 But Spl...

by Engager in

Timechart avg values looking odd.

I see values like this when I do |table _time Value . 2014-05-26 16:30:28 48.438430017856341 2014-05-26 16:30:...

by Motivator in

Calculating Kill / Death ratio in a game

I'd like to calculate K/D ratio for the game Insurgency. I have two searches that can calculate #kills and number ...

by Splunk Employee in

Return values from map command?

So I have a function which takes a certain amount of time (timer_value) and I'm trying to create an alert that trigge...

by New Member in

Sort fields by date

Hello There , Basically I have some dates in this format : 01/13 700 02/13 600 ... 01/14 500 I use these f...

by New Member in

Grouping the data row based

HI All, I need to group the data row based my table looks like this. Table: DBName Region Dag count DB1 U...

by Contributor in

Database lookup not returning all matches

I have created a database lookup and have changed the maximum matches in the lookup defintion to 100, but only 1 matc...

by Builder in

XPATH functions

Hi there, Can we use the XPATH functions like fn:distinct-values(//NodeName) in Splunk XPATH command. I tried it b...

by Path Finder in

How to extract event raw size just like linecount

I frequently use the length of the raw data - more often than readily extracted fields punctuation and linecount I...

by Path Finder in

Transaction function not working with dbquery

Hi All, I tried using the transaction function on the output of a DB Connect |dbquery and it keeps showing no resu...

by Explorer in

Eval search help... can't seem to get it right.

Hello, I am somewhat new to splunk but I am having issues creating a table for a search I am doing and I need assi...

by New Member in

How to improve django template search performance

Created a django app to display some transaction history detail in a tabular format. But when the template is accesse...

by New Member in

DMP files are killing my drive!!

Every 10 min DMP files and the text document are being created on my drive: C__Program Files_Splunk_bin_splunkd_ex...

by Explorer in

Creating new Field Extractions

I have a set of log data in Splunk Search app contained in source=sampledata,sourcetype=sample. field1,field2,field3 ...

by Communicator in

Create one field from many, even when some fields don't exist

Ok, so I understand how to eval something like this: index=mystuff | eval NewBigField=firstname + "-" + lastn...

by Builder in

streamstats confusion

Having some trouble with streamstats. I need to be alerted, once, at the time when a logical drive becomes less t...

by Path Finder in

Clarification on xmlkv command

Hi, I have a set of logs in xml format.Since the logs are xml formatted xmlkv command was used .As per the proper...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Count of hosts

REX / REGEX question

Percentage in range - numeric search?

replace with a where clause on a null field

use Rex to extract second IP address from message text

host regex does not seem to work

Clarification on the search in Form

How to filter data quickly

Lexicographic comparison of version strings?

Timechart avg values looking odd.

Calculating Kill / Death ratio in a game

Return values from map command?

Sort fields by date

Grouping the data row based

Database lookup not returning all matches

XPATH functions

How to extract event raw size just like linecount

Transaction function not working with dbquery

Eval search help... can't seem to get it right.

How to improve django template search performance

DMP files are killing my drive!!

Creating new Field Extractions

Create one field from many, even when some fields don't exist

streamstats confusion

Clarification on xmlkv command

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions