Splunk Search

Discussions

Thread Info

Response Time search with a additional calculation

Hi there Splunkers I need some assistance with a search. We are calculating the response time between transactions...

by Path Finder in

Plot Avg, Std Dev and Data on the same Chart

Hi, I realize there are a number of ways to approach putting multiple values in a time chart, but I'm not sure how be...

by Communicator in

iplocation is available in version 5?

According to this link, iplocation command is available in version 5.0. I'm not sure if this is incorrect or if my in...

by Champion in

get total results per client per item for the last 7 days

I would like to create a panel that displays in a table a historical records of counts for the last 7 days. The total...

by Path Finder in

visualization of iis logs

hey! i indexed the iis logs. when i type in the search field sourcetype=iis, i see a lot of information in text form....

by New Member in

Get the last Json Inserted document

I have an Index where i store huge Json documents. I want the last document inserted which contains the latest state....

by Path Finder in

column chart : How can we create a chart with three fields?

Hello, I have a question about a timechart creation. I want to create a columns chart. My search is : tag::sour...

by Communicator in

regex difficulty with host / path discrimination

I have a log file that has the host as either an IP address OR a FQDN. This is easy, right. Nope. The format can be: ...

by Communicator in

sum function with conditions

Hey there, I am trying to get stats for one of our OpEx metrics Working query : index=summary source="c:\\users...

by Motivator in

Joining Searches for Authentication Times

So I have two searches; one for the client_vpn_asa and one for the nac, they both require regex: index=client_vpn_...

by Explorer in

Increase the number of values shown for selected fields

Is there a way to increase the number of values shown for selected fields from 10 to 20-25? A customer has put in a r...

by Motivator in

Transaction not showing some events in table format

I am using Transaction command to group events in one line and want to see this in a table format. Have the "order_nu...

by New Member in

limit results by 10 events per day in one month timeframe

Hi- I have this search query: "source="/prod/splunkforwarder/bin/scripts/jrexpiry.sh" npw.gov.se" and my time frame i...

by Path Finder in

How to execute a shell script kept in app's bin folder using a dashboard?

I have a requirement to execute a script (does file cleanup) to be executed from a dashboard button (so as to avoid l...

by Revered Legend in

updrate SPLUNK 6.0 to 6.0.3

Steps to perform upgrade?

by New Member in

Timestamp splitted in log files

Hi all, I'm trying to extract the timestamp from a crappy unstructured logs. Every event is one line with 300 charact...

by Path Finder in

Troubling json extraction

I can't for the life of me figure this out. There seem to be examples all over and none of them address this. I ha...

by Builder in

how to take the values from nth field

Hi all, Below is my search... source="computer_status_export_SEP12_Mar27.csv" | dedup "Computer Name","MAC Address1" ...

by SplunkTrust in

HTML Dashboard - Clarification on the search

A HTML Dashboard is created that has five textboxes and one search button.When the search button is clicked,the value...

by Path Finder in

List of default working extractions in Splunk like "| extract access-extractions"

Hi All, So I was looking at some unextracted web log data, found this link: http://docs.splunk.com/Documentation/S...

by Path Finder in

_time from filename using Eval

Hi My file name is like ABC20140321.csv I want splunk to read _time value from this file name. I tried to edit dat...

by Explorer in

eval if isnull hope fill other values

Hi: My weburl sometim is null, i hope if weburl is null then weburl1 fill to weburl. I'm try "eval n=if(isnull(hos...

by Path Finder in

Failed Logins

I am observing the failed logins of a user and it is getting locked quite frequently morning between 01:30 AM to 02:3...

by Path Finder in

how to do "where field in" with splunk

I need to do a query which looks like field in [list of values]. The list could be another query's return values.

by Explorer in

Date Field calculations help

Hello All, I am hoping one of you can help me out with the following: I have a Powershell script which is displaying ...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Response Time search with a additional calculation

Plot Avg, Std Dev and Data on the same Chart

iplocation is available in version 5?

get total results per client per item for the last 7 days

visualization of iis logs

Get the last Json Inserted document

column chart : How can we create a chart with three fields?

regex difficulty with host / path discrimination

sum function with conditions

Joining Searches for Authentication Times

Increase the number of values shown for selected fields

Transaction not showing some events in table format

limit results by 10 events per day in one month timeframe

How to execute a shell script kept in app's bin folder using a dashboard?

updrate SPLUNK 6.0 to 6.0.3

Timestamp splitted in log files

Troubling json extraction

how to take the values from nth field

HTML Dashboard - Clarification on the search

List of default working extractions in Splunk like "| extract access-extractions"

_time from filename using Eval

eval if isnull hope fill other values

Failed Logins

how to do "where field in" with splunk

Date Field calculations help

Tech Talk Recap | Mastering Threat Hunting

Observability for AI Applications: Troubleshooting Latency

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

In Splunk studio, is it possible to populate a tex...

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

Splunk Search

Are you a member of the Splunk Community?

Discussions