Splunk Search

Discussions

Thread Info

Why does Dropdown retain entries from old query result?

I have a query for for my dropdown with tokens inserted here and there and whenever the values on those tokens change...

by Explorer in

Nessus data charting- How to make a trend chart of specific data set?

I am making a trend chart of specific data set. What I am looking for is (generic example)index=nessus | eval Month=s...

by Path Finder in

How to execute/ignore block of code based on token values?

I have a union [] command that I want to execute only if a check box is checked, how can I manage this? SPL2 branch d...

by Explorer in

What is the quickest and safest way to move indexed data from one location to another?

What's the quickest and safest way to move indexed data from one location to another? I have data that is currently s...

by Explorer in

How to convert multiple individual json objects into a nested json object in an event ?

I want to convert some of the below individual json objects in the event into nested single json object like the seco...

by Contributor in

How to convert multiple individual json objects into a nested json object ?

I want to convert some of the below individual json objects in the event into nested single json object like the seco...

by Path Finder in

How to search or extract specific key/value pair from array?

Using the Splunk addon for AWS to collect ec2 instance metadata I get an array called tags with key/value pairs such ...

by Loves-to-Learn in

How to correlate similar field values together and adding totals?

I am trying to use a lookup we use to track usage of exceptions in one of our platforms so that we can remove unneede...

by New Member in

How to create multiple values in time chart based on dropdown menu token?

I am looking to have a time chart table that has a dropdown menu based on a token, be able to show all of the values...

by Path Finder in

How to get that file to be replicated to the other search heads?

I have a cron job that creates a lookup file under $splunkhome$/etc/apps/search/lookups on one of the search heads. H...

by Engager in

How to extract field names from an object or nested JSON field?

For these following two events: { "people": { "bob": 172, "maria": 161 } } { "people": { "bob": 172, "g...

by Engager in

How to combine two lookups?

On Splunk, I have the following 2 searches: 1) `ABC_logs(traffic)` user != "unknown" src_ip IN (*) dest_ip I...

by Builder in

How to make timechart with ratio failed/total ?

This is my search: message_data_type=gd*| timechart count by message_data_type limit=10 These are my results: ...

by Engager in

How to apply regex to a field?

Hello Splunkers, i want to to extract a 10-digit path from a url but unfortunately i always get this error: ...

by Path Finder in

How to update table only with the values filtered on dropdown selection?

I have a table with 3 different csv files that I have to show, with different values. When I select the value that ...

by Explorer in

How to return count column in the existing search?

Hello, I have below search query index=my_index openshift_cluster="cluster009" sourcetype=opensh...

by Path Finder in

Federated Search Questions- Authentication option and Indexers?

Regarding Federated search: Is the only authentication option username and password? We use SSO on the remote sear...

by Path Finder in

How to create the proper search to extract all of the fields and their respective field_values from the sample data?

Hi Splunkers!Any one able to assist me with a search that I am trying to create below. I want to extract some data fr...

by Path Finder in

How do I evaluate on column in space and tab delimited logs?

Hello all. I have a log file that looks like this; PROCESS UP STATUS RESTARTS AGEPROCESS1 2/2 Running 0 6d...

by Explorer in

How extract data model fields using REST search?

I'm trying to at least initially to get a list of fields for each of the Splunk CIM data models by using a REST searc...

by Motivator in

What is the fastest way to use a lookup (or match records against a secondary source)?

I have index with json data that represents call data (phone calls), but there is nothing native in the index that re...

by Path Finder in

Why is data is got getting indexed when we are adding csv file from add data under settings?

Hi,data is got getting indexed when we are adding csv file from add data under settings .. its events count is showin...

by Explorer in

Upgrade Splunk Enterprise from 8.x to 9.x

We are currently required to upgrade our Splunk environment from version 8.2.4 to version 9.x, and we are concerned a...

by Path Finder in

How to configure alert when a service is in failed state in a centos server?

We have configured some program to run as a service in Unix server. I want to configure an alert in Splunk that when...

by Loves-to-Learn in

How to search for disk usage greater than 70 percent for 10 mins?

I wanted to know how we can construct a search query for a service which is running on a centOS server and the utiliz...

by Loves-to-Learn in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Why does Dropdown retain entries from old query result?

Nessus data charting- How to make a trend chart of specific data set?

How to execute/ignore block of code based on token values?

What is the quickest and safest way to move indexed data from one location to another?

How to convert multiple individual json objects into a nested json object in an event ?

How to convert multiple individual json objects into a nested json object ?

How to search or extract specific key/value pair from array?

How to correlate similar field values together and adding totals?

How to create multiple values in time chart based on dropdown menu token?

How to get that file to be replicated to the other search heads?

How to extract field names from an object or nested JSON field?

How to combine two lookups?

How to make timechart with ratio failed/total ?

How to apply regex to a field?

How to update table only with the values filtered on dropdown selection?

How to return count column in the existing search?

Federated Search Questions- Authentication option and Indexers?

How to create the proper search to extract all of the fields and their respective field_values from the sample data?

How do I evaluate on column in space and tab delimited logs?

How extract data model fields using REST search?

What is the fastest way to use a lookup (or match records against a secondary source)?

Why is data is got getting indexed when we are adding csv file from add data under settings?

Upgrade Splunk Enterprise from 8.x to 9.x

How to configure alert when a service is in failed state in a centos server?

How to search for disk usage greater than 70 percent for 10 mins?

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

Splunk Observability for AI

🔐 Trust at Every Hop: How mTLS in Splunk Enterprise 10.0 Makes Security Simpler

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions