Splunk Search

Discussions

Thread Info

Lookup table not giving results.

Hi all, I've trying to establish a lookup table that is used in a query (query below). I've setup the lookup table...

by Engager in

Header extraction rename

I am monitoring several BizTalk\MSMQ perfmon counters (Host Counters, General Counters, MSMQ Queue, MSMQ Service). I ...

by Motivator in

Random behaviour from splunk

I'm sending syslog messages through to Splunk in field/value pairs. When the field value contains spaces or certain o...

by Path Finder in

Rounding anomaly?

I'm getting what I believe are strange results when using the round function to control the number of decimal places....

by Builder in

Help needed in the extraction

Hello I have a data which has multiple rows under a single event. I want to extract all of them on their "name" al...

by Motivator in

Regex help

I'm using a sed script to clean up some events before they are indexed by Splunk in order to reduce the license usage...

by Builder in

State with custom source in by clause

Hello, I am currently faced with the problem while creating stats for a specific event, where the event itself con...

by Engager in

splunk dbconnect query issue

Hi I m working on monitoring some mysql and mssql databases. All I need is a list of tables with number of rows in...

by New Member in

Redirector- Possible to redirect to another site?

Hi I am using advanced XML, and trying to make a drilldown table redirect to external site based on the value of the ...

by New Member in

If/then in lookup table match

I'm trying to use a lookup table in my search. In the nmap event, I'm given a host and port. I have a lookup table th...

by Contributor in

Index Data Retrieve

I deleted data on my index using code "index = asr_local | delete " but when I added new data on my database, i ca...

by New Member in

USe time range in Search

Hi - i have used time range in my adv-xml number of time using earlies and latest and defining range but one of the m...

by Path Finder in

How to change hostname in metadata

Hello, The current issue we have is, that we have changed the host names from lowercase to uppercase. Now we see i...

by Explorer in

consecutive multi-line search, joined on common id

As I dig through Splunk, I hope to find help with a query that can't wait. I am trying to detect a certain 'cluster' ...

by New Member in

transaction endswith usage

Hi, We are trying to calculate the total system down time in minutes in a tabular format using the below query ...

by Engager in

Plot unique value in Timechart

Hello team. I need to plot only one value in my timechart. I am using the next search string: search...|timecha...

by New Member in

Stats extract

I have 3 values extracted from a search Value 1 ,2, and 3 I know i can use stats avg(Value1) by Value3 to get a ni...

by Path Finder in

Extract Value

I have a search result with following string i just need to extract the value - 0.000 (just before %) from this strin...

by Path Finder in

Improve transaction speed

Hi, i'm having the following dataset: 2014-03-15 17:23:17 host2 transaction="7WB1Hh7VpxWsDae" action="request"...

by Path Finder in

Calculating Active User's

I am struggling to find how to write this query to calculate active user's on our system. Currently we have a syslog ...

by Path Finder in

Another RegEx Question

I have been engaged in an arm wresting content with Splunk for the past couple of hours with regex and it has been be...

by Path Finder in

lookup table to find systems not reporting

I have a look-up table of systems reporting to splunk from one of my users. He would like to know when one of the sys...

by Motivator in

Time line on the dashboards

Hi all, if I execute a search on a particular source and get the results with a timechart on the search page, but the...

by New Member in

Installing Universal Forwarder from Command line and Hangs at Receiving Indexer

I am installing the UF from a command prompt for deployment via SCCM 2012 with the following command line: msiexec /i...

by New Member in

splunk is hanging after search

Hi, I have installed 64 bit splunk-6.0.2 in VM-ware10 in Redhat-6. I have configured everything and restarted the ...

by Contributor in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Lookup table not giving results.

Header extraction rename

Random behaviour from splunk

Rounding anomaly?

Help needed in the extraction

Regex help

State with custom source in by clause

splunk dbconnect query issue

Redirector- Possible to redirect to another site?

If/then in lookup table match

Index Data Retrieve

USe time range in Search

How to change hostname in metadata

consecutive multi-line search, joined on common id

transaction endswith usage

Plot unique value in Timechart

Stats extract

Extract Value

Improve transaction speed

Calculating Active User's

Another RegEx Question

lookup table to find systems not reporting

Time line on the dashboards

Installing Universal Forwarder from Command line and Hangs at Receiving Indexer

splunk is hanging after search

CX Day is Coming!

Strengthen Your Future: A Look Back at Splunk 10 Innovations and .conf25 Highlights!

Now Offering the AI Assistant Usage Dashboard in Cloud Monitoring Console

In Splunk studio, is it possible to populate a tex...

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

Splunk Search

Are you a member of the Splunk Community?

Discussions