Splunk Search

Discussions

Thread Info

Shorter maxspan delivers more results

We have build a query spanning multiple source types. We try to create a simple transaction with one field. The resul...

by Path Finder in

Building a Search for Comparison/Match

I have a search that brings up specific order types by order numbers that begin with a 7: index=contract_gateway s...

by Builder in

Problem with rex not doing anything at all, not even in its simplest form!

Hi, I am trying to extract the string after the first space, so for ex. I need to extract: "02-main-menu" for the fir...

by Path Finder in

INFO, ERROR and FATAL

Hi all, if a log has the following types of log entries (INFO, ERROR, FATAL), how do I get splunk to recognise those ...

by New Member in

Average events per day

Hi, I would like to view the average number of events per day for a certain event code. It looks like I should be ...

by New Member in

How can I make mvfind start its search at the last entry of a multivalue field ?

Hi, I have a search query that creates trans: ......| eval locale=case(tags=="my-world", "my-world:".screen, tags=="c...

by Path Finder in

Looking to create a chart that displays run time values

Hello, looking to create a data table that displays run time values of a batch jobs... Example of this would be defin...

by Contributor in

last indexed data

How to search last indexed data in splunk?

by Contributor in

how to add Attributes with a Regular Expression

Hi Gurus, I have a index, and the data was in one column is like Item__bAffected, I'd like to replace "__b" wi...

by Explorer in

Checkpoint OPSEC LEA is not working

Hi, Mi Checkpoint OPSEC LEA is working. I get next splunk log: index=_internal host="MOL18107" ( source="*sp...

by Explorer in

Format Date

Hi - I have a raw event which has raw event lines as "11-Mar-14 9:38:58 PM",300,64.00000000 This was from today 11...

by Path Finder in

How to perfom math calculations

I am trying to figure out how to take two searches and divide their results to create a dial chart showing the percen...

by Engager in

Displaying full list of server names

I'm querying a log file on 50+ servers looking for the number of records processed in a given time frame. The problem...

by Path Finder in

two time series data in one chart

Hi, Is there a way to put two lines in one chart while these two lines of data are in different timeframes ? For e...

by Explorer in

How to compare multiple files by diff command in search?

I have a question about diff command in search. Of course though, a diff command compares two files, I want to co...

by Contributor in

Chart showing the results of multiple searches

Hi there! Wondering if anyone can offer some advice on how to combine several searches to create a chart... I have...

by Explorer in

Limit values

I have a search that pipes this: stats count,values(category) by src_user src_ip It returns results with a ton...

by Builder in

How do i use R (open source package) in splunk?

by Engager in

How to query a particular hour for last 3 months

Hi, is it possible to specify a timeframe so that i get data for every Friday 8 PM to 9 PM for the last 3 months?

by Contributor in

perform math calculations on values with the same field name

I have some data which shows the counts of items collected by category and subcategory. The data essentially looks li...

by Path Finder in

time-based lookups using db connect

I specified a field in the lookup definitions to use with a lookup command (database lookup) and it appears not to wo...

by Communicator in

textarea from a local text file

Hello Everyone, I am stuck please help.I want to show data of "d:\vikas.text" to a textarea box using simple xml dash...

by Builder in

fill textarea from a file

Hello Everyone, Please suggest how I can fill textarea box from a file located in local drive . Thanks

by Builder in

Multi key value combinations in a single line

Hi, I'm trying to perform some field extractions in a log containing availability reports of segments in our system s...

by Explorer in

TimePicker: Limit the choices on a specifique Dashboard

Hi, I have two dashboard: - "Normal" dashboard: With the basic TimePicker. - Fixed Time report: Here i want the u...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Shorter maxspan delivers more results

Building a Search for Comparison/Match

Problem with rex not doing anything at all, not even in its simplest form!

INFO, ERROR and FATAL

Average events per day

How can I make mvfind start its search at the last entry of a multivalue field ?

Looking to create a chart that displays run time values

last indexed data

how to add Attributes with a Regular Expression

Checkpoint OPSEC LEA is not working

Format Date

How to perfom math calculations

Displaying full list of server names

two time series data in one chart

How to compare multiple files by diff command in search?

Chart showing the results of multiple searches

Limit values

How do i use R (open source package) in splunk?

How to query a particular hour for last 3 months

perform math calculations on values with the same field name

time-based lookups using db connect

textarea from a local text file

fill textarea from a file

Multi key value combinations in a single line

TimePicker: Limit the choices on a specifique Dashboard

Congratulations to the 2025-2026 SplunkTrust!

Community Feedback

Manual Instrumentation with Splunk Observability Cloud: Implementing the ...

In Splunk studio, is it possible to populate a tex...

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

Splunk Search

Are you a member of the Splunk Community?

Discussions