Splunk Search

Discussions

Thread Info

Can someone tell me how to count users by index please

I was trying to keep track of how many users have access to each index. Any help would be much appreciated.

by New Member in

What version of SSL does splunkd use?

We have Splunk 4.2.3 installed on some Linux hardened servers. Our Security team recently ran some scans and expresse...

by Splunk Employee in

Data Input not working for s3 plugin -- perhaps inputs.conf.spec is wrong?

File /opt/splunk/etc/apps/s3/README/inputs.conf.spec: [s3://umi-mf-cdnlogs] key_id = AKIA secret_key = EOW5N...

by Path Finder in

how to archive

I am reading up on how to archive and set the frozen bucket. Do i need to create my own indexes.conf file ? One is no...

by Explorer in

Using multiple Tokens in the same search

Hello, Is it possible to use multiple tokens in the same input ? if yes, how can i do so ? I'm thinking it shou...

by Super Champion in

List top 3 forwarders by volume sent to each indexer

I'd like to see for each indexer in my environment the top 3 forwarders that have sent data. I've created the followi...

by Motivator in

Summing the row

Colum A Column B 1 1 2 2 2 3 2 4 5 5 I wanted to sum columnB but on condition. Below is the example (Column A)...

by New Member in

Unique KeyValue search performance

Hey Everyone, I'm having a bit of trouble with Splunk search performance, I currently have around 1 million rows o...

by Explorer in

How to sort as numerals the X axis of a histogram

Hi, I'm trying to plot a histogram of transaction durations. The durations range from 0s to 60s. My search string ...

by Explorer in

Question about timemodifier

Hi! I would like to ask about the timemodifier. I have a following search including subsearch, index=hoge [ ...

by Communicator in

Mismatch search result between sdk-python and splunk web

Hi, i'm just learning using splunk and sdk-python. I have this search run from sdk: search = 'search index=main so...

by Communicator in

stats first behaving differently in a dashboard to a search - is this a bug.

Since upgrading from 5 to 6, one of my dashboards started behaving "strangely", and I have distilled it down to this....

by Engager in

accelerated search with specific week day

I have an accelerated search which is set for a 3 months time range. The acceleration works, I can get a whole day's ...

by Contributor in

delta counts by keyname

How can I get a delta count by a key name when there are multiple keys for plotting the delta in a report? I have ...

by Engager in

Display chart only within Time range where there data exists

I want to display a chart that automatically crops that whole chart to where there is data and not display any empty ...

by Builder in

PersistentValueStoreException when creating DB Input

I am consistently getting the following error when trying to create a Database Input: ERROR:TailDatabaseMonitor - ...

by New Member in

host_Regex help

Hi, I want to name my host based upon a value in the logfile. I know it can be done via regex but it's not working...

by Champion in

Combine values for a field by user over 24 hours

Hi all, I am trying to find the average number of bytesOut for proxy activity by user. Obviously first I am pullin...

by Communicator in

Get total events for the last 1 month, 1 week and 1 day

I need a statistic which show total events in 1 month, 1 week and 1 day and create a dashboard, for example column ch...

by Explorer in

Different result between tow users with the same search

i have an search with two transaction index=myindex | transaction queue_id sendmail_uid message_id maxspan=5s | se...

by Engager in

Clarification required on Optimzed Search

The log information contains say 10,000 lines which has status as "SUCCESS"or "MAJOR." Currently the query contains t...

by Path Finder in

windows 7 issues on configurations

Hi Splunkers! Is there an issue in making configurations using windows (7) platform. can someone help me in editing c...

by Contributor in

Get latest 50 events in the search

I need a statistic which show latest 50 events in the log, can we do this with splunk?

by Explorer in

rex json field extraction

Splunk newbie here. I need to extract fields from our JSON logs, sample _raw output below: 2014-01-22 21:25:33,...

by Explorer in

rex field limit

Hi, I got the ff script working but putting in more rex field hangs splunk index=xxx | rex field=_raw "tel:001001(...

by New Member in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Can someone tell me how to count users by index please

What version of SSL does splunkd use?

Data Input not working for s3 plugin -- perhaps inputs.conf.spec is wrong?

how to archive

Using multiple Tokens in the same search

List top 3 forwarders by volume sent to each indexer

Summing the row

Unique KeyValue search performance

How to sort as numerals the X axis of a histogram

Question about timemodifier

Mismatch search result between sdk-python and splunk web

stats first behaving differently in a dashboard to a search - is this a bug.

accelerated search with specific week day

delta counts by keyname

Display chart only within Time range where there data exists

PersistentValueStoreException when creating DB Input

host_Regex help

Combine values for a field by user over 24 hours

Get total events for the last 1 month, 1 week and 1 day

Different result between tow users with the same search

Clarification required on Optimzed Search

windows 7 issues on configurations

Get latest 50 events in the search

rex json field extraction

rex field limit

Splunk Observability Synthetic Monitoring - Resolved Incident on Detector Alerts

Video | Tom’s Smartness Journey Continues

3-2-1 Go! How Fast Can You Debug Microservices with Observability Cloud?

custom Dropdrown with "ALL'

submit button not working

ES8 + Mission Control Usage rest API

Search for triggered save searches and their actio...

MLTKC how should i check jupyter notebook func in ...