Splunk Search

Start a Conversation

Discussions

Start a Conversation

Thread Info

Using sendemail and pulling the body field from a lookup table, how can I include a line break in the lookup to format the email dynamically?

Example search: | sendemail to=$result.to$ subject=$result.subject$ message=$result.body$ I'm currently pullin...

by Builder in

Is there a way to limit the number of events included in the search result per user?

I have some data, which includes a user id. I can count the number of pageviews, and also the number of unique use...

by Path Finder in

How To Add a Search Box in Dashboard/Form?

I currently have a dashboard which shows the IP Address | Web Request | Browser | JSession Count I want to create a s...

by SplunkTrust in

How to get a stats sum of a column available in every row?

I am creating a simple stats search. I am trying to work out that chance that a part will die over time. I consider a...

by Communicator in

Table: Using custom inline icons for multiple fields in a table (multiple columns)

I have the follinwg code from my .js file var CustomIconRenderer = TableView.BaseCellRenderer.extend({ ...

by Communicator in

How to use singleDecorations.css with search?

Hi I am trying to use examples given with Single Value Decorations, but i am not able to get it working correctly...

by Path Finder in

How to create a single visualization using the results from multiple searches?

Currently I have four different visualizations (bar graphs) that are created using a data set. Each search I run filt...

by Path Finder in

How can I edit my search to only use the 3 most recent sources?

I have a file that gets uploaded into Splunk every month and I use it to produce a graph using the data from the past...

by Communicator in

Controlling Date

Hi, I have a column of timestamp in YYYY-MM-DD format. I'm trying to limit it by specific date, and I feel like there...

by Explorer in

How to refresh search jobs on an interval without refreshing the entire page and stagger the jobs?

I would like to refresh rerun searchjob on an interval without refreshing the entire page and stagger the jobs. I kno...

by Champion in

How to add Count Column to a Table?

I have a table with 3 fields (IP Address, Web Request, and Browser used).. How can I add a column to that table to co...

by SplunkTrust in

Field Extaction from regex not displaying Character

Hi, I have an issue for extracting values. It extracts 7 out of the 8 characters I need to catch. I currently have th...

by Path Finder in

How to calculate percentage of results returned from a timechart?

I have a timechart for the last 7 days and I want to add a percentage of the two results returned from the timechart ...

by Path Finder in

How to create an alert to trigger if the value stored in a CSV file increases by 5?

Saved search: sourcetype=* | timechart last(Cnt) as CurrentQueueLength span=5m | Where CurrentQueueLength>0 | ...

by Explorer in

How to use time modifiers on non event time fields?

Hi All, I have a sourcetype with the following: _time, host, contacttime eg: 2015-07-14 02:01:02.353 ZEUS 2014-...

by Communicator in

How to merge two Splunk searches into one?

Hi Team, search sourcetype=my_logs source.item_id=34324234324| stats count by event_type and search sourcet...

by New Member in

Get preceding and following requests with common field value for each requested URL

I'm trying to get a table with an row for each requested URL (the latest request found in the logfile) and the preced...

by Engager in

Conditional Rex Expression

Hi, I wonder whether someone could help me please. I'm using the following rex expression to extract the Employers...

by Motivator in

How alert if the same account number is seen with transactions from different State codes and the total transaction amount exceeds $10,000 within one hour?

I wanted to know how to write a search that will trigger an alert when it meets the following conditions: During a pe...

by New Member in

Is there a REST endpoint for an admin level user to return all lookup table files, not just global?

I've noticed that calling the REST endpoint /services/data/lookup-table-files only returns global lookups. I'm making...

by Explorer in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Using sendemail and pulling the body field from a lookup table, how can I include a line break in the lookup to format the email dynamically?

Is there a way to limit the number of events included in the search result per user?

How To Add a Search Box in Dashboard/Form?

How to get a stats sum of a column available in every row?

Table: Using custom inline icons for multiple fields in a table (multiple columns)

How to use singleDecorations.css with search?

How to create a single visualization using the results from multiple searches?

How can I edit my search to only use the 3 most recent sources?

Controlling Date

How to refresh search jobs on an interval without refreshing the entire page and stagger the jobs?

How to add Count Column to a Table?

Field Extaction from regex not displaying Character

How to calculate percentage of results returned from a timechart?

How to create an alert to trigger if the value stored in a CSV file increases by 5?

How to use time modifiers on non event time fields?

How to merge two Splunk searches into one?

Get preceding and following requests with common field value for each requested URL

Conditional Rex Expression

How alert if the same account number is seen with transactions from different State codes and the total transaction amount exceeds $10,000 within one hour?

Is there a REST endpoint for an admin level user to return all lookup table files, not just global?

Admin Your Splunk Cloud, Your Way

Cloud Platform | Discontinuing support for TLS version 1.0 and 1.1

New Customer Testimonials

How to troubleshoot “Error in 'inputlookup' comman...

How to configure alert when a service is in failed...

how to identify '\n' in Splunk rex

How to convert multiple individual json objects in...

How to combine results of inputlookup and a search...