Splunk Search

Discussions

Thread Info

Restrict search to exclude events from today

Hello, I would like to know how is it possible to narrow every search that a user can launch to exclude events comin ...

by Communicator in

Parameters for search

Hi, What would be the available options in order to parameterize a search in a Splunk view ? Let's say that all...

by Path Finder in

How to format _time field and get rid of miliseconds?

Hi, In the search results, I'd like to have _time displayed without ms at the end (06/11/2013 23:13:22.000 -> 06/1...

by Explorer in

Trigger Search Restart

Hi, I have a dashboard that contains an IFrameInclude module and a HiddenSearch module . The IFrameInclude points ...

by Path Finder in

best approach for sub search with total

Hi, I've the ff search main search for getting total ... | join type=outer _time [ search main search for gettin...

by Explorer in

Path Analysis in Splunk

Hi, I use iis server logs and in each hit I have the flowing parameters. cs_uri_stem= Page user is on cs_Refere...

by Contributor in

combining multiple events (LEG1 & LEG2) and putting as a macro

hi Folks, I'm fairly new to splunk. I've written a script to get logs from F5 using SNMP. The events retrieved are -...

by Super Champion in

Lookup table with two primary keys

My company uses ConnectDirect (C:D) as a tool for file transfer. Within the connect direct logs the hosts are referre...

by Communicator in

Linegraph with Datestring / Convert Timestamp to _time

Hi, I've got a lookupfile with a timestamp (in seconds) and other entries. I've converted the timestamp into a dat...

by Motivator in

How to use Splunk Reports in SAP Business Objects?

Did someone ever tried to use a Splunk Dashboard or single Report in SAP Business Objects? Is this even possible? ...

by Contributor in

Custom Variables \ eVars in Splunk – Segment all data on a user event.

I use iis server logs, each user has a unique ID (cs_username) as authentication is required on the site. Does Spl...

by Contributor in

Search for mutiple values using rex and store them in a same single field

Im looking to achieve the following using Rex. Below is the search query which im trying to run sourcetype=XXXX...

by Path Finder in

Nested search

Hi all, I have 2 dump files and put separate them into 2 sourcetypes, sourcetype=transaction_status and sourcetype...

by Explorer in

Basic OR statement question

So I have this search and it works just fine: dest="10.*" OR dest="172.16.*" OR dest="192.168.*" AND action=failur...

by Builder in

Extraction Precedence

If you have index time extractions configured will search time extractions override them?

by Path Finder in

Buffer overflow for field?

Hi ! I would like to know if there are any restricted size value for fields. I have tried to create a fields co...

by Communicator in

Is there a way to set the label on the y axis of a chart in simple xml?

I have the following chart defined in a view: <chart> <searchString> index=summary report=hw_use_by_jo...

by Explorer in

Events with null fields being discarded in results?

Hello, in my search below, events with null fields are being discarded/excluded from the results. Specifically, any s...

by Builder in

save search results?

Once a search has been created and saved, how does one change the amount of time (number of days, for example) that t...

by New Member in

earliest and latest times for each hour of a day ?

Hi How can give earliest and latest times for each hour of day of previous day . i.e first hour , second hour ,...

by Motivator in

Top to a sum by a field

I am trying to get top 10 channels (chanName) by brand (BRAND) based on the duration (durationPerRoom). I have durati...

by Super Champion in

Data Format Transforamtion

Hello All I am just started using Splunk for my project and very new to it . In my project, there is a requiremen...

by New Member in

date time format

Hi, we have a tool, which is writing to a database. I use splunk db connect to get the data out of it. The tool write...

by Explorer in

sum values if<

Hi, I'm calculating a duration for each event in the dataset and would like to calculate the sum for all durations...

by Motivator in

Trouble with regex in transforms.conf

I am filtering events in transforms.conf but I cannot seem to get the regex to match. When I test the regex in Search...

by Builder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Restrict search to exclude events from today

Parameters for search

How to format _time field and get rid of miliseconds?

Trigger Search Restart

best approach for sub search with total

Path Analysis in Splunk

combining multiple events (LEG1 & LEG2) and putting as a macro

Lookup table with two primary keys

Linegraph with Datestring / Convert Timestamp to _time

How to use Splunk Reports in SAP Business Objects?

Custom Variables \ eVars in Splunk – Segment all data on a user event.

Search for mutiple values using rex and store them in a same single field

Nested search

Basic OR statement question

Extraction Precedence

Buffer overflow for field?

Is there a way to set the label on the y axis of a chart in simple xml?

Events with null fields being discarded in results?

save search results?

earliest and latest times for each hour of a day ?

Top to a sum by a field

Data Format Transforamtion

date time format

sum values if<

Trouble with regex in transforms.conf

Building Reliable Asset and Identity Frameworks in Splunk ES

Cloud Monitoring Console - Unlocking Greater Visibility in SVC Usage Reporting

Automatic Discovery Part 3: Practical Use Cases

Replace parts of a string where values of a multiv...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions