Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Splunk Search
Splunk Search
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | I have an unstructured log file that looks like the following. How would I go about creating key/value pairs for metr... by briang67 Communicator in Splunk Search 10-28-2013 0 7 | 0 | 7 | |
| | Hi, i would like to capture the below 2 patterns and i tried to use the below combination but i am not getting inten... by xvxt006 Contributor in Splunk Search 10-28-2013 0 4 | 0 | 4 | |
| | I have a dashboard table based on the search: index=eaccess Card_Name="John*" | convert timeformat="%m/%d/%y %I:%M:... by lmarcel New Member in Splunk Search 10-28-2013 0 3 | 0 | 3 | |
| | Hello-- For comparison purposes I'd like to determine how many times each of our alerts have been triggered. Is this... by ajmills New Member in Splunk Search 10-28-2013 0 1 | 0 | 1 | |
| | Is the Splunk audit log format or the description of each field in the audit.log file documented somewhere? I'm inter... by rahulgopal Explorer in Splunk Search 10-28-2013 0 2 | 0 | 2 | |
| | I am attempting to get the top offenders of average latency, by their client IP, but limited to the top 50 results, s... by tmarlette Motivator in Splunk Search 10-28-2013 0 1 | 0 | 1 | |
| | I have quoted parameters in log files, which are processed by Splunk: "Version":"21" How to extract that parameter... by MaximKorobov New Member in Splunk Search 10-28-2013 0 3 | 0 | 3 | |
| | The navigation menu at the top would be so much better if it could transmit the context (index and host) for the new ... by rhayle Path Finder in Splunk Search 10-28-2013 1 8 | 1 | 8 | |
| | Hi, My saved search looks like below: index="efg" "$var$" rex "(abc=.*? )(?<payload>.*)(>)" | eval payload=replace(... by MadhuriVanga New Member in Splunk Search 10-28-2013 0 1 | 0 | 1 | |
| | Hi, we have 2 uri patterns as shown below /search?searchQuery=4gmw4 (the end part is always single word which is al... by xvxt006 Contributor in Splunk Search 10-27-2013 0 4 | 0 | 4 | |
| | Trying to figure out if this is possible. Many times I do a search similar to: host=somehosts* earliest=-1d | clust... by skippylou Communicator in Splunk Search 10-27-2013 2 4 | 2 | 4 | |
| | Hi, I have a weird data structure I'm trying to figure out a better way to handle. The data I'm getting uses categor... by tristanmatthews Path Finder in Splunk Search 10-27-2013 0 2 | 0 | 2 | |
| | Hi, Following is my input. It is a set of tab delimited files. Here is a sample. I made updates to props.conf and tr... by sourabhguha Explorer in Splunk Search 10-27-2013 0 4 | 0 | 4 | |
| | Hi everbody, I have got a field "Action" with different Values (A,B,C,D,E). I would like to calculate the percentage... by HeinzWaescher Motivator in Splunk Search 10-27-2013 0 2 | 0 | 2 | |
| | Hi! I want to ask question if something like below can be implemented. I have created 4 searches. search A : creat... by yuwtennis Communicator in Splunk Search 10-27-2013 0 2 | 0 | 2 | |
| | Hi ! I would like to get an advice with search command. I want to do something like , Reference the next row (line... by yuwtennis Communicator in Splunk Search 10-27-2013 0 2 | 0 | 2 | |
| | Hi, I am indexing a set of csv files. the files do not have the header fields in it. While I am creating the source... by sourabhguha Explorer in Splunk Search 10-27-2013 0 1 | 0 | 1 | |
| | I just noticed that the alert... menu item under Create in the search App is not available anymore for users with rol... by kaddupa1 Explorer in Splunk Search 10-26-2013 1 1 | 1 | 1 | |
| | Another awesome Regex question, related to windows. I have a windows EventCode=4663. The event contains a Process_N... by gsawyer1 Engager in Splunk Search 10-25-2013 0 4 | 0 | 4 | |
| | Using this set of data: Time Host Type Packets 12:00 mothra A 5 12:05 mothra A 6 12:10 ... by albyva Communicator in Splunk Search 10-25-2013 0 2 | 0 | 2 | |
| | I indexed some csv data which has a field called Open Time which winds up being selected as the _time and looks fine ... by jeremiahc4 Builder in Splunk Search 10-25-2013 1 2 | 1 | 2 | |
| | Using the dbconnect app without using advance(query), is there a way to make your lookup case insensitive by adding c... by rdownie Communicator in Splunk Search 10-25-2013 0 1 | 0 | 1 | |
| | Hi, Is there splunk tool chain that simply sends splunk commands to the daemon (does not include daemon and web inte... by paragcisco Explorer in Splunk Search 10-25-2013 1 6 | 1 | 6 | |
| | I have two sourcetypes - submitters, and recipient_group. I am looking to find the percentage of submitters that are... by lehrfeld Path Finder in Splunk Search 10-25-2013 0 3 | 0 | 3 | |
| | 2013-10-25 10:49:33,Major,REMOVED,Allowed, - Caller MD5=61b1dfb9703d0d678e108e0156fcbb69,Create Process,Begin: 2013-1... by cdupuis123 Path Finder in Splunk Search 10-25-2013 0 3 | 0 | 3 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Become An Expert
Top Labels
-
administration
3 -
alert action
3 -
alert condition
2 -
Analytics Workspace
2 -
authentication
1 -
chart
944 -
Classic dashboard
1 -
configuration
2 -
correlation search
1 -
count
1,003 -
Dashboard Studio
3 -
data
3 -
data model
1 -
development
6 -
distributed search
1 -
drilldown
1 -
email
1 -
eval
2,609 -
field extraction
2,017 -
fields
2,061 -
host
1 -
index
4 -
indexer
2 -
inputs.conf
1 -
intermediate forwarder
1 -
introduction
5 -
join
1,058 -
JSON
2 -
Linux
2 -
login
1 -
lookup
1,565 -
metadata
307 -
monitoring console
2 -
other
153 -
panel
2 -
PDF
1 -
Python
1 -
regex
1,498 -
report acceleration
2 -
rex
1,246 -
SAML
1 -
saved search
5 -
scheduled search
4 -
scripted input
1 -
search
2 -
search head
3 -
search job inspector
681 -
search peer
1 -
simple XML
1 -
source
1 -
sourcetype
4 -
Splunk Web Framework
1 -
splunk-assist
1 -
splunkd
1 -
stats
3,559 -
subsearch
1,721 -
summary indexing
4 -
table
1,750 -
time
1 -
timechart
1,156 -
transaction
451 -
transforms.conf
1 -
troubleshooting
8 -
tstats
566 -
universal forwarder
5 -
using Splunk Cloud
2 -
using Splunk Enterprise
13 -
Windows
3
- « Previous
- Next »
Get Updates on the Splunk Community!
Unlock Database Monitoring with Splunk Observability Cloud
In today’s fast-paced digital landscape, even minor database slowdowns can disrupt user experiences and ...
Purpose in Action: How Splunk Is Helping Power an Inclusive Future for All
At Cisco, purpose isn’t a tagline—it’s a commitment. Cisco’s FY25 Purpose Report outlines how the company is ...
[Upcoming Webinar] Demo Day: Transforming IT Operations with Splunk
Join us for a live Demo Day at the Cisco Store on January 21st 10:00am - 11:00am PST
In the fast-paced world ...
