Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Splunk Search
Splunk Search
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | Hi, we have 2 uri patterns as shown below /search?searchQuery=4gmw4 (the end part is always single word which is al... by xvxt006 Contributor in Splunk Search 10-27-2013 0 4 | 0 | 4 | |
| | Trying to figure out if this is possible. Many times I do a search similar to: host=somehosts* earliest=-1d | clust... by skippylou Communicator in Splunk Search 10-27-2013 2 4 | 2 | 4 | |
| | Hi, I have a weird data structure I'm trying to figure out a better way to handle. The data I'm getting uses categor... by tristanmatthews Path Finder in Splunk Search 10-27-2013 0 2 | 0 | 2 | |
| | Hi, Following is my input. It is a set of tab delimited files. Here is a sample. I made updates to props.conf and tr... by sourabhguha Explorer in Splunk Search 10-27-2013 0 4 | 0 | 4 | |
| | Hi everbody, I have got a field "Action" with different Values (A,B,C,D,E). I would like to calculate the percentage... by HeinzWaescher Motivator in Splunk Search 10-27-2013 0 2 | 0 | 2 | |
| | Hi! I want to ask question if something like below can be implemented. I have created 4 searches. search A : creat... by yuwtennis Communicator in Splunk Search 10-27-2013 0 2 | 0 | 2 | |
| | Hi ! I would like to get an advice with search command. I want to do something like , Reference the next row (line... by yuwtennis Communicator in Splunk Search 10-27-2013 0 2 | 0 | 2 | |
| | Hi, I am indexing a set of csv files. the files do not have the header fields in it. While I am creating the source... by sourabhguha Explorer in Splunk Search 10-27-2013 0 1 | 0 | 1 | |
| | I just noticed that the alert... menu item under Create in the search App is not available anymore for users with rol... by kaddupa1 Explorer in Splunk Search 10-26-2013 1 1 | 1 | 1 | |
| | Another awesome Regex question, related to windows. I have a windows EventCode=4663. The event contains a Process_N... by gsawyer1 Engager in Splunk Search 10-25-2013 0 4 | 0 | 4 | |
| | Using this set of data: Time Host Type Packets 12:00 mothra A 5 12:05 mothra A 6 12:10 ... by albyva Communicator in Splunk Search 10-25-2013 0 2 | 0 | 2 | |
| | I indexed some csv data which has a field called Open Time which winds up being selected as the _time and looks fine ... by jeremiahc4 Builder in Splunk Search 10-25-2013 1 2 | 1 | 2 | |
| | Using the dbconnect app without using advance(query), is there a way to make your lookup case insensitive by adding c... by rdownie Communicator in Splunk Search 10-25-2013 0 1 | 0 | 1 | |
| | Hi, Is there splunk tool chain that simply sends splunk commands to the daemon (does not include daemon and web inte... by paragcisco Explorer in Splunk Search 10-25-2013 1 6 | 1 | 6 | |
| | I have two sourcetypes - submitters, and recipient_group. I am looking to find the percentage of submitters that are... by lehrfeld Path Finder in Splunk Search 10-25-2013 0 3 | 0 | 3 | |
| | 2013-10-25 10:49:33,Major,REMOVED,Allowed, - Caller MD5=61b1dfb9703d0d678e108e0156fcbb69,Create Process,Begin: 2013-1... by cdupuis123 Path Finder in Splunk Search 10-25-2013 0 3 | 0 | 3 | |
| | I'm building a dashboard using the techniques described here on Splunkbase, so that I have two Y axes. What I'm seein... by sowings Splunk Employee  in Splunk Search 10-25-2013 1 4 | 1 | 4 | |
| | I'm following the tutorial at your page 46. The popup menu that I see has a "Destination app" field with search above... by MikeSilady Explorer in Splunk Search 10-25-2013 0 3 | 0 | 3 | |
| | I have the below search index=main sourcetype=summa | rex "::\s(?<timestamp>\S+)\s" | rex "^\S+\s(?<userid>\S+)\."... by srajanbabu Explorer in Splunk Search 10-25-2013 0 6 | 0 | 6 | |
| | It’s worth noting that this issue is being tested under the Splunk application for OS X. The goal is to get Splunk cr... by multiverse Engager in Splunk Search 10-25-2013 0 2 | 0 | 2 | |
| | Hello, I have the a search that is working and I get the desired output. Now I am trying to make the output "prett... by brywilk_umich Path Finder in Splunk Search 10-24-2013 1 2 | 1 | 2 | |
 | Can't seem to make this work.. using a " " delimter in my transforms didn't do the trick.. www-ber 10/18/2... by richnavis Contributor in Splunk Search 10-24-2013 0 3 | 0 | 3 | |
| | I have this event and I'm trying to send it to the nullQueue if it contains SYSTEM. 2013-10-24 15:02:34,Major,REMOVE... by cdupuis123 Path Finder in Splunk Search 10-24-2013 0 1 | 0 | 1 | |
| | i have events with two fields: origin and duration i would like to present a table with the count of each origin, al... by ytl Path Finder in Splunk Search 10-24-2013 0 1 | 0 | 1 | |
| | Hello, I am new to Splunk and trying to come up with a way that would grab the usernames in certain lines (21_ubl) o... by brywilk_umich Path Finder in Splunk Search 10-24-2013 0 4 | 0 | 4 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Become An Expert
Top Labels
-
administration
3 -
alert action
3 -
alert condition
2 -
Analytics Workspace
2 -
authentication
1 -
chart
946 -
Classic dashboard
1 -
configuration
2 -
correlation search
1 -
count
1,007 -
Dashboard Studio
3 -
data
3 -
data model
1 -
development
6 -
distributed search
1 -
drilldown
1 -
email
1 -
eval
2,616 -
field extraction
2,022 -
fields
2,064 -
host
1 -
index
4 -
indexer
2 -
inputs.conf
1 -
intermediate forwarder
1 -
introduction
5 -
join
1,060 -
JSON
2 -
Linux
2 -
login
1 -
lookup
1,567 -
metadata
310 -
monitoring console
2 -
other
184 -
panel
2 -
PDF
1 -
Python
1 -
regex
1,499 -
report acceleration
2 -
rex
1,250 -
SAML
1 -
saved search
5 -
scheduled search
4 -
scripted input
1 -
search
2 -
search head
3 -
search job inspector
685 -
search peer
1 -
simple XML
1 -
source
1 -
sourcetype
4 -
Splunk Web Framework
1 -
splunk-assist
1 -
splunkd
1 -
stats
3,565 -
subsearch
1,732 -
summary indexing
4 -
table
1,755 -
time
1 -
timechart
1,158 -
transaction
453 -
transforms.conf
1 -
troubleshooting
8 -
tstats
569 -
universal forwarder
5 -
using Splunk Cloud
2 -
using Splunk Enterprise
13 -
Windows
3
- « Previous
- Next »
Get Updates on the Splunk Community!
Think Like an Architect: Introducing the Splunk Certified Cybersecurity Defense ...
In cybersecurity, defenders respond to threats. Architects design the systems that stop them.
As ...
Index This | What has goals but no motivation?
June 2026 Edition
Hayyy Splunk Education Enthusiasts and the Eternally Curious!
We’re back with this ...
Deep Dive: Accelerate threat investigation with Splunk’s AI Assistant in Security
AI is one of the biggest topics in the market today, and for security teams, its value goes far beyond the ...
Unanswered Topics
