Splunk Search

Discussions

Thread Info

Metadata Search (Index Selector)

I am trying to create a utility using the metadata command that will allow me to see what sourcetypes exist by index....

by Communicator in

Search split value with spaces

Hi, Newbie here  trying to search value that actually split with spaces: DEBUG PerformanceMonitor [(null)] - P...

by Path Finder in

Join the best option?

I have a search that finds failed jobs from my logs. Each of those failed jobs has a job number. I'd like to then tak...

by Communicator in

Why does using bucket span before transaction command give wrong duration in results?

sourcetype = abc | bucket span=1h _time | transaction user_ip destination_domain maxspan=20s maxpause=2s | stats coun...

by Path Finder in

timechart a mapped search?

Here's a summary of what I'm trying to do: Find a job by IDUse the start/end time of that job to bound a search fo...

by Explorer in

choose top string for a group

So, my data looks like this: code message hash count aaa m1 53e 3 aaa m2 53e 5 bbb m3 54e 15 ...

by Engager in

Using Subsearch to Narrow Data: Contradictory and Inefficient?

Hey spelunkers, I am using a search that has many conditionals, and each conditional further narrows the pile of r...

by Path Finder in

Counter for when event occurs one or more times

I want to set up a search for when an event occurs one or more times in a minute (just whether or not it occurred not...

by Contributor in

How to create a simple chart that tracks a value over time?

I have a value, process memory, how can I create a chart over time?

by Explorer in

where to do a field extraction

Hi, I want to extract, and report on (also, put in a summary index), some standard fields from access logs. I have...

by Champion in

[subsearch]: Subsearch produced 12959 results, truncating to maxout 10000.

When I put below, sourcetype="splunk_page_request" NOT [| inputlookup nmc_crawlers | fields ip_address] I got a...

by Explorer in

Regex expression correction

I used (?i)location : (?P .+) to extract the location. But it always extract the word below it (None). Anyone...

by Communicator in

DB dump not generating results

Hello I am using DB Connect app to get data from a Oracle DB. Everything works fine, but when it runs this query i...

by Motivator in

Changing display from row to pie ? [Used for Google Map Drilldown]

I am working on Google map overlay, is there anyway I can change from displaying row to pie ? s...

by Path Finder in

Increasing rows returned from STAT \ CHART queries

When I run a CHART or STAT query, and the query returns more than 50 rows the output is truncated with the following:...

by Engager in

Retrieve events grouped by event order (first 5, next 5, etc...)

I have no clue how to do this. I've tried autoregress, and I expect it shoudl work, but I end up with gaps in the new...

by New Member in

How to create a new field with values in existing field based on the values in other field.

Hi, I'm new to splunk and seek your help in achieving in a functionality. My log goes something like this, time...

by Path Finder in

Is there a way to save the PDF file on the scheduled PDF delivery?

I have a scheduled job with an email alert. I do get the PDF file as an attachment. I need to download and ftp the at...

by Explorer in

REGEX expression

Hi xperts, someone help me to write the regex expression. with some examples.

by Explorer in

how to write Regex expression

Hi xperts, Am new to splunk. I am uploading my data into the splunk. when i see the preview, it shows me all the e...

by Explorer in

Time Chart - Today - Yesterday - Last week - Not 24hr but by Day

I have a time chart that looks back over the last 24hr and compares the data to Yesterday and 7 days ago. My live dat...

by Contributor in

extracting the value from the match of the "regex" command

Hi Guys I have an objective to trawl our data to ensure it is clean of sensitive data for compliance purposes. ...

by Path Finder in

Custom search text box

Hi, I've created custom text box to search the events in splunk. my xml : < module name="HiddenSearch" layoutP...

by Path Finder in

Which ways are the best for missing custom extracted fields ?

Hi Splunkers, I've encounter the same problems that i cannot get search results of my custom extracted fields. I p...

by Contributor in

Combining similar log entries and counting as one

I have multiple users making a request to a web server each time they type a character into a search box. User 1 is t...

by Engager in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Metadata Search (Index Selector)

Search split value with spaces

Join the best option?

Why does using bucket span before transaction command give wrong duration in results?

timechart a mapped search?

choose top string for a group

Using Subsearch to Narrow Data: Contradictory and Inefficient?

Counter for when event occurs one or more times

How to create a simple chart that tracks a value over time?

where to do a field extraction

[subsearch]: Subsearch produced 12959 results, truncating to maxout 10000.

Regex expression correction

DB dump not generating results

Changing display from row to pie ? [Used for Google Map Drilldown]

Increasing rows returned from STAT \ CHART queries

Retrieve events grouped by event order (first 5, next 5, etc...)

How to create a new field with values in existing field based on the values in other field.

Is there a way to save the PDF file on the scheduled PDF delivery?

REGEX expression

how to write Regex expression

Time Chart - Today - Yesterday - Last week - Not 24hr but by Day

extracting the value from the match of the "regex" command

Custom search text box

Which ways are the best for missing custom extracted fields ?

Combining similar log entries and counting as one

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

Cloud Platform & Enterprise: Classic Dashboard Export Feature Deprecation

Using splunk-sdk in user-defined functions in Spar...

Verification of SAML assertion using IDP's cert fa...

ジョブを消しても復活する現象について

splunk threat intelligence taxii data

Splunk DB connect add-on InfluxDB 2.6