Splunk Search

Ask a Question

Discussions

Thread Info

search correction with NOT

I have an alert setup. It is like "ABC-* NOT ("ABC-1" OR "ABC-2") "ABC-1", "ABC-2" being stuff I have taken car...

by Path Finder in

Simple Form not displaying results in form

Below is the xml for my form, once the search is executed, the results are not getting displayed in the form: ...

by New Member in

How to send the matching value in the log file , in the email that we send as a part of the alert

I had a query in Mind till now I only know that Splunk only sends the count of the events happened during the time du...

by Explorer in

Convert a string into a number

I extracted some values into a field using the field extractor and now I need to convert it into a number to use sum(...

by Splunk Employee in

Custom search by Date on results pulled from DB

Hello Splunk Community, I am very new to splunk and am currently having a small issue. I have a search query which...

by New Member in

Searches And Reports - Sorting in Sub Menu

hey guys - Need some help in sorting the "Seraches And Reports" tab - it has lot of reports configured and all show i...

by New Member in

How to create a eval-based macro

I am trying to approximate the distance between two points. Each point has a latitude, longitude, and elevation. Unfo...

by Explorer in

Wildcards in search

I need some help on the syntax of wildcards in the search. I have multiple servers and I don't want to keep using OR....

by Path Finder in

How to get Delta for specified time range

Hi, we are monitoring some of the counts and we would like to get the delta from last hour to this hour.This job r...

by Contributor in

Moving Flash charts to HTML5 or Java charts for a dashboard view

Hello, I have created custom views for a dashboard. However, the charts are flash based This creates a problem for...

by Path Finder in

Math precision

I am seeing what appears to be inconsistencies in how Splunk does math in eval statements. Most of the time, it appea...

by Path Finder in

Search for JSON data that does not contain a field

We are sending Json formatted data into splunk. How can I search for all messages that that DO NOT contain a certain ...

by Path Finder in

Can I specify a regex in a lookup table to group similar requests into the same output lookup?

Hi, We would like to create a look up table based on some user agents. Mozilla/5.0 (compatible; Traverse/0.1; ...

by Contributor in

Display Standard Deviation (stdev) Percentage

I'm looking to calculate the Standard Deviation percentage (stdev / mean) * 100 but I'm wondering how do I craft the ...

by Communicator in

Get results in one chart

Hello I am new to Splunk but have found it quite useful. My question is this: I have 2 searches that looks in the ...

by Builder in

list all events greater than average

Hi, I want to find the average number of different IP's over a given time and list all IP's above that count so if...

by Path Finder in

PARSER: Applying intentions failed This search cannot be parsed when parse_only is set to true

Hey All, I have a search that displays a timechart correctly in the search area but not when I'm trying to display...

by Splunk Employee in

Timechart add value that doesn't appear in log

Hello, I'm trying to add a value to my timechart which doesn't appear in my log. That search gives me my graph ...

by Explorer in

Plotting duration on chart

hi, I want to show time taken by a process to complete in seconds on time chart. sample log entries 4432 [e0...

by Communicator in

simple question on transactions

The transaction command works with a common field across logs. how can we group multiple events which might have the ...

by New Member in

How to create a (where) Alert parameter

I'm using (where) to alert me if a field exceeds 80% but what I also need is to prevent it from alerting if that fiel...

by Communicator in

max after stats, chart

Hi, I have a result that comes from: search ... | stats count by MB MB count 3.1 4 2.8 2 3.6 1 2.3 5 3....

by Contributor in

Problem with transaction command

hi, I want to find out transactions which does not satisfy endswith condition This is my search index=tm_idx host...

by Communicator in

Grouping related events

Hello.. I am having a bit of hard time trying to get my head around a report that I am attempting to create. What...

by Communicator in

Help with timechart

Hi, This is my query index=tm_idx host="audit" ID=144 | timechart count by client its giving me chart shown be...

by Communicator in

Get Updates on the Splunk Community!

Splunk Search

Discussions

search correction with NOT

Simple Form not displaying results in form

How to send the matching value in the log file , in the email that we send as a part of the alert

Convert a string into a number

Custom search by Date on results pulled from DB

Searches And Reports - Sorting in Sub Menu

How to create a eval-based macro

Wildcards in search

How to get Delta for specified time range

Moving Flash charts to HTML5 or Java charts for a dashboard view

Math precision

Search for JSON data that does not contain a field

Can I specify a regex in a lookup table to group similar requests into the same output lookup?

Display Standard Deviation (stdev) Percentage

Get results in one chart

list all events greater than average

PARSER: Applying intentions failed This search cannot be parsed when parse_only is set to true

Timechart add value that doesn't appear in log

Plotting duration on chart

simple question on transactions

How to create a (where) Alert parameter

max after stats, chart

Problem with transaction command

Grouping related events

Help with timechart

Community Content Calendar, November Edition

October Community Champions: A Shoutout to Our Contributors!

Stay Connected: Your Guide to November Tech Talks, Office Hours, and Webinars!

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions