Splunk Search

Discussions

Thread Info

How to ignore timestamp to group events and show # of occurences by ComputerName

I need to run weekly reports that show all Error Messages that have occurred and have it split by the computernames a...

by Path Finder in

how can we add data to a lookup file thorugh form ???

Hi . I have using a form with a textbox and search button ? wat ever the data i given in textbox it should be adde...

by Motivator in

Issue with automatic field detection

We have customized our internal applications to a custom key=value schema and it usually works well. Splunk usually r...

by SplunkTrust in

union results in a table

I am trying to display in one table a difference from a performance log to a specific service from 2 diffrent times (...

by Explorer in

splunk search to find who (ip's) connects to port 9997

Hi, I am looking for a splunk search to find which IP's are connecting to port 9997? index=sys_*prod source=net...

by Explorer in

Using regex to replace letters in a search.

Hi, I'm performing a search using advanced xml that returns a key/value pair (among other things). E.g. Filenam...

by Explorer in

Need chart for two values

Hi I have a basic XML file returning, Date-time value and a value in seconds see example("GmtDateTime":"2013-08-14...

by New Member in

how to snap to time unit of 5 minutes

for example: if the current time 5:23:20 PM, how can i get the time 4:55:00 PM. and if the current time 5:26:12 PM, h...

by Explorer in

Add a clock to the header

Anyone have a suggestion on how I can add a digital clock or even a world clock to the header in the default view for...

by Motivator in

Removing all numbers from _raw message

I want regex to remove all numbers from _raw message. Right now I have the search * |rex mode=sed "s/ \d{1,}//g" ...

by Contributor in

How to include 2 search in one results?

Hi, I have one problem here. I need to create a search with 2 groups, and create a chart with result. Exa...

by Engager in

Field extraction not working on distributed search

I am trying to create a field extraction using the manger to extract the equivalent of: sourcetype=jsonLogs | rex ...

by New Member in

Eval string until character

Hello! I'm having strings that are very specific. I'm trying to agregate them, so what I want is just to keep the ...

by Path Finder in

Help on top10 search with variations

Hi community, let's say we have a online shop which is selling products which could appear in different variations...

by Path Finder in

Windows security events search

I have to capture the failed login attempts over windows machines. I am filtering on the basis of EventCode=4625. Fo...

by Path Finder in

Field _time should be less than a week

Dear Splunkers, My search results contain fields Name, Time as Test1, Test2, Test3, Test4 and 1375351200.000, 1417863...

by Path Finder in

regex formation for source type and filed extraction.

hi, these are my sample log file-: < Jul 15 23:48:33 Phase 0 running (1132 seconds) CPU Time Status Skew Vertex 0...

by New Member in

Lookupに作成されたCSVファイルについて

outputlookupコマンドでLookupファイルに作成したcsvは、自動的に更新はされるのでしょうか。

by Contributor in

Count number of occurrences of a field in a transaction search

Hi, i am creating a correlation between two different event sources and then run a transaction based on the src ip...

by Explorer in

Aggregate report on a multi-value field

I have a data set like the following: 01/21/2013 /root1/url,/root2/url,/root2/url 02/22/2013 /root1/url,/root3/u...

by Explorer in

Using extracted fields in automatic lookups

I have a series of fields I've extracted using the GUI for a particular sourcetype. I've also set up a lookup table, ...

by Explorer in

sub-search and destIP foreach srcIP

Hello, I would like to obtain a complete list of all connection. for exemple : SRC | DST |P...

by Path Finder in

Yet More field extraction problems

My application logs to win event application log. I have the following log and am trying to extract the SAG: values: ...

by Engager in

Field Extraction using regex command

Hi, I have SharePoint logs.Here i have a field called message and I'm trying to extract the exceptions from the me...

by Communicator in

Why does the splunk could not display the log but could receive the udp packets?

My splunk server could receive the udp packets from the clients, but it could not display the log, what should I do t...

by Communicator in

Get Updates on the Splunk Community!

Splunk Search

Discussions

How to ignore timestamp to group events and show # of occurences by ComputerName

how can we add data to a lookup file thorugh form ???

Issue with automatic field detection

union results in a table

splunk search to find who (ip's) connects to port 9997

Using regex to replace letters in a search.

Need chart for two values

how to snap to time unit of 5 minutes

Add a clock to the header

Removing all numbers from _raw message

How to include 2 search in one results?

Field extraction not working on distributed search

Eval string until character

Help on top10 search with variations

Windows security events search

Field _time should be less than a week

regex formation for source type and filed extraction.

Lookupに作成されたCSVファイルについて

Count number of occurrences of a field in a transaction search

Aggregate report on a multi-value field

Using extracted fields in automatic lookups

sub-search and destIP foreach srcIP

Yet More field extraction problems

Field Extraction using regex command

Why does the splunk could not display the log but could receive the udp packets?

Splunk Observability for AI

🔐 Trust at Every Hop: How mTLS in Splunk Enterprise 10.0 Makes Security Simpler

Observe and Secure All Apps with Splunk

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions