Splunk Search

Ask a Question

Discussions

Thread Info

The lookup table 'dm_audit_class_type' does not exist. It is referenced by configuration 'WinEventLog:Security'

Hello Please help me this issue The lookup table 'dm_audit_class_type' does not exist. It is referenced by...

by Explorer in

how to solve the date issue and how to count the _raw fields from a log using time chart

Hi I have uploaded a log contains below type of events with time stamp; ...

by Path Finder in

Problems w/ basic lookup table.

added the table files & definitions w/ just defaults. command is sourcetype="hitachi_poolinfo" host="*0695*" %...

by Contributor in

How to use splunk to compute and display the cost of a downtime

Hi, I'm new to splunk. So, please bear with me if my question is lame and splunk is not meant for such things. ...

by Engager in

How to achieve Optimized Search time in Splunk

Now its being a serious issue. I need some expert advice for this. Scenario: Splunk 5.0.2 Data Input : TCP License: ...

by Contributor in

Turn Search History off ?

any way to turn the search history off ?

by Explorer in

Default sort order in query result

I use Splunk 5.0.2 with Java SDK 1.1. I've noticed that the results of a search are sorted according to the _time ...

by Explorer in

Data sampled at different rates .. "expand" one to fit the other?

I have two sets of data in splunk -- every 10 minutes we get a host and watts measurement; every hour we get a host a...

by Path Finder in

update lookup table with outputcsv

I would like to update an existing app lookup table with static known fields instead of search results, for example m...

by Contributor in

Can Splunk dynamically extract JSON Key names while joining the event with other sourcelogs?

The following query is able to join two source logs where one of the source logs is in json format: (sourcetype="r...

by Motivator in

[HowTo] Script to automatically fill lookups

Hi Splunkers, one great way to bring additional information into your data is the use of lookups. One problem I fo...

by Path Finder in

timechart day offset

I am trying to run a timechart against a summary index (the summary is populated once an hour) and split into 24 hour...

by Contributor in

Adding filed format to dynamic field names

Dear All Hope you are doing good. I want to add the $ to my data but field name is dynamic so how can i add $ t...

by Contributor in

I think I have a problem with my Splunk Indexer filter. What is the best way to troubleshoot?

Hi! I am trying to setup filtering on my Splunk server that is receiving events from the Splunk universal forwarder o...

by Engager in

How to get the populer distribution channel by geographicaly

Dear All, I have a data of insurance i want to check which is most popular channel of distribution by state. Th...

by Contributor in

_time is not picking properly ?

Hi.. I have configured splunk to pick the _time from the logs . i.e that is BST time in my log . but all of a sudd...

by Motivator in

Convert string to decimal number

Hello, i have a field extraction where i have values who are like 21,3 splunk recognizes them as string. but th...

by Communicator in

Different format data

Hi, Some examples of our urls. And we need data in the below format (Needed format). You can see that the needed f...

by Contributor in

Rex in Case command?

Hi All In the logs there are multiple Oracle codes with different reasons e.g. Product Mapping Error ORA-20030:...

by Engager in

Count Sourcetype by Day

Greetings, I am trying to figure out whether data under a given source type is growing. I would like to get these ...

by Builder in

How to include x axis info on chart

Hi, I have created a results chart using this search: | dbquery "DBNAME" "SELECT useraction FROM usertable" | eval...

by Explorer in

How to create mutiple columns for a single field

I have to make dashboard like different age limits as column heading eg. product (age)20-25 (age)30 -35 pr...

by Path Finder in

Errors: Reached end-of-stream/Streamed search execute failed

Running 4.2.4, these errors show up every once and a while when doing a search on a search head: "Reached end-of-s...

by Engager in

Limits that shouldn't be exeeded and potential big data

Hi everyone, below are several questions and each of them is very important for us. Hope for your help. As written...

by Builder in

Can't add new data?!

Hi All! I'm using Enterprise Trial version of Splunk which allows indexing 500MB data a day. I have once specified a ...

by Explorer in

Get Updates on the Splunk Community!

Splunk Search

Discussions

The lookup table 'dm_audit_class_type' does not exist. It is referenced by configuration 'WinEventLog:Security'

how to solve the date issue and how to count the _raw fields from a log using time chart

Problems w/ basic lookup table.

How to use splunk to compute and display the cost of a downtime

How to achieve Optimized Search time in Splunk

Turn Search History off ?

Default sort order in query result

Data sampled at different rates .. "expand" one to fit the other?

update lookup table with outputcsv

Can Splunk dynamically extract JSON Key names while joining the event with other sourcelogs?

[HowTo] Script to automatically fill lookups

timechart day offset

Adding filed format to dynamic field names

I think I have a problem with my Splunk Indexer filter. What is the best way to troubleshoot?

How to get the populer distribution channel by geographicaly

_time is not picking properly ?

Convert string to decimal number

Different format data

Rex in Case command?

Count Sourcetype by Day

How to include x axis info on chart

How to create mutiple columns for a single field

Errors: Reached end-of-stream/Streamed search execute failed

Limits that shouldn't be exeeded and potential big data

Can't add new data?!

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

Using splunk-sdk in user-defined functions in Spar...

Verification of SAML assertion using IDP's cert fa...

ジョブを消しても復活する現象について

splunk threat intelligence taxii data

Splunk DB connect add-on InfluxDB 2.6