Splunk Search

Discussions

Thread Info

Ho to get search input from csv file

I am having a csv file which contains some production server jobs name to monitor. I want to give those jobs listed i...

by Contributor in

How can I take the results from a search and generate a second search from those results?

Hi all, I have a search that looks for ICID's (injection connection ID) found in incoming SPAM email events. Somet...

by Engager in

Calclute Avg of max values for a given period

Hi everyone, please help me in below task , appreciate your time and effort Use case : in below table for example we...

by New Member in

Compare search fields to add another field if they match

So at the moment I have a simple search index=index sourcetype="sourcetype" host1 OR host2 | table hour day mont...

by New Member in

Rex Not Extracting All Data

HI, I wonder whether someone could help me please. I'm trying to extract the first name from the data as shown ...

by Motivator in

Getting average of variable name fields

Hi! ... | streamstats count as SESSION by PATIENT_ID PROGRAM_NAME | chart values(AVG_RT) over SESSION by PROGRAM_N...

by Path Finder in

Storing a REGEX filed into a DataModel

Hi All I am looking for the best approach to an issues i have. I have multiple files that start with the follow...

by Motivator in

How to add event duration time for multiple events into one row?

Hello, I'm trying to find the correct syntax to get the total time a device was in an alert status. The events ha...

by New Member in

Working with Lookup

I am having below requirements to be merged to create a dashboard/Report. Need to append my search result to the l...

by Contributor in

i have a results which has order status across many system. i want to group by order status with system in bar graph

status1 status2 status3 status4 status5 complete failed complete complete failed cancelled inprogress failed success ...

by Builder in

How to give every event all fields that occur in any event already processed in search

So I've managed to make the first few events be those which have the 25 extra fields, but how do I make all following...

by Engager in

How can I search for a URL that a user or users may have clicked on from a SPAM or phishing email?

Often times users click the link or open a attachment in a SPAM or phishing email. I would like to be able to enter a...

by Engager in

How to join multiple tables / stats to a single table

In our application, we are processing files received by our application. In various places, we have logs as follows: ...

by Explorer in

I Want to split the results by hour and server

Hi all, We have data coming from 2 diferent servers and would like to get the count of users on each server by hou...

by Explorer in

'Error in 'search' command: Unable to parse the search: Comparator '>' is missing a term on the left hand side'

Hi, I am getting the below error 'Error in 'search' command: Unable to parse the search: Comparator '>' is missing a...

by Explorer in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Ho to get search input from csv file

How can I take the results from a search and generate a second search from those results?

Calclute Avg of max values for a given period

Compare search fields to add another field if they match

Rex Not Extracting All Data

Getting average of variable name fields

Storing a REGEX filed into a DataModel

How to add event duration time for multiple events into one row?

Working with Lookup

i have a results which has order status across many system. i want to group by order status with system in bar graph

How to give every event all fields that occur in any event already processed in search

How can I search for a URL that a user or users may have clicked on from a SPAM or phishing email?

How to join multiple tables / stats to a single table

I Want to split the results by hour and server

'Error in 'search' command: Unable to parse the search: Comparator '>' is missing a term on the left hand side'

Index This | Why do they call it hyper text?

State of Splunk Careers 2023: Career Resilience and the Continued Value of Splunk

The Great Resilience Quest: 9th Leaderboard Update

Users with the same roles, in the same app, and sa...

auto_generated_pool_download-trial

Automatic lookup during data ingestiont (Splunk cl...

Working with OpenTelemetry Cumulative Histogram Bu...

Better PDF report visualization