Splunk Search

Discussions

Thread Info

IFX Field Extraction issue

I have the following event (see bottom of the post) and I need help extracting various fields and I am not having muc...

by Communicator in

New sourcetype linebreaking issues

Hi, I'm a new Splunk user and I'm trying to define a new source type. My log file looks like: ----------- Na...

by Communicator in

Help on flash chart, chart overlay in max, min column and mean line

I need help with this advance XML for chart overlaying and flash chart. I need to display a mean line over the column...

by Path Finder in

'Unknown search command 'return' in a new app

Setup a new role for a specific app with below configuration. [role_demo] rest_properties_get = enabled search = e...

by Splunk Employee in

can i create look up for eventtypes ?

Hi . I have using the different eventtypes for my search query like this .. 1.et_Accepted 2.et_Rejected 3.et_Ex...

by Motivator in

How to protect from anyone creating lookup tables with outputlookup?

It seems anyone can create a new lookup table, or overwrite an existing one's content. Is there a way to set permissi...

by Splunk Employee in

Last event grouped by

Hi, I am building an app for managing some network switches. One of the views I want to create has the same data l...

by Path Finder in

how can I change the size of the appLogo area? I would like to add a bigger Logo that is not cut in half.

I would like to use a bigger image than 156X43, how can I adjust the size of the top bar area?

by Explorer in

Can I make two lookup tables that specify the same output field name?

Hi, i have individual IPs and then CIDR blocks that i want to look up and group them using a look up table. I am a...

by Contributor in

lookup table to show values that do not match

hi - I have a look-up table of errors codes and descriptions, and a log file with errors codes lookup error_descri...

by Path Finder in

field extraction where the data may need a lookup

I'd like to do a field extraction on these fields: proto=udp/67 proto=tcp/http proto=udp/9060 Should become pro...

by Communicator in

configuring splunk to start at boot time config file

Is there a .conf file in splunk where you can configure splunk to start at boot time?

by Splunk Employee in

Find top n in each group

I have a collection of records in [object_name, execution_time] format. I want to gather top 10 (i.e. first 10 in sor...

by Engager in

Problem with extracted field

Hi, I am not able to see extracted fields in "Interesting field list",however fields are visible in Manager. What ...

by Communicator in

Problems with search on chart

I saw this command and tried to imitate it sourcetype="wind" | eval intscale="SCALE"+tostring(floor(scale/10)*10) | ...

by Communicator in

Issue with props.

Hello This is the props.conf which I have now [xxx] TIME_FORMAT = %a %m/%d/%Y %H:%M:%S.%2N (Is this supposed t...

by Motivator in

Advance chart question

I have these data and I would like to create a chart using different location together against temperature (Y-axis) a...

by Communicator in

00時00分00秒のイベントが取り込まれない

1秒毎に書き込まれるファイルをSplunkでモニタリングしていたところ、 00時00分00秒の書き込みだけSplunkに認識されませんでした。 （勿論、00時00分00秒のログへの書き込みは確認しています。） 因みにタイムスタンプはロ...

by Contributor in

db connect and user roles

Hi, Is is possible for a user other than admin, power user for example, to setup database connections, databases look...

by Path Finder in

MySQL Connector

Hi I'm new to splunk and using free version . I'm trying to connect MySQL with splunk However I'm not able to see Dat...

by New Member in

creating field for url

How can I create a field for url? I am unable to do it by field extraction.

by Explorer in

earliest or latest time in outputcsv filename

Hello! I have multiple saved search. Each search covers the period of 12 hours. Accordingly, each search has a ear...

by Communicator in

Event Builder

I am a newbie to splunk and looking to build events for the below log, { "crash_reasons": [ { "app_id": 24669, "...

by Path Finder in

Lookup Table Problem

Hi, I have a problem when using lookup function in Splunk. I am using a lookup table in C:\Program Files\Splunk\et...

by Explorer in

how to transpose rows into multiple columns based on grouping?

Hi, I have a query which fetches me the below result in a table: Thread | Total_Run_Time READER_1_1_1 303.97...

by Engager in

Get Updates on the Splunk Community!

Splunk Search

Discussions

IFX Field Extraction issue

New sourcetype linebreaking issues

Help on flash chart, chart overlay in max, min column and mean line

'Unknown search command 'return' in a new app

can i create look up for eventtypes ?

How to protect from anyone creating lookup tables with outputlookup?

Last event grouped by

how can I change the size of the appLogo area? I would like to add a bigger Logo that is not cut in half.

Can I make two lookup tables that specify the same output field name?

lookup table to show values that do not match

field extraction where the data may need a lookup

configuring splunk to start at boot time config file

Find top n in each group

Problem with extracted field

Problems with search on chart

Issue with props.

Advance chart question

00時00分00秒のイベントが取り込まれない

db connect and user roles

MySQL Connector

creating field for url

earliest or latest time in outputcsv filename

Event Builder

Lookup Table Problem

how to transpose rows into multiple columns based on grouping?

Observability Unlocked: Kubernetes Monitoring with Splunk Observability Cloud

Wrapping Up Cybersecurity Awareness Month

🌟 From Audit Chaos to Clarity: Welcoming Audit Trail v2

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions