Splunk Search

Ask a Question

Discussions

Thread Info

show transactions that are taking 20% more time than previous year

Hi splunkers, I came across a situation where 1) I have to find out transactions that are taking 20% more time tha...

by Communicator in

Different TimerangePicker Options for Different Panels on Same Dashboard

Hi, I've 10 panels on a dashboard displayed using Advanced XML & each of those are having drop-down which uses Tim...

by Path Finder in

Lookup Configured, Now I Need More Fields...

We are comparing a list of policies (uploaded as a lookup, using "policywithdescs") against our firewall data and det...

by Builder in

alert when one transaction duration more than average duration*10?

There are continuous transactions' log into Splunk. Is it possible to let Splunk alert when some transaction's durati...

by Path Finder in

Transaction by time range and calculate

I have a log that tracks the number of documents. I would like to know how to find and table/graph the number of NEW ...

by Communicator in

Add column total to timechart graph as annotation

Hi, I have a timechart that, say, graphs successful calls over a month but it would be good to add the total for the ...

by New Member in

Combine multiple spans in timechart

Hi, I would like to chart daily, weekly and monthly active users (a lot like Facebook's Insights) all on the same gra...

by New Member in

Splunk search command for daily indexed volume?

Hi, I am currently testing out two searches to report and alert on the daily indexed volume. The first search ...

by Contributor in

Build a chart of multiple data series

Hi to everyone, I am designing an application where my users will potentially need to be able to generate a chart...

by Influencer in

How to find address from gps coordinates specified in a field and write the address to a new field?

I need to use the latitude and longitude co-ordinates specified in my field gps and find address of the location the ...

by Path Finder in

How to find the most recent event for a user preceding some other event

I have a set of user activity logs, each of which identifies an event-type and a user-id. One possible event-type is ...

by Path Finder in

How do I parse a text line and grab only 1 value

New to splunk so don't laugh too much at this - I have many strings that look similiar to this: [71] 20130226.0...

by New Member in

Can i have a form with two search queries and two search buttons ??

Hi.. Can I have a form or dashboard ..with two search buttons ...i.e I need two panels 1 and 2 ..in first panel se...

by Motivator in

Epoch timestamp extraction not working

I'm having difficulty extracting an Epoch timestamp in the following format - 1361463359598 I can validate that th...

by Splunk Employee in

PDF Report Server

v4.3.1 on sles 11.1 pdf server is local with splunk. when i try to preview a report the graphs/pictures are blank ...

by Contributor in

Regular expression works inline via 'rex', but not in EXTRACT.

I have an enterprise application made of components that log to several different files. Some filenames are occasiona...

by Path Finder in

Splunk Errors

Hi, I am getting this error when I open one of my dashboards today. " Error in 'databasePartitionPolicy': Failed t...

by New Member in

Top Url by place for summary indexing

Hi, I found on this forum the following search : top 10 URL for top 10 Users. I modify this search to comply with ...

by Communicator in

Problem in Lookup

Hi, I am getting the below message when I am using lookup my command .... | lookup "Full_CDI.csv" user_sso E...

by Contributor in

Problem with sources in search

I know this may sound retarded, but I'm really new to Splunk so any help would be appreciated! I have been wondering....

by Explorer in

Counting events within a rolling window (last X seconds from the event's time)

Hey everyone, Given the following dummy events, how can I maintain a count of the events (by FIELD_X) based on a r...

by Path Finder in

Extracting field from JSON and XML response

Depending on the content-type, the response that is logged is either in JSON or XML. I want to create a single query ...

by Explorer in

creating nested tables

Hi , my search is like specified below, Index=main source=file.txt xxx=*| stats values(a) values(b) values(c) by xxx ...

by Builder in

Extracting selected hosts with regex / Regex hosts with exceptions

Hi Splunkers, I am trying to extract the hosts via regex. host="*" | regex host="([a-zA-Z0-9]([a-zA-Z0-9\-]{0,6...

by Communicator in

How to generate Bubbles in advance xml?

using CDR data,I want to display no of call drops occuring in each base station in the form of bubbles or (any visual...

by Explorer in

Get Updates on the Splunk Community!

Splunk Search

Discussions

show transactions that are taking 20% more time than previous year

Different TimerangePicker Options for Different Panels on Same Dashboard

Lookup Configured, Now I Need More Fields...

alert when one transaction duration more than average duration*10?

Transaction by time range and calculate

Add column total to timechart graph as annotation

Combine multiple spans in timechart

Splunk search command for daily indexed volume?

Build a chart of multiple data series

How to find address from gps coordinates specified in a field and write the address to a new field?

How to find the most recent event for a user preceding some other event

How do I parse a text line and grab only 1 value

Can i have a form with two search queries and two search buttons ??

Epoch timestamp extraction not working

PDF Report Server

Regular expression works inline via 'rex', but not in EXTRACT.

Splunk Errors

Top Url by place for summary indexing

Problem in Lookup

Problem with sources in search

Counting events within a rolling window (last X seconds from the event's time)

Extracting field from JSON and XML response

creating nested tables

Extracting selected hosts with regex / Regex hosts with exceptions

How to generate Bubbles in advance xml?

September Community Champions: A Shoutout to Our Contributors!

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

What’s New in Splunk Observability – September 2025

In Splunk studio, is it possible to populate a tex...

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

Splunk Search

Are you a member of the Splunk Community?

Discussions