Splunk Search

Discussions

Thread Info

Can't replace a healthcheck string in nginx

Hi, I have looked at the docs and tried to remove a line from nginx access log regarding our LB : 192.168.27.16...

by New Member in

Subsearch Realtime - Parent Search Last 5 minutes

Is it possible to have a subsearch looking for a log entry in realtime, then take that field and look back the past 5...

by Builder in

Using rex to extract one or two character digit from string

Hello I am trying to extract some digits from a string and I can't seem to get the regex to work. Here is an example ...

by Path Finder in

I just need to see a simple example of using click.value where my summary chart can be used to drill down to raw events.

I've got a dashboard that renders using summarized data. When a user clicks on the chart, I want Splunk to return the...

by Champion in

Search for unique count of users

Hi, I have a Splunk query which lets me view the frequency of visits to pages in my app. sourcetype="iis" sourc...

by Explorer in

Splunk for Exchange 2.0 - Blank charts with 4.3.4

Hello, I just upgraded from 4.3.3 to 4.3.4 and Splunk for Exchange to 2.0, and now it seems that all the charts ar...

by Path Finder in

Count By host

I am using this statement below to run every hour of the day looking for the value that is 1 on multiple hosts named ...

by Motivator in

how to avoid duplicates when a log file is read from an url using scripted input ?

we are reading http logs from a weburl using the curl command the webserver log is exposed as http://host/webserver.l...

by New Member in

Define size up popup window in ViewRedirector module

Is there any way to define the size of a popup browser window when using the ViewRedirector Module? Tr...

by Builder in

My Selected Fields do not stay in the Selected Fields Area

I have some saved searches and I have fields from a data source (csv file) and my fields are defined in props and tra...

by Explorer in

Multi-valued Index-time key extraction not working, please help!

Hi all, I've been struggling with Splunk for weeks now (and had Developer training!) and I still can't get it to d...

by Explorer in

Migrating from Windows to Linux

Hello Splunkers, (1st post) I'm closing down one a Splunk 'test' instance we have on a Windows virtual machine and br...

by Contributor in

regular expression for XML Log

I have following log in xml format <tec><items><item><name>Status</name><value>Online</value></item><item><name>Co...

by Builder in

Can't extract fields names from tab delimited source

Hi. I'm new to Splunk. I've got basic import and searching working on the windows install, but I want to get the fiel...

by Explorer in

fomation in pattern matching- please help urgently

I have 2 keywords and I am running query : index="maa" | table Name Age Location | rex field="Location" (? ...

by Contributor in

want 0 count if keyword does not match

index="usb_weekly_data" |rex field="src_file_name" (? (?i)"presentation") | stats count as First by key_word ...

by Contributor in

bar chart with five search

I want to create a bar chart with these following search eventtype="et_system_metrics" Stage=A* | stats count(ev...

by Builder in

What's wrong in this sub search ?

What is the wrong in this sub search ? Individually both are working fine. eventtype="et_system_metrics" Stage=A*...

by Builder in

docs.splunk.com wrong link to answers

Dear Doc Team, if one uses the link to Answers on top of the docs.splunk.com page, you end up at docs.splunk.com/A...

by Legend in

problem with REX

I am giving the following search : index="maa" | table Name Age Location | rex field="Location" (? (?i)"de...

by Contributor in

how to merge multiple rex commands

Hi, I have a query as follows : index="maa" |rex field="Location" (? (?i)"delhi") | eval ONE=lower(ONE)...

by Contributor in

Search for items not matching values from a lookup

Related to http://splunk-base.splunk.com/answers/7581/best-way-to-search-using-a-lookup-table I want this inverse ...

by Explorer in

Rex in If else ladder

Hi, I am running the below query and want to print 0 for the keyword that is not matched , can this be possible to gi...

by Contributor in

Alerting based on deviation on multi dimensional data

I have a challenge that I'm hoping someone can help with. There are around 24,000,000 events being indexed per 24 ...

by Path Finder in

Unabe to get the search result in text box using javascript inside html module

Hi, Just have a look at this code < module name="HiddenSearch" layoutPanel="panel_row2_col1" autoRun="True"> ...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Can't replace a healthcheck string in nginx

Subsearch Realtime - Parent Search Last 5 minutes

Using rex to extract one or two character digit from string

I just need to see a simple example of using click.value where my summary chart can be used to drill down to raw events.

Search for unique count of users

Splunk for Exchange 2.0 - Blank charts with 4.3.4

Count By host

how to avoid duplicates when a log file is read from an url using scripted input ?

Define size up popup window in ViewRedirector module

My Selected Fields do not stay in the Selected Fields Area

Multi-valued Index-time key extraction not working, please help!

Migrating from Windows to Linux

regular expression for XML Log

Can't extract fields names from tab delimited source

fomation in pattern matching- please help urgently

want 0 count if keyword does not match

bar chart with five search

What's wrong in this sub search ?

docs.splunk.com wrong link to answers

problem with REX

how to merge multiple rex commands

Search for items not matching values from a lookup

Rex in If else ladder

Alerting based on deviation on multi dimensional data

Unabe to get the search result in text box using javascript inside html module

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

Using splunk-sdk in user-defined functions in Spar...

Verification of SAML assertion using IDP's cert fa...

ジョブを消しても復活する現象について

splunk threat intelligence taxii data

Splunk DB connect add-on InfluxDB 2.6