Splunk Search

Ask a Question

Discussions

Thread Info

Splunk.Module.Search Context failed to dispatch job for search XXXX

Hello, I have a dashboard where I do several search/ display and randomly I have the error given in the title so I...

by Contributor in

how can i save a shedule search?

Hi Can you help me in a saving a schedule search that runs for every 15 seconds .. how can i do it ? i have seen t...

by Motivator in

Update a single field in lookup table from a search

Fellow Splunkers, I've got an automatic lookup table (lookup.csv) which has a field in called Count. Every time my...

by Communicator in

timechart question

In the timechart docs, the following example was provided: sourcetype=access_* | timechart count(eval(method="GET"...

by Explorer in

Issues with Lookup In Alert

I've created an lookup (lookuptest) from a CSV file which has three values per row e.g. Filter,Limit,Timing VALUE...

by Path Finder in

Sending mail to gmail or other account

Hi, My scenario is to send reports to clients to their personal mail id's like gmail, but how to know the server name...

by Path Finder in

Top 10 Event Counts with date/time of last event

Guys, Im looking to figure out a way to determine when the last event happened in a top ten report. For example: ...

by Explorer in

What if tail -f option is enabled

Hi, What specifically the tail -f option do, in which scenario it works perfect. Please any example would be great..

by Path Finder in

Why is everything "No results found" in Web Intelligence Beta?

Am trying to index web logs from an intranet site, so I did the setup for Web Intelligence as follows: sourcetype="ac...

by Path Finder in

Regex not appearing to work

I'm having some issues with using regex to define the host of some events from an ASA. The events are in the format b...

by Path Finder in

How do we standardize configs across thousands of servers?

It does not appear that there's any way to do host templating. We have 1000s of servers, many of which are based off ...

by Splunk Employee in

Splunk DB Connect - Tail only from latest value in database?

Still trying to get the tail monitor working. It seems that once it's enabled and scheduled, then executed, the first...

by Explorer in

Does charting data age out over time?

Does the charting data "age" like RRD data (as an example: a 5 minute sample rate gets turned into a 15 minute averag...

by Splunk Employee in

Is it possible to add labels to values in a results table?

Is there any way to tack labels, like units of measure, onto values in a table of results, similar to how it can be d...

by Contributor in

SimpleResultsTable in HiddenPostProcess can not work

Hi, I want to create a dashboard with 4 tables. I used a hidden search with 4 hiddenpostprocess(s). But all 4 tabl...

by Path Finder in

I disabled global metadata on some indexers and now my indexing queue is blocked. Why?

We upgraded from 4.2 to 4.3.5 because we had a sources.data that was many GB in size. To resolve this, we tried to up...

by Splunk Employee in

Search returning only 1000 rows

I am sending CSV files to my Splunk machine. These files vary in record count from 1 to 5000. When I search for all o...

by Engager in

Substracting chart contents over a range

I have a question about constants and timechart/chart/stats I have a search like this sourcetype="syslog" | ......

by Builder in

Passing Variables OR Writing to a file

Greetings, I am trying to output an IP address from a search to a script. My goal is to have the search call a scr...

by New Member in

BREAK_ONLY_BEFORE_DATE catches serial numbers

I'm trying to get Splunk to properly break multi-line events from Radiator radius server using BREAK_ONLY_BEFORE_DATE...

by Path Finder in

can't get a field to appear when using stats

A have a ...| selfjoin subsearch which joins on two fields id, vid. I then pass the fields I want kept to my main sea...

by Communicator in

CLI Search is NOT exactly the same in WEB GUI

Hello I am forwarding remote Linux machines' logs to central splunk; and doing the simple GUI search as below: source...

by New Member in

Download link in a table?

Hi all: Is there an easy way to put a download link in a table? I've got a dashboard with IDS events, and I need t...

by New Member in

how to join 2 log files using splunk

Hi, I am having 2 log files like this 1) abc.log 2) master.log In the master.log I am having master data like U...

by Explorer in

rounding percentage comes back blank, adding commas ruins sorting

Hi, I am using a query that uses the awesome percentage value feature built into stats. It outputs into a table that...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Splunk.Module.Search Context failed to dispatch job for search XXXX

how can i save a shedule search?

Update a single field in lookup table from a search

timechart question

Issues with Lookup In Alert

Sending mail to gmail or other account

Top 10 Event Counts with date/time of last event

What if tail -f option is enabled

Why is everything "No results found" in Web Intelligence Beta?

Regex not appearing to work

How do we standardize configs across thousands of servers?

Splunk DB Connect - Tail only from latest value in database?

Does charting data age out over time?

Is it possible to add labels to values in a results table?

SimpleResultsTable in HiddenPostProcess can not work

I disabled global metadata on some indexers and now my indexing queue is blocked. Why?

Search returning only 1000 rows

Substracting chart contents over a range

Passing Variables OR Writing to a file

BREAK_ONLY_BEFORE_DATE catches serial numbers

can't get a field to appear when using stats

CLI Search is NOT exactly the same in WEB GUI

Download link in a table?

how to join 2 log files using splunk

rounding percentage comes back blank, adding commas ruins sorting

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

What’s New in Splunk Observability – September 2025

Fun with Regular Expression - multiples of nine

In Splunk studio, is it possible to populate a tex...

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

Splunk Search

Are you a member of the Splunk Community?

Discussions