Splunk Search

Ask a Question

Discussions

Thread Info

Best way to index SQLite DB file?

Hello, I need to index a SQLite DB file. However when I tell Splunk to monitor the file and I look at the indexed ...

by Communicator in

Building KV Pairs

Hi folks, I am trying to build KV pairs from some UNIX command output. The log entries look like the output below....

by Explorer in

duration of two consecutive log statement

Hi, I tried to use "transaction" command but I couldn't get what I wanted, I thought to ask the question here if s...

by Path Finder in

Return top item in a transaction, with fields appended

Greetings everyone. I am working with call records, and any particular record represents a call leg. Everything done ...

by Builder in

How splunk decide date/time in _time field?

How splunk will decide for date/time in _time field? I am getting strange date/time. In first event I don't hav...

by Builder in

Memory usage 100% stacked graphs for multiple servers?

Based on Stephen Sorkin's advice here, I'm attempting to create some 100% stacked graphs for memory usage across a nu...

by Path Finder in

timechart of traffic v commerce

Based on example 4 at http://docs.splunk.com/Documentation/Splunk/latest/SearchReference/Timechart I'm trying to gene...

by Engager in

Search Performance Problem

I have a simple search that is not performing well over a large dataset. System: Sun/Oracle x4540 Processors: 12 cpu ...

by Path Finder in

How to get search results for each date for the specificed date range

Hi, I have a requirement to get the report which has error code count for each date for the mentioned date range f...

by New Member in

How to display multiple search values as search coumns in the search table

Hi, My application has lot of error codes(all most 35) which logs in the log file. I want to get count of each err...

by New Member in

Visualizing output from top in a bar chart

I would like to create a bar chart that lists the top 10 hosts with the highest count of events. But rather than have...

by Builder in

Regular search for all results

Hi, I am using the Splunk API (with Python) to pull all values of a given record from a given index. I would like to ...

by Engager in

Display Last Event Time in Stats function

Hi, I would like to display the last event time when using stats function. the following search string works but the ...

by Builder in

What is the maximum number of real-time searches that can be running?

I have about 50 real-time searches setup, but when I look at the running jobs, I don't see all of them. Can someone p...

by Explorer in

How to show only certain values in a chart

I have a search that get code values: How can I show only the count of 4 values in a chart and have the rest reported...

by Explorer in

Lookup Table returning incorrect data

I have a Lookup Table the returns data from all 32 columns, but many times data that is confirmed good in the assetli...

by Communicator in

How to use splunk for binary log file?

Our application is generating a binary format log files, and we want to use splunk to collect and search through it, ...

by New Member in

query for top value

Let's say you have a log that looks like.... X -- Y -- Z === === === AAA BBB 123 AAA BBB 356 YYY ZZZ 8...

by Contributor in

How to search for status code in log message

Hi, I am trying to search for status code 404 in the below log message in my log file. The entries in my log file ...

by New Member in

How do I create a Gantt chart to show work hours by person

I want to create a gantt chart to show by day who was working when. My record layout is start timestamp (12/08/20.05:...

by Explorer in

HiddenSavedSearch - internals

I'm trying to figure out how to update a HiddenSavedSearch (and subsequently the SimpleResultsTable) by sending pushC...

by Influencer in

How to remove some words from multivalued field for display

I have a field with search terms in the log that I want to break into individual words. But I do not want stop words ...

by Explorer in

Removing "Others" result from chart in advanced XML

I have a chart that is fed results from a search ending in | top limit=10 dest_ip. The chart in the dashboard always ...

by Builder in

Rename stats function in the table header

Hi, I am using the stats function to show the monitored url performance. The table header is displaying the same name...

by Builder in

Counting distinct field values and dislaying count and value together

Hi. Been trying to work this one out for hours... I'm close!!! We are Splunking data such that each Host has a fi...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Best way to index SQLite DB file?

Building KV Pairs

duration of two consecutive log statement

Return top item in a transaction, with fields appended

How splunk decide date/time in _time field?

Memory usage 100% stacked graphs for multiple servers?

timechart of traffic v commerce

Search Performance Problem

How to get search results for each date for the specificed date range

How to display multiple search values as search coumns in the search table

Visualizing output from top in a bar chart

Regular search for all results

Display Last Event Time in Stats function

What is the maximum number of real-time searches that can be running?

How to show only certain values in a chart

Lookup Table returning incorrect data

How to use splunk for binary log file?

query for top value

How to search for status code in log message

How do I create a Gantt chart to show work hours by person

HiddenSavedSearch - internals

How to remove some words from multivalued field for display

Removing "Others" result from chart in advanced XML

Rename stats function in the table header

Counting distinct field values and dislaying count and value together

Can’t make it to .conf25? Join us online!

Community Content Calendar, September edition

Splunkbase Unveils New App Listing Management Public Preview

Leveraging Automated Threat Analysis Across the Splunk Ecosystem

In Splunk studio, is it possible to populate a tex...

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

Splunk Search

Are you a member of the Splunk Community?

Discussions

Can’t make it to .conf25? Join us online!