Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Splunk Search
Splunk Search
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | Splunk support the statistical function "mode(X)". According to the Splunk documentation this function returns the mo... by lpolo Motivator in Splunk Search 06-01-2012 0 3 | 0 | 3 | |
| | In the manual we have: sourcetype=access_* action=purchase [search sourcetype=access_* action=purchase | top limit=... by mseffrin Engager in Splunk Search 06-01-2012 0 1 | 0 | 1 | |
| | http://docs.splunk.com/Documentation/Splunk/4.2.4/User/RealtimeSearch#Real-time_backfill Realtime backfill, how is t... by Dark_Ichigo Builder in Splunk Search 06-01-2012 0 1 | 0 | 1 | |
| | I have the following search which displays amounts of records by month (X-axis). index="billing" suspededrecords |... by mcwomble Path Finder in Splunk Search 05-31-2012 2 4 | 2 | 4 | |
| | So I want use bucket to group my data by weeks that start on Mondays if I change my query to use earliest=-1w@w1 late... by aarcro Explorer in Splunk Search 05-31-2012 0 4 | 0 | 4 | |
| | Once a week when Symantec runs a full scan our quota gets blown out of the water. Is there a way to filter these eve... by andrewsmiley Engager in Splunk Search 05-31-2012 1 2 | 1 | 2 | |
| | Is it possible to chain together two searches? Basically, need to grab the IP address from my webserver logs (if it ... by gehogan3 Explorer in Splunk Search 05-31-2012 0 1 | 0 | 1 | |
 | Hi , I have been using the stats avg(duration) as Avg_Duration in my query.But while displayin the Avg_Duration i am... by rakesh_498115 Motivator in Splunk Search 05-31-2012 0 5 | 0 | 5 | |
| | Is it possible to apply a search-time field extraction to all inputs? Our log files (across multiple hosts, sources ... by Jordan_Brough Path Finder in Splunk Search 05-30-2012 0 3 | 0 | 3 | |
| | I have multiple key value pairs in a line like so: summary=" Policy Rule modified" summary=" Policy Rule number 2 mod... by timbCFCA Path Finder in Splunk Search 05-30-2012 1 3 | 1 | 3 | |
| | I'm fairly new to Splunk search strings so hopefully someone can help. I'm trying to create a three column search: ... by neilsussman Explorer in Splunk Search 05-30-2012 2 3 | 2 | 3 | |
| | Hello, I have an application sending logs to the windows event log with a lognamename of ErrorLogs. The error log l... by dturner83 Path Finder in Splunk Search 05-30-2012 1 4 | 1 | 4 | |
| | I constructed transactions with "startswith" and "endswith" and I am trying to identify those incomplete transactions... by myli12 Path Finder in Splunk Search 05-30-2012 1 3 | 1 | 3 | |
| | I Have Two sourcetypes defined . i need to write a query integrating the two sourcetypes and should get a single resu... by rakesh_498115 Motivator in Splunk Search 05-30-2012 0 1 | 0 | 1 | |
| | Hi all! I have two searches that I want to display in the same search and pipe them out in a time-chart Both search... by Norling Explorer in Splunk Search 05-30-2012 0 2 | 0 | 2 | |
| | I have a lookup table that contains details about Nessus plugins -- the Nessus ID, Plugin Name, Risk Factor, and a fe... by responsys_cm Builder in Splunk Search 05-30-2012 0 1 | 0 | 1 | |
| | Hi there, This should be a pretty simple question. I have looked around for a while. We have a web log we are trying... by zloc Engager in Splunk Search 05-29-2012 0 2 | 0 | 2 | |
| | This may be confusing, so I'll try to explain it as best as I can. I've got a search that looks for servers that get ... by jevenson Path Finder in Splunk Search 05-29-2012 0 1 | 0 | 1 | |
| | I'm unable to get this search to output anything except the _time of the first search: |set diff [ search index="col... by nelsonb Explorer in Splunk Search 05-29-2012 0 5 | 0 | 5 | |
| | I have a chart that I want to drilldown on and display another graph based on the drilldown results in a popup window... by jedatt01 Builder in Splunk Search 05-29-2012 1 3 | 1 | 3 | |
| | Hi, I'm a relative newbie (power noob?) who is having issues with extracting fields from a multi-line event. A sampl... by a212830 Champion in Splunk Search 05-29-2012 0 4 | 0 | 4 | |
| | I am attempting to look for the top 10 offenders of a specific event type, and get their IP address. That I can do no... by tmarlette Motivator in Splunk Search 05-29-2012 0 4 | 0 | 4 | |
 | What is the difference between Choose a Data Type and Choose a Data Source. I want to monitor only directories that ... by jangid Builder in Splunk Search 05-29-2012 0 3 | 0 | 3 | |
| | Hi all, I'm a newbie to Splunk. I tried to index all apache log files in the same directory as a single source so th... by stwong Communicator in Splunk Search 05-28-2012 0 3 | 0 | 3 | |
| | Hi guys, As I understand, dedup command will filter the complete set of results and remove any duplicate fields. Wh... by zucler Explorer in Splunk Search 05-28-2012 0 3 | 0 | 3 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Become An Expert
Top Labels
-
administration
3 -
alert action
3 -
alert condition
2 -
Analytics Workspace
2 -
authentication
1 -
chart
943 -
Classic dashboard
1 -
configuration
2 -
correlation search
1 -
count
1,003 -
Dashboard Studio
3 -
data
3 -
data model
1 -
development
6 -
distributed search
1 -
drilldown
1 -
email
1 -
eval
2,608 -
field extraction
2,017 -
fields
2,061 -
host
1 -
index
4 -
indexer
2 -
inputs.conf
1 -
intermediate forwarder
1 -
introduction
5 -
join
1,058 -
JSON
2 -
Linux
2 -
login
1 -
lookup
1,565 -
metadata
307 -
monitoring console
2 -
other
151 -
panel
2 -
PDF
1 -
Python
1 -
regex
1,497 -
report acceleration
2 -
rex
1,246 -
SAML
1 -
saved search
5 -
scheduled search
4 -
scripted input
1 -
search
2 -
search head
3 -
search job inspector
681 -
search peer
1 -
simple XML
1 -
source
1 -
sourcetype
4 -
Splunk Web Framework
1 -
splunk-assist
1 -
splunkd
1 -
stats
3,558 -
subsearch
1,721 -
summary indexing
4 -
table
1,750 -
time
1 -
timechart
1,156 -
transaction
451 -
transforms.conf
1 -
troubleshooting
8 -
tstats
566 -
universal forwarder
5 -
using Splunk Cloud
2 -
using Splunk Enterprise
13 -
Windows
3
- « Previous
- Next »
Get Updates on the Splunk Community!
Stay Connected: Your Guide to January Tech Talks, Office Hours, and Webinars!
What are Community Office Hours?
Community Office Hours is an interactive 60-minute Zoom series where ...
[Puzzles] Solve, Learn, Repeat: Reprocessing XML into Fixed-Length Events
This challenge was first posted on Slack #puzzles channelFor a previous puzzle, I needed a set of fixed-length ...
Data Management Digest – December 2025
Welcome to the December edition of Data Management Digest!
As we continue our journey of data innovation, the ...
