Splunk Search

Discussions

Thread Info

grouping data in search

I am serching a log that has statuses. When I run the search and chart it, I get a bar for each status. There are, sa...

by Explorer in

Replace/rename a host name with another host name

Hello, I would like to rename/replace host name (ip-10-0-0-4) with host name (XXXXXX-GOC-MON-01). I found this sim...

by Path Finder in

crash log on searches using cidrmatch.

searches that utilize 'cidrmatch' are generating a number of crash logs at the bunny farm today. [build 123586] 20...

by Splunk Employee in

Lookup csv file

Hi, I would like to upload a csv file as a lookup table. what will be header format? Assuming I have a search field c...

by Builder in

Extracting Fields after Custom Processing Command

Hi I am processing log files by running custom command which transforms the data that I have looked for e.g (8...

by Path Finder in

Default search view and extract fields

I'm sure this is a noobie question but hopefully you guys can help. I've used splunk for several years now but only a...

by New Member in

Group by a particular field over time

I have some logs which has its logging time and response code among other information. Now I want to know the counts ...

by Engager in

REGEX transforms.conf, NOT operator

Hi Splunkers I'm new to splunk and currently playing around with the heavy forwarder. I found here several example...

by Engager in

Is it possible that add columns dynamically if values are available in same table

hi, Is it possible to add columns to the table dynamically (Runtime)if the values are available for that field els...

by Communicator in

extract events for specific time period

I've just configured splunk to index a file that contains events for the last 30 days. Within these events I want to ...

by Contributor in

Fake Input for Lab

Hey guys, Thought I asked this recently but I can't find the post. I am building out a lab and I was wondering if...

by Builder in

Manipulating dates using splunk.

Hi, Are there any fuctions in Splunk which deal with Dates.I have to get the no: of days between startdate and end...

by Explorer in

Search for device type

I want to determine how many times a call has been completed or attempted by searching for a specic device name/type ...

by New Member in

how to clone a search window

say i've got an interesting search going; it's yielding some pretty good values, but i think i might want to tweak it...

by Path Finder in

How to extract all matching values from an event using regex

Hi, iam trying to extract certain values from my log files which i have given below 1st event at x.x.x.x.x.x(1) at...

by Communicator in

Timechart based on field value (aggregated event count) rather than number of events

Hi, I get events from a source which already aggregates events. Examples: Apr 24 2012 09:59:59,event_name=FWALL...

by Path Finder in

where on 3 fields at once

I have been stumped on this all afternoon and I finally decided to ask this question here. Today I just can't figure ...

by Builder in

Timecharting the sum() of min()/avg()/max()

I'm sure there is an easy answer for this and I'm going feel silly when I see it. I have a scripted input that pulls ...

by Path Finder in

strptime not returning correct results?

I have a field in a log: TotalReportRunTime=0:3.313 which is in the format minutes:seconds.milliseconds. If I use ...

by Contributor in

Insert 90th Percentile as Horizontal Line on Timechart

New to Splunk, need some help. I would like to build a timechart that does the following: Graphs average respon...

by Path Finder in

Using Tags to group results

I know that I can use tags to define a search, but can I also use them to group results? In my situation, I want to s...

by Contributor in

Incorrect Time Range for @d

I have a graph that displays the license usage for the day. I have the time parameter say to "@d" because I only want...

by Path Finder in

New field/attribute added to raw results by python

Hi I am trying to add a new field to my search results via a custom search command written in python Take the f...

by Path Finder in

Subject: Problem with the CLEAN_KEYS property

I am having a problem with the CLEAN_KEYS property. Here is my raw message that gets appended to my log file. Note...

by Path Finder in

remove _raw field from table view

Is it possible to remove _raw field from search results in table view? I guess this change came with Splunk 4.3. ... ...

by Explorer in

Get Updates on the Splunk Community!

Splunk Search

Discussions

grouping data in search

Replace/rename a host name with another host name

crash log on searches using cidrmatch.

Lookup csv file

Extracting Fields after Custom Processing Command

Default search view and extract fields

Group by a particular field over time

REGEX transforms.conf, NOT operator

Is it possible that add columns dynamically if values are available in same table

extract events for specific time period

Fake Input for Lab

Manipulating dates using splunk.

Search for device type

how to clone a search window

How to extract all matching values from an event using regex

Timechart based on field value (aggregated event count) rather than number of events

where on 3 fields at once

Timecharting the sum() of min()/avg()/max()

strptime not returning correct results?

Insert 90th Percentile as Horizontal Line on Timechart

Using Tags to group results

Incorrect Time Range for @d

New field/attribute added to raw results by python

Subject: Problem with the CLEAN_KEYS property

remove _raw field from table view

Celebrating Fast Lane: 2025 Authorized Learning Partner of the Year

Tech Talk Recap | Mastering Threat Hunting

Observability for AI Applications: Troubleshooting Latency

Error preventing me from saving search with chart

In Splunk studio, is it possible to populate a tex...

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

Splunk Search

Are you a member of the Splunk Community?

Discussions