Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Splunk Search
Splunk Search
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | I have an interesting situation where I want to be able to display a little summary table, showing a few statistics ... by sideview SplunkTrust  in Splunk Search 04-14-2012 0 2 | 0 | 2 | |
 | I need to know the pages, along with the count of how many times their response time exceeded 100. I need the top 10 ... by subhadipc Explorer in Splunk Search 04-13-2012 0 3 | 0 | 3 | |
| | The query below displays accurate values for Requests, Accepted, Rejected and %Accepted. | stats count(eval(nps_pac... by mikefoti Communicator in Splunk Search 04-13-2012 0 10 | 0 | 10 | |
| | When running a timechart over the last 7 days, using span=10m, the timechart will only display roughly the first 3.5... by anssntaco Path Finder in Splunk Search 04-13-2012 0 1 | 0 | 1 | |
| | Hi Splunkers, I need the result from first search in another search. First search: sourcetype=win_server | multikv ... by nebel Communicator in Splunk Search 04-13-2012 0 3 | 0 | 3 | |
| | Ugh! I hate having to ask for query help, but I'm close.. but not close enough. Basically, I have two sets of data.... by jgauthier Contributor in Splunk Search 04-13-2012 0 8 | 0 | 8 | |
| | Hello, Does anybody know how to write a search that find events occur at least one per day and these events count as... by C4r7m4n Path Finder in Splunk Search 04-12-2012 1 9 | 1 | 9 | |
| | We had an event on our splunk server, and there's a gap in some of the logs. The logs are continually written to on ... by ironhalo Explorer in Splunk Search 04-12-2012 0 1 | 0 | 1 | |
| | <Product> <ProductName>(\w+)</ProductName> <ProductName>(\w+)</ProductName> <ProductName>(\w+)</ProductName> </Pro... by tven Explorer in Splunk Search 04-12-2012 0 1 | 0 | 1 | |
| | I have a rex that returns a series of 5-8 digit IDs: SEARCH "rex field=_raw "2012-\d\d-\d\d,\d,(?\d{1,8})"" RESULT ... by rachelneal Path Finder in Splunk Search 04-12-2012 1 3 | 1 | 3 | |
| | I need to know the pages, along with the count of how many times their response time exceeded 100. I need the top 10 ... by subhadipc Explorer in Splunk Search 04-12-2012 1 1 | 1 | 1 | |
 | I am trying to report the number of unique logged in users (field=USERNAME) in a timespan=1h and since i only want un... by dominiquevocat SplunkTrust in Splunk Search 04-12-2012 0 2 | 0 | 2 | |
| | Hello I have two searches: Search A: BGP_NEIGHBOR_STATE_CHANGED source="udp:514" AND ("Established to Idle" OR "Est... by C4r7m4n Path Finder in Splunk Search 04-12-2012 0 6 | 0 | 6 | |
| | I would like to associate the "ip" field with every log line, i.e. Current source log format: 1227.125106.091263 ip... by NK_1 Path Finder in Splunk Search 04-11-2012 0 2 | 0 | 2 | |
| | What does the regex in my question's title above mean? Source: Search Language Quick Reference Card (on top of page ... by boris Path Finder in Splunk Search 04-11-2012 0 1 | 0 | 1 | |
| | I'm trying to return a field based upon a search and within that search extract a variable to search for in another s... by gregwilliams Path Finder in Splunk Search 04-11-2012 0 5 | 0 | 5 | |
| | I am trying to get the number of denied connections from squid proxy logs from a Cisco Ironport web security applianc... by lmyoung Engager in Splunk Search 04-11-2012 1 1 | 1 | 1 | |
| | Hopufully a quick one but I'm looking to search and extract anything between two these fields anyone know how? by tb582 Explorer in Splunk Search 04-11-2012 0 18 | 0 | 18 | |
| | Is there a way to show the status of search jobs while the search is in progress. I have a dashboard with multiple se... by Sriram Communicator in Splunk Search 04-10-2012 0 8 | 0 | 8 | |
| | First time posting! --using splunk 4.2.4-- I noticed similar questions on here that were either unanswered or didn't... by sberg Explorer in Splunk Search 04-10-2012 0 5 | 0 | 5 | |
| | I'm trying to add search servers to my search head. I'm using the following command: ./splunk add search-server -hos... by kevinsikora Explorer in Splunk Search 04-10-2012 1 3 | 1 | 3 | |
| | Hey everyone. Is anyone using Nagios to monitor their splunk instance? I've seen that there was a check_splunk plugin... by msarro Builder in Splunk Search 04-10-2012 1 2 | 1 | 2 | |
| | I have a lookup on sourcetype=vipservices csv file has values like so jurhash, jurhasfriendlyname somehashvalue, som... by sonicZ Contributor in Splunk Search 04-10-2012 0 3 | 0 | 3 | |
| | I'm using a transaction to group events within 30 minutes of one another. What I want to do after that is "undo" one ... by acdevlin Communicator in Splunk Search 04-10-2012 2 6 | 2 | 6 | |
| | I'm using transaction ... | search duration>x to eliminate some noise, but then I want to break the events back ou... by vbumgarner Contributor in Splunk Search 04-10-2012 6 3 | 6 | 3 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Become An Expert
Claim a $25 Cisco Store Gift Card
Help us improve the Splunk Community and complete our survey today!
Top Labels
-
administration
3 -
alert action
3 -
alert condition
2 -
Analytics Workspace
2 -
authentication
1 -
chart
943 -
Classic dashboard
1 -
configuration
2 -
correlation search
1 -
count
1,002 -
Dashboard Studio
3 -
data
3 -
data model
1 -
development
6 -
distributed search
1 -
drilldown
1 -
email
1 -
eval
2,605 -
field extraction
2,013 -
fields
2,055 -
host
1 -
index
4 -
indexer
2 -
inputs.conf
1 -
intermediate forwarder
1 -
introduction
5 -
join
1,056 -
JSON
2 -
Linux
2 -
login
1 -
lookup
1,556 -
metadata
307 -
monitoring console
2 -
other
132 -
panel
2 -
PDF
1 -
Python
1 -
regex
1,497 -
report acceleration
2 -
rex
1,245 -
SAML
1 -
saved search
5 -
scheduled search
4 -
scripted input
1 -
search
1 -
search head
3 -
search job inspector
679 -
search peer
1 -
simple XML
1 -
source
1 -
sourcetype
4 -
Splunk Web Framework
1 -
splunk-assist
1 -
splunkd
1 -
stats
3,551 -
subsearch
1,717 -
summary indexing
4 -
table
1,746 -
time
1 -
timechart
1,155 -
transaction
451 -
transforms.conf
1 -
troubleshooting
8 -
tstats
564 -
universal forwarder
5 -
using Splunk Cloud
2 -
using Splunk Enterprise
13 -
Windows
3
- « Previous
- Next »
Get Updates on the Splunk Community!
Splunk Observability for AI
Don’t miss out on an exciting Tech Talk on Splunk Observability for AI!Discover how Splunk’s agentic AI ...
Splunk Enterprise Security 8.x: The Essential Upgrade for Threat Detection, ...
Watch On Demand the Tech Talk on November 6 at 11AM PT, and empower your SOC to reach new heights!
Duration: ...
Splunk Observability as Code: From Zero to Dashboard
For the details on what Self-Service Observability and Observability as Code is, we have some awesome content ...
