Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Splunk Search
Splunk Search
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | I need to know the pages, along with the count of how many times their response time exceeded 100. I need the top 10 ... by subhadipc Explorer in Splunk Search 04-13-2012 0 3 | 0 | 3 | |
| | The query below displays accurate values for Requests, Accepted, Rejected and %Accepted. | stats count(eval(nps_pac... by mikefoti Communicator in Splunk Search 04-13-2012 0 10 | 0 | 10 | |
| | When running a timechart over the last 7 days, using span=10m, the timechart will only display roughly the first 3.5... by anssntaco Path Finder in Splunk Search 04-13-2012 0 1 | 0 | 1 | |
| | Hi Splunkers, I need the result from first search in another search. First search: sourcetype=win_server | multikv ... by nebel Communicator in Splunk Search 04-13-2012 0 3 | 0 | 3 | |
| | Ugh! I hate having to ask for query help, but I'm close.. but not close enough. Basically, I have two sets of data.... by jgauthier Contributor in Splunk Search 04-13-2012 0 8 | 0 | 8 | |
| | Hello, Does anybody know how to write a search that find events occur at least one per day and these events count as... by C4r7m4n Path Finder in Splunk Search 04-12-2012 1 9 | 1 | 9 | |
| | We had an event on our splunk server, and there's a gap in some of the logs. The logs are continually written to on ... by ironhalo Explorer in Splunk Search 04-12-2012 0 1 | 0 | 1 | |
| | <Product> <ProductName>(\w+)</ProductName> <ProductName>(\w+)</ProductName> <ProductName>(\w+)</ProductName> </Pro... by tven Explorer in Splunk Search 04-12-2012 0 1 | 0 | 1 | |
| | I have a rex that returns a series of 5-8 digit IDs: SEARCH "rex field=_raw "2012-\d\d-\d\d,\d,(?\d{1,8})"" RESULT ... by rachelneal Path Finder in Splunk Search 04-12-2012 1 3 | 1 | 3 | |
| | I need to know the pages, along with the count of how many times their response time exceeded 100. I need the top 10 ... by subhadipc Explorer in Splunk Search 04-12-2012 1 1 | 1 | 1 | |
 | I am trying to report the number of unique logged in users (field=USERNAME) in a timespan=1h and since i only want un... by dominiquevocat SplunkTrust  in Splunk Search 04-12-2012 0 2 | 0 | 2 | |
| | Hello I have two searches: Search A: BGP_NEIGHBOR_STATE_CHANGED source="udp:514" AND ("Established to Idle" OR "Est... by C4r7m4n Path Finder in Splunk Search 04-12-2012 0 6 | 0 | 6 | |
| | I would like to associate the "ip" field with every log line, i.e. Current source log format: 1227.125106.091263 ip... by NK_1 Path Finder in Splunk Search 04-11-2012 0 2 | 0 | 2 | |
| | What does the regex in my question's title above mean? Source: Search Language Quick Reference Card (on top of page ... by boris Path Finder in Splunk Search 04-11-2012 0 1 | 0 | 1 | |
| | I'm trying to return a field based upon a search and within that search extract a variable to search for in another s... by gregwilliams Path Finder in Splunk Search 04-11-2012 0 5 | 0 | 5 | |
| | I am trying to get the number of denied connections from squid proxy logs from a Cisco Ironport web security applianc... by lmyoung Engager in Splunk Search 04-11-2012 1 1 | 1 | 1 | |
| | Hopufully a quick one but I'm looking to search and extract anything between two these fields anyone know how? by tb582 Explorer in Splunk Search 04-11-2012 0 18 | 0 | 18 | |
| | Is there a way to show the status of search jobs while the search is in progress. I have a dashboard with multiple se... by Sriram Communicator in Splunk Search 04-10-2012 0 8 | 0 | 8 | |
| | First time posting! --using splunk 4.2.4-- I noticed similar questions on here that were either unanswered or didn't... by sberg Explorer in Splunk Search 04-10-2012 0 5 | 0 | 5 | |
| | I'm trying to add search servers to my search head. I'm using the following command: ./splunk add search-server -hos... by kevinsikora Explorer in Splunk Search 04-10-2012 1 3 | 1 | 3 | |
| | Hey everyone. Is anyone using Nagios to monitor their splunk instance? I've seen that there was a check_splunk plugin... by msarro Builder in Splunk Search 04-10-2012 1 2 | 1 | 2 | |
| | I have a lookup on sourcetype=vipservices csv file has values like so jurhash, jurhasfriendlyname somehashvalue, som... by sonicZ Contributor in Splunk Search 04-10-2012 0 3 | 0 | 3 | |
| | I'm using a transaction to group events within 30 minutes of one another. What I want to do after that is "undo" one ... by acdevlin Communicator in Splunk Search 04-10-2012 2 6 | 2 | 6 | |
| | I'm using transaction ... | search duration>x to eliminate some noise, but then I want to break the events back ou... by vbumgarner Contributor in Splunk Search 04-10-2012 6 3 | 6 | 3 | |
| | It is best to demonstrate with an example: Example of data: And expected tesult table: by Print Explorer in Splunk Search 04-10-2012 1 10 | 1 | 10 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Become An Expert
Top Labels
-
administration
3 -
alert action
3 -
alert condition
2 -
Analytics Workspace
2 -
authentication
1 -
chart
944 -
Classic dashboard
1 -
configuration
2 -
correlation search
1 -
count
1,003 -
Dashboard Studio
3 -
data
3 -
data model
1 -
development
6 -
distributed search
1 -
drilldown
1 -
email
1 -
eval
2,609 -
field extraction
2,018 -
fields
2,062 -
host
1 -
index
4 -
indexer
2 -
inputs.conf
1 -
intermediate forwarder
1 -
introduction
5 -
join
1,058 -
JSON
2 -
Linux
2 -
login
1 -
lookup
1,565 -
metadata
307 -
monitoring console
2 -
other
154 -
panel
2 -
PDF
1 -
Python
1 -
regex
1,498 -
report acceleration
2 -
rex
1,246 -
SAML
1 -
saved search
5 -
scheduled search
4 -
scripted input
1 -
search
2 -
search head
3 -
search job inspector
682 -
search peer
1 -
simple XML
1 -
source
1 -
sourcetype
4 -
Splunk Web Framework
1 -
splunk-assist
1 -
splunkd
1 -
stats
3,559 -
subsearch
1,722 -
summary indexing
4 -
table
1,750 -
time
1 -
timechart
1,156 -
transaction
451 -
transforms.conf
1 -
troubleshooting
8 -
tstats
566 -
universal forwarder
5 -
using Splunk Cloud
2 -
using Splunk Enterprise
13 -
Windows
3
- « Previous
- Next »
Get Updates on the Splunk Community!
AI for AppInspect
We’re excited to announce two new updates to AppInspect designed to save you time and make the app approval ...
App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community
As we step into 2026, it’s the perfect moment to reflect on what an extraordinary year 2025 was for the Splunk ...
Operationalizing Entity Risk Score with Enterprise Security 8.3+
Overview
Enterprise Security 8.3 introduces a powerful new feature called “Entity Risk Scoring” (ERS) for ...
