Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Splunk Search
Splunk Search
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | Hy, i dont know why, but since 5 days i become no more Event Logs from Client PC's (Windows XP). When i remote conn... by Rhuen New Member in Splunk Search 03-28-2012 0 4 | 0 | 4 | |
| | I inserted a search command in a splunk search app as follows : sourcetype="sexuality" | replace "Yan Yi" with jtyi i... by misteryuku Communicator in Splunk Search 03-27-2012 0 5 | 0 | 5 | |
| | Dear all There is something strange that i can see the correct results of field extraction from manually search but ... by hjwang Contributor in Splunk Search 03-27-2012 0 1 | 0 | 1 | |
| | For the search app, I want to modify a field called "partner" (new field added when data is sent to Splunk in receive... by misteryuku Communicator in Splunk Search 03-27-2012 0 1 | 0 | 1 | |
| | Time savings? Cost savings? New product offering? New business opportunity? New customers? Promotions? Once you under... by esweeney Splunk Employee  in Splunk Search 03-27-2012 9 3 | 9 | 3 | |
| | How do I register for .conf2012: The 3rd Annual Splunk's Users' Conference? by esweeney Splunk Employee in Splunk Search 03-27-2012 12 5 | 12 | 5 | |
 | I'm trying to get CPU statistics for servers that have a variable number of CPUs. Below are some fictitious events i... by jconger Splunk Employee in Splunk Search 03-27-2012 0 1 | 0 | 1 | |
| | Whenever a backslash is used in questions/answers/comments on splunk-base, another backslash will be added. For ins... by Ayn Legend in Splunk Search 03-27-2012 7 2 | 7 | 2 | |
| | Since fields in Splunk are generally not set at index-time, except for a few key values like source, sourcetype, _raw... by misteryuku Communicator in Splunk Search 03-27-2012 0 4 | 0 | 4 | |
| | I am trying to extract the hostname from the name of the file selected as input. For input setup I have the followin... by conner9 Path Finder in Splunk Search 03-27-2012 0 2 | 0 | 2 | |
| | Hello, I need to anonimize data in search-time and count by message. Example. source log file contains: E 120327 ... by gofrolist New Member in Splunk Search 03-27-2012 0 1 | 0 | 1 | |
| | Hello, I am new to Splunk and I ma trying to analyze my logfile and create graph for two avg fields by each present ... by pborucki New Member in Splunk Search 03-27-2012 0 1 | 0 | 1 | |
| | I am attempting to translate system response codes to natural language for business reasons. I have 7 codes that rela... by tyronetv Communicator in Splunk Search 03-27-2012 0 1 | 0 | 1 | |
| | I added events through Splunk's REST API and i added new fields to the new events that i added to Splunk. Then i sea... by misteryuku Communicator in Splunk Search 03-26-2012 0 1 | 0 | 1 | |
| | How can I export information from Websense? WCG as a Proxy running on RHEL5 and the rest running on a W2K8 server. by jroysdon Engager in Splunk Search 03-26-2012 1 2 | 1 | 2 | |
| | Current EVENT logs from estreamer client pulls the following example record: Tue Nov 1 23:59:59 2011 sensor_id=66 ... by mlulmer Explorer in Splunk Search 03-26-2012 1 2 | 1 | 2 | |
| | I want to find clientip's (in apache access_combined logs) where more than one event occurred (e.g. status=200 file=F... by jewhite Explorer in Splunk Search 03-26-2012 0 9 | 0 | 9 | |
| | source="D:\SplunkLogs\status.log" |search data|rex field=_raw "control\s(?.*)" |stats values(myvalue)|where myvalue="... by john Communicator in Splunk Search 03-26-2012 0 2 | 0 | 2 | |
| | Hi Want to extract specific fields from a log file. Tried using rex but failed.. need help Want to extract matching ... by tonan Explorer in Splunk Search 03-26-2012 0 3 | 0 | 3 | |
| | I'm using the free version, Is there is a way to backup the syslog from the splunk ? Once the size limit exceed 500 M... by diwa New Member in Splunk Search 03-26-2012 0 2 | 0 | 2 | |
| | I'm looking for a way to dedup a given field for each instance of another field. More specifically: | eval warningIs... by 0cool New Member in Splunk Search 03-24-2012 0 1 | 0 | 1 | |
| | In Splunk 4.3 I want to do a join of an regex-extracted variable A (belonging to app/sourcetype a) with a variable B ... by DrColombes New Member in Splunk Search 03-24-2012 0 1 | 0 | 1 | |
| | How does the 'optimized' splunk search string (without using JOIN) looks like for the following search string? SELEC... by Nicholas_Key Splunk Employee in Splunk Search 03-23-2012 0 1 | 0 | 1 | |
| | bla xx bla Call Return: [20001TNSN NONONOONONO] bla y bla Call Return: [20001TNSN NONONOONONO] bla zzz bla Call Retur... by wandi Explorer in Splunk Search 03-23-2012 0 3 | 0 | 3 | |
| | Hi, I need to make a ranking of most common exception messages, from different services. I've been able to extract th... by hbazan Path Finder in Splunk Search 03-23-2012 0 3 | 0 | 3 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Become An Expert
Top Labels
-
administration
3 -
alert action
3 -
alert condition
2 -
Analytics Workspace
2 -
authentication
1 -
chart
946 -
Classic dashboard
1 -
configuration
2 -
correlation search
1 -
count
1,006 -
Dashboard Studio
3 -
data
3 -
data model
1 -
development
6 -
distributed search
1 -
drilldown
1 -
email
1 -
eval
2,615 -
field extraction
2,022 -
fields
2,064 -
host
1 -
index
4 -
indexer
2 -
inputs.conf
1 -
intermediate forwarder
1 -
introduction
5 -
join
1,060 -
JSON
2 -
Linux
2 -
login
1 -
lookup
1,566 -
metadata
310 -
monitoring console
2 -
other
182 -
panel
2 -
PDF
1 -
Python
1 -
regex
1,499 -
report acceleration
2 -
rex
1,250 -
SAML
1 -
saved search
5 -
scheduled search
4 -
scripted input
1 -
search
2 -
search head
3 -
search job inspector
683 -
search peer
1 -
simple XML
1 -
source
1 -
sourcetype
4 -
Splunk Web Framework
1 -
splunk-assist
1 -
splunkd
1 -
stats
3,565 -
subsearch
1,730 -
summary indexing
4 -
table
1,754 -
time
1 -
timechart
1,158 -
transaction
453 -
transforms.conf
1 -
troubleshooting
8 -
tstats
569 -
universal forwarder
5 -
using Splunk Cloud
2 -
using Splunk Enterprise
13 -
Windows
3
- « Previous
- Next »
Get Updates on the Splunk Community!
[Puzzles] Solve, Learn, Repeat: Matching cron expressions
This puzzle (first published here) is based on matching timestamps to cron expressions.All the timestamps ...
Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas
Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas
Cisco Live 2026 is almost here, and this ...
Data Management Digest – May 2026
Welcome to the May 2026 edition of Data Management Digest!
As your trusted partner in data innovation, the ...
