Splunk Search

Discussions

Thread Info

problem with transaction and inputlookup

i think i am stuck on this certain for some reason that my head isn't working right when thinking about this problem ...

by Path Finder in

Strategy for deploying splunk on a custom application

I've been evaluating Splunk against a custom application which consists of a cluster of tomcat instances running two ...

by Engager in

Return First user and _time from ACS syslog

Firstly, my data is formatted like this: Dec 15 13:58:12 gthou-nsacs01p CisACS_01_PassedAuth ne8yfimc 1 0 Message-...

by New Member in

How do I display the largest value of multiple fields in an event?

I have a search which results in an event which has multiple instances of the field eltime. Does anyone know h...

by Path Finder in

Parsing Redis logs

Hi, I'm having trouble getting my Redis logs parsed correctly by Splunk, it gets the timestamps messed up. I have the...

by Communicator in

Creating a render time field

Hi, was wondering if what I am trying to do is possible. I have a program that spits out the amount of time it takes ...

by New Member in

How to use isint(X)?

How to use isint(X) function with eval? Please give me an example. I tried the command like this but not working. ......

by Path Finder in

Add a row to end of table

Hi, I am running a scheduled search to output some logs to a file. Now I would like to add an extra line to the en...

by Path Finder in

most critical Events

Hello together For my doctrinal statements, i have to configure a Splunk, with 50 server from our Company. one of...

by Explorer in

Which platforms does Splunk support?

Hi all, As my title, Im going to install splunk on windows server, but i wonder that can it collect all log from diff...

by New Member in

date_month issue

"source="jun_jan.csv" | stats count by date_month" lists all months, but if I want to include another field like stat...

by Explorer in

subsearch passing info

I perform a serach that gives me a host name, but within the returned data the event does not contain the host_ip. Wi...

by Contributor in

Average of Transactions for the top 50% of transactions

Hi, I have data of transactions in logs. using "duration" i can take the total duration of very transaction.And...

by Contributor in

License Violation - "pool_violated_slave_count"

I keep getting the following License Violation Messages: Message: This pool contains 10 slave/s in violation ...

by Path Finder in

Frequency lea updates pointer file

Hello, Does anyone know the frequency that the lea-loggrabber-splunk app's lea_loggrabber process should write to ...

by Contributor in

Apache Log for Weekly Downloads with Partials

The situation: A client produces a weekly magazine, in PDF format. There are 17 different versions of the zine eac...

by Engager in

Sort search results based on other log values

So I'm currently searching my jboss access logs for all 500 errors with " 500 ". I get all the results, but then I'd ...

by Path Finder in

Joining two searches with and without stats command

Hi! I have two sources A and В. Source A contains events in form of: Id1 StartTime1 EndTime1 Id2 StartTim...

by Communicator in

Convert outputted time (epoch) to readable Date/time

sure this is very similar to other questions but I have not been able to apply any of the suggestions successfully. ...

by Path Finder in

Join two table in Splunk

How can I join two table in Splunk using query like this? select dialog.id, dialog.callId, dialogParty_dialog_id, ...

by New Member in

Specify using the logs with the last timestamp

Hello, Is there a solution to specify in my search to get only the logs with the last timestamp ? In fact, i ha...

by Communicator in

Chart does not appear the same on a report?

when writing a search to create a chart, We all then tend to integrate it into a dashboard as a report. My problem is...

by Builder in

Replicate search chart on dashboard

Hello, How can I put the chart shown on my search results page into a dashboard widget? I simply want to by abl...

by New Member in

use amMap without a lookup?

amMap works fine using a lookup, but what if the data already has the client_city, client_region, client_country, cli...

by Explorer in

Delete duplicate events

I want to delete duplicate events means want only one event and other same event should be deleted.

by Builder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

problem with transaction and inputlookup

Strategy for deploying splunk on a custom application

Return First user and _time from ACS syslog

How do I display the largest value of multiple fields in an event?

Parsing Redis logs

Creating a render time field

How to use isint(X)?

Add a row to end of table

most critical Events

Which platforms does Splunk support?

date_month issue

subsearch passing info

Average of Transactions for the top 50% of transactions

License Violation - "pool_violated_slave_count"

Frequency lea updates pointer file

Apache Log for Weekly Downloads with Partials

Sort search results based on other log values

Joining two searches with and without stats command

Convert outputted time (epoch) to readable Date/time

Join two table in Splunk

Specify using the logs with the last timestamp

Chart does not appear the same on a report?

Replicate search chart on dashboard

use amMap without a lookup?

Delete duplicate events

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions