Splunk Search

Discussions

Thread Info

timechart question

I'm trying to graph a custom long that gives the round trip time of a web service request. I've got sourcetype="wspin...

by New Member in

How do i get the raw events from REST API from a saved search

I have created a saved search that runs every minute. I have opted to run a perl script as the alert option. Splunk p...

by Explorer in

Data appended to start of each event - ....Why?

Hello, I have a syslog-ng server forwarding logs to my Splunk server. I have just reconfigured my data input from ...

by Builder in

Search by macro name?

Is there a way to count events by the name of the macros matched? Example, I have macros A, B, and C. Can I do ...

by Communicator in

How to make custom module

I want to add Tree module in my dashboard.. but not exist tree module in splunk... So, I hope to make tree module.. b...

by Engager in

What sets the system name in system/local/inputs.conf?

It's all in the title. You can configure the system name in server.conf via Manager, but what sets the one in inputs....

by Contributor in

eqalis - getting cisco_syslog sourcetype

I tried out the EQALIS Splunk for Network Operations app. Unfortunately, I don't think I can use it, but maybe someon...

by Builder in

Using top with Multiple Fields

I feel like there should be an easy answer for this, but that my brain isn't finding it, so hopefully someone can rep...

by Splunk Employee in

Splunki for Windows 4.2.3: Current supported Agent version

What is the current version level of the Splunk Agent?

by New Member in

Search for event when preceded or followed by another event.

How can I search for an event x, only when preceded or followed by event y? I.e., I only want x when y is immediately...

by Splunk Employee in

ignoring extracted value

I want to ignore certain search results from by search. Now one way is below where I can filter the extracted value, ...

by Path Finder in

inputlookup in view with rex

I have a csv file that tracks firewall rule hits. I would like to create a form that reads the csv and populates a dr...

by Communicator in

Performing real-time search on new data only

Hello, I was wondering if there's a configuration somewhere in Splunk where it would make my continuous real-time ...

by Path Finder in

Using some besides Count in Google Maps

Hello, We have some google map geo-visualizations setup that uses event count by location. I was wondering if it i...

by Explorer in

What does "yesterday" mean when data is spanning multiple timezones?

What is the expected outcome of the "Yesterday" time function when applied to data from multiple timezones. I have a ...

by Splunk Employee in

search question

In the search field, I entered: source=/logs/*/*.log it matches /logs/*/*.log and /logs/*/*/*.log. I need to see only...

by New Member in

lookup setup for regex extracted value

I have a extracted value from log, puserid. now I have map that Id to a user in lookup table. now when I am applying ...

by Path Finder in

how to modify a existing "search" ?

I create a search called: "poral_app_server", I made a modification to the search string, click "save search" and typ...

by New Member in

Field discovery with multi-value containing space

Hi, I'm trying to understand how the Field Discovery part works by default while dealing with a multi-value string c...

by New Member in

How to convert binary ms word doc into text so I can splunk it?

I currently have some medical records in doc form that are binary text created in ms office word. I want to create...

by Splunk Employee in

url search and chart

I have a bunch of uris to extract and categorize. And after that i need to timechart it by category. so say the lo...

by Path Finder in

Questions on Variable Manipulation.

I've got a chart that works great but just wanting to re-arrange the result. timechart eval(sum(Logical_Capacity_...

by Contributor in

Splunk Indexer giving lookup missing error

Hi All, I have the following setup in my environment: 1) light forwarder installed on the machine where logs are g...

by Explorer in

Drilldown problem

I have a problem where I have a table that has a _time column and two other columns, I have a search that sorts that ...

by Builder in

Add Data: A text file is being interpreted as a binary file

I do realize there is another thread where someone asks the same question, but he solved his problem when he checked ...

by Communicator in

Get Updates on the Splunk Community!

Splunk Search

Discussions

timechart question

How do i get the raw events from REST API from a saved search

Data appended to start of each event - ....Why?

Search by macro name?

How to make custom module

What sets the system name in system/local/inputs.conf?

eqalis - getting cisco_syslog sourcetype

Using top with Multiple Fields

Splunki for Windows 4.2.3: Current supported Agent version

Search for event when preceded or followed by another event.

ignoring extracted value

inputlookup in view with rex

Performing real-time search on new data only

Using some besides Count in Google Maps

What does "yesterday" mean when data is spanning multiple timezones?

search question

lookup setup for regex extracted value

how to modify a existing "search" ?

Field discovery with multi-value containing space

How to convert binary ms word doc into text so I can splunk it?

url search and chart

Questions on Variable Manipulation.

Splunk Indexer giving lookup missing error

Drilldown problem

Add Data: A text file is being interpreted as a binary file

Technical Workshop Series: Splunk Data Management and SPL2 | Register here!

Spotting Financial Fraud in the Haystack: A Guide to Behavioral Analytics with Splunk

Solve Problems Faster with New, Smarter AI and Integrations in Splunk Observability

ES8 + Mission Control Usage rest API

Search for triggered save searches and their actio...

MLTKC how should i check jupyter notebook func in ...

StateSpaceForecast holdback and forecast_k for eva...

ITSI thresholds: adaptive vs static