Splunk Search

Discussions

Thread Info

How does SPLUNK learn and correlate ?

I'm interested in intelligent analytics applications i.e. learning about data behaviour in order to alert on non-norm...

by Engager in

field extraction in splunk

I have a field called: Message which contain below type of data. MESSAGE Special privileges assigned to new...

by Path Finder in

How to treat nulls as zeros for purpose of adding?

I'm trying to add 2 fields, each of which contains some nulls. How can I treat these nulls as zeros for the purpose o...

by Path Finder in

Table Modify Structure

I have a query which results in following data But i need to generate a table in this format

by Contributor in

Problems Evaluating Field After Rex Extraction

I'm trying to evaluate a field after it is extracted at search time using rex. Unfortunately it is failing. An exampl...

by Engager in

How do you format numbers produced by 'count over'?

I've got a collection of Web log data where we like to see the URLs counted by host: sourcetype="access_common" | ...

by Communicator in

Calculating page read time

I have a requirement from the business to register the time a user stayed on a news story, the idea being that this w...

by Path Finder in

Problem with using SOURCE_KEY

I have some XML data that I parse into many fields, one of which is "relativePath" why can't I get the transforms to ...

by Splunk Employee in

SVG instead of Flash

Hi there, first of all congrats on the awesome software that splunk is. Having said that, I have noticed that t...

by New Member in

How to extract all hosts and their sourcetypes?

Trying to right a search that will extract and display all the hosts that have indexed data and their sourcetypes. An...

by Explorer in

Splunk vs IPv6

I have some questions about Splunk for IPv6. C I want to know if the Splunk software architecture supports IPv6? ...

by New Member in

How do I parse single-line entries for stacked timechart?

I've got a scripted input that dumps a line like the following every minute: 2011-12-22 08:46:56,0,30,6 What I...

by Path Finder in

Combine two stats count

How to combine these two stats count into one? ... | stats count by operation operation count added gid ...

by Explorer in

conditional field choice

Hello, I have log files which have both IP numbers (field IP) and corresponding names (field DNSNAME). I would lik...

by Communicator in

format field at search time (phone, ip, MAC, etc..)

I want to format nicely the fields or events at search time. by example : US phone : 11122223333 to (111) 222-3333...

by Communicator in

Compare values from multiple Data Inputs

I'm trying to write a search that will compare values from different data inputs and return the highest value to use ...

by Explorer in

using eval with automatic lookups

Is there a way to perform an eval when using an automatic lookup? I'm using user IDs in IIS logs to find a user's rea...

by Path Finder in

"Join" search and sub search and sum value of overlapping records?

I'm trying to combine the results of a search and subsearch. They have overlapping fields but different result sets. ...

by Path Finder in

Help with Splunk search (EVAL command)

I am trying to assign a value to a Severity field when the sourcetype = "low" or "Med" or "high". I.e. - IF source...

by Communicator in

Props.conf / Regex question

I add this to props.conf to detect shellscripts, but interesting enough this not only matches shell-scripts but also ...

by Communicator in

Group aggregate on logs

for example, i have the following 7 logs, 2011-DEC-17 slotid="Location-Maps-US-Sunnyvale" delta_msec="1487" seq="3...

by Path Finder in

Is there any way to write the search results (in table format) in to a lookup table

Hi Is there any way to write the search results (in table format) in to a lookup table i.e... | table field1,fe...

by Contributor in

How to sum numbers with commas

I would like to calculate the total for the following sample. These are numbers but have comma. 122 3,871 17,896 ...

by Explorer in

Case conidtion on the searches

My logs contain a field "A", i need to calculate a new field "B" based on the SLOT, when A=a1 OR A=a2, THEN B=avg of...

by Path Finder in

matching issue with a regex in search

Hello, I'm having an issue with a regex i did. I want to create a new column with my regex where there's 2 values ...

by Communicator in

Get Updates on the Splunk Community!

Splunk Search

Discussions

How does SPLUNK learn and correlate ?

field extraction in splunk

How to treat nulls as zeros for purpose of adding?

Table Modify Structure

Problems Evaluating Field After Rex Extraction

How do you format numbers produced by 'count over'?

Calculating page read time

Problem with using SOURCE_KEY

SVG instead of Flash

How to extract all hosts and their sourcetypes?

Splunk vs IPv6

How do I parse single-line entries for stacked timechart?

Combine two stats count

conditional field choice

format field at search time (phone, ip, MAC, etc..)

Compare values from multiple Data Inputs

using eval with automatic lookups

"Join" search and sub search and sum value of overlapping records?

Help with Splunk search (EVAL command)

Props.conf / Regex question

Group aggregate on logs

Is there any way to write the search results (in table format) in to a lookup table

How to sum numbers with commas

Case conidtion on the searches

matching issue with a regex in search

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions