Splunk Search

Community Activity

bandwidth utilization percentage I have the below search and I want to modify it to get the bandwidth utilization percentage. Whats the best way to go... by ayomotukoya Explorer in Splunk Search 03-26-2025 0 10	0	10
Extract field value after special characters from delimiter string Need help cleaning up my rex command line with data delineated by (,) then extracting the value after the (=) charact... by ramuzzini Path Finder in Splunk Search 03-25-2025 0 3	0	3
Multivalue field extraction from nested field Hello folks,I have a series of event results which take the format as shown below: appDisplayName: foo appId: f... by b17gunnr Path Finder in Splunk Search 03-25-2025 0 3	0	3
Cannot connect remotely to Splunk Web interface I have a problem where I cannot remotely access the web interface (not via HTTPS or HTTP on either 8000 or 8089) of o... by reswob4 Builder in Splunk Search 03-25-2025 0 3	0	3
Introspection Hello I am running searchindex=_introspectiondedup host table hostin result i am not able to see one indexer and one ... by SN1 Path Finder in Splunk Search 03-25-2025 0 6	0	6
reformatting output in table Hi everyonei have a dataset\| makeresults\| eval APP1="appdelta", hostname1= mvappend("syzhost.domain1","abchost.domain... by secure Path Finder in Splunk Search 03-24-2025 0 2	0	2
Add Line Breaks with Eval This might be a silly question, but has anyone figured out how to add line breaks to text that has been evaluated wit... by gcoles Communicator in Splunk Search 03-24-2025 11 16	11	16
How to extract value with dynamic key name Hi Experts,I have the following data. {<!-- -->"TIMESTAMP": 1742677200,"SYSINFO": "{\"number_of_notconnect_interfaces\":0,\"h... by shimada-k Explorer in Splunk Search 03-24-2025 0 6	0	6
Getting totals of child processes at the parent I have an index with a list of transactions, the transactions in the system start as 1 process with a transaction num... by kiwiglen Observer in Splunk Search 03-23-2025 0 11	0	11
custom Dropdrown with "ALL' Hi I have dashboard with Data Entity drop down ,i want to add a drop drown "ALL" ,if i select ALL and hit submit butt... by nithys Communicator in Splunk Search 03-23-2025 0 3	0	3
Cluster Map - Show Country Border Hi Splunkers, I would like to display a count divided by several locations on a map. On the map, I would like only th... by molla Explorer in Splunk Search 03-23-2025 0 2	0	2
Base search not returning results Hello folks,I trying to use a base search within a dashboard but it consistently returns no results. However, when I ... by b17gunnr Path Finder in Splunk Search 03-21-2025 0 6	0	6
How to display an input only for a specific tab in your dashboard ? Hello guys,I have a dashboard with two tabs. I've added a dropdown input and I'm going to add more inputs. But I wan... by Ombessam Path Finder in Splunk Search 03-21-2025 0 3	0	3
Online, interactive regular expression tester for Splunk regular expressions? I am using the Interactive field extractor to try and extract certain fields. However, regular expressions are tricky... by stefanlasiewski Contributor in Splunk Search 03-20-2025 1 7	1	7
need difference from multivalue table column i have a list of hostnames being generated from left join for different application in multivalue table columnAPP1hos... by secure Path Finder in Splunk Search 03-20-2025 0 7	0	7
Splunk Observability Cloud - Kubernetes Monitoring - CPU Limit I am using Splunk Observability Cloud for Kubernetes monitoring and trying to retrieve data for container CPU limits ... by parumugam Observer in Splunk Search 03-20-2025 0 1	0	1
Search & compare value for each search result to value in CSV (inputlookup or lookup) Hi,I have a query that goes something like this:index=myindex \| eval urgency="medium", account_name='awsMetadata.acco... by majlo333 Observer in Splunk Search 03-20-2025 0 1	0	1
Using a timechart click.value as the midpoint of another panel's earliest and latest So, have a timechart with multiple streams.Call them X, Y, and Z.Run the panel for a 4h timeframe.I want to click a p... by Braagi Explorer in Splunk Search 03-20-2025 0 2	0	2
Date Conversion Hi SMEs;I'd like to convert the following date format into epoch: yyyymmdd. E.g 20220508.Any assistance would be app... by mrdeterville Explorer in Splunk Search 03-19-2025 0 1	0	1
Replace in SPL2 not working like SPL Hi,I am having trouble getting replace to work correctly in Ingest Processor and have this example.In SPL I can run t... by KeithH Communicator in Splunk Search 03-19-2025 0 6	0	6
Run lookup before streaming command (anomaly) Hello Team,I need to run anomaly command on the top of results returned by the lookup.My lookup is geo: enriching my ... by MichalG1 Path Finder in Splunk Search 03-19-2025 0 4	0	4
Where to download lookup file related to sales index (retail sales) used in search tutorial ? count retail sales events for strategy games I can't find categoryId field by default from the search tutorial data. ... by Ombessam Path Finder in Splunk Search 03-19-2025 0 3	0	3
Search auto-cancelled Hi All,I have following Query index=wineventlog\|eval _time = strftime(_time,"%Y-%m-%d %H:%M:%S") \|eval device_name = ... by hema_5757 Observer in Splunk Search 03-19-2025 0 4	0	4
Display all results if text field is * , or partials results based on any part of phone number entered I'm trying to have the dashboard return all results if the text field is * or return all phone numbers with a partial... by JohnD-Splunker Engager in Splunk Search 03-19-2025 0 4	0	4
Data Exfiltration via E-Mail Hey everyone,I am currently trying to write a search that monitors outgoing E-Mail traffic. The goal is to see if bus... by Skinny Engager in Splunk Search 03-19-2025 0 3	0	3