Splunk Search

Community Activity

	Total Memory Hello i run df -h on indexer and i gotnow i want the total , available and used space but using SPL how can i achieve... by SN1 Path Finder in Splunk Search 03-12-2025 0 6	0	6
	comparing scores I am trying to find a way to compare the results listed in a table to each other. Basically the table lists the resul... by dolj Explorer in Splunk Search 03-12-2025 0 3	0	3
	Searches returning unexpected results I am fairly new to Splunk. I am testing out different search queries and getting inconsistent results. In this examp... by tchamp Explorer in Splunk Search 03-11-2025 0 3	0	3
	Help with search query using multiple tokens and filters HI, im trying to create filter for network connections. But i cannot make work few tokens in the same time.I want to ... by ekmek4 Explorer in Splunk Search 03-11-2025 0 4	0	4
	Why Am I Seeing Events In The Future And How Do I Stop It Hi Guys, I hope someone can help me out or give me a pointer here. When I run my searches I always get events in the... by OgoNARA Explorer in Splunk Search 03-11-2025 0 4	0	4
	Combining Searches I am trying to figure out the best way to perform this search. I have some json log/events where the event data is sl... by tchamp Explorer in Splunk Search 03-11-2025 0 5	0	5
	Equivalent timechart correlation query without subsearch Can someone help create an equivalent query to the following, without using subsearch? There are probably too many re... by dzhangw7 New Member in Splunk Search 03-11-2025 0 2	0	2
	sum(count) returning 0 events Hi everyone.I have a query that basically filters certain events and sums them by category. But I'm facing issues whe... by pedropiin Path Finder in Splunk Search 03-10-2025 0 4	0	4
	Dedup removing all elements Hello everyone. I'm dealing with a query that deals with certain "tickets" and "events", but some of them are duplica... by pedropiin Path Finder in Splunk Search 03-10-2025 0 2	0	2
	Append number by value to results Hi SplunkersI'm looking for a way to append a column with an ID based on the value of another field.Base search gives... by dataisbeautiful Communicator in Splunk Search 03-10-2025 0 9	0	9
	how to remove few content from splunk output Hi All,I have a splunk query giving results in this format:Time ... by avi123 Explorer in Splunk Search 03-10-2025 0 2	0	2
	Logging Requirement CTO 24-003 Is there anyone familiar with any guidance on fulfilling the logging requirements for CTO 24-003 with splunk queries ... by Aghansah New Member in Splunk Search 03-10-2025 0 2	0	2
	Different search results in search and dashboard Hello everyone!I came across a strange behavior.I was building a dashboard and noticed that some results look unexpec... by NoSpaces Contributor in Splunk Search 03-10-2025 0 3	0	3
	Splunk Query to extract id's from a event and display the ID's Below is the search and I need to extract the ID's shown in the below event and there are also many other ID's. Pleas... by Vin Engager in Splunk Search 03-09-2025 0 4	0	4
	Pie Chart is not showing smaller values Hi , I have a CSV file, whose visualization I want to see in the form of Pie-Chart. But on display, one of the parame... by harshal_chakran Builder in Splunk Search 03-08-2025 0 7	0	7
	How to calculate properly calculate delay for multiple events with same reference Hi,Here is a scenario:Step 19h30 TradeNumber 13400101 gets created in system9h32 TradeNumber 13400101 gets sent to ma... by DPOIRE Path Finder in Splunk Search 03-07-2025 0 8	0	8
	Data Not Stored in Metric Index Hey all,I am new to Splunk Enterprise and I would like to understand more about metrics and the use of metric indexes... by olahlala24 Engager in Splunk Search 03-06-2025 0 3	0	3
	How to Perform a Lookup in Splunk When Some Fields in the Lookup Table Are Empty ? I’m working on a Splunk search that needs to perform a lookup against a CSV file. The challenge is that some of the f... by tomapatan Contributor in Splunk Search 03-06-2025 0 3	0	3
	How do I monitor Windows application install and removal? I need to monitor all Windows servers to alert if there is a critical application got uninstalled. The simplest query... by deav Loves-to-Learn in Splunk Search 03-06-2025 0 5	0	5
	How to display one to one mapping between fields in stats command Hi there, how can i use stats command to one to one mapping between fields . I have tried "list" function and "valu... by neerajs_81 Builder in Splunk Search 03-06-2025 0 1	0	1
	How to use only the latest group of events for each machine to display in the table Hello dear Community!I have a set of separate machines logging number of different events to Splunk, each group can b... by nksiba Engager in Splunk Search 03-06-2025 0 2	0	2
	Extract value by dynamic fields Hi Community,I have the following challenge. I have different events, and for each event, I want to generate a summar... by alesyo Engager in Splunk Search 03-05-2025 0 5	0	5
	Can you pass a regex as field value to the rex command Hi All,In SPL2 Ingest Pipeline I want to assemble a regular expression and then use that in a rex command but I am ha... by Keith_NZ Explorer in Splunk Search 03-05-2025 0 6	0	6
	Ingest processor rex problem Hi,I am new to Ingest Processor and have had some success but am having an issue with the rex command so I have creat... by Keith_NZ Explorer in Splunk Search 03-05-2025 0 2	0	2
	Merging data from JSON snippets Dear Splunk community,I have following sample input data, containing JSON snippets in MV fields: \| makeresults count=... by rikinet Path Finder in Splunk Search 03-05-2025 0 2	0	2