Splunk Search

Community Activity

192.168.10.10 took too long to respond I'm trying to build Active directory in my homelab and I configured splunk to the ip address of 198.162.10.10 but it ... by nellyma New Member in Splunk Search 04-13-2025 0 5	0	5
tstats joined to index query using stats Hello team,I know I can use stats instead of join. For our purposes we sometimes do that with 2 different indexes.No... by dmitrynt Engager in Splunk Search 04-12-2025 0 7	0	7
How can I get a statistics table comparing discovered assets over time ? Hello Guys,I'm trying to get the following table:I have the following fields in my index: ip, mac, lastdetect (timest... by Ombessam Path Finder in Splunk Search 04-11-2025 0 6	0	6
Indexer search errors Hi,One of our three clustered indexers is having search errors and high CPU fluctuations for splunkd main process aft... by zijian Explorer in Splunk Search 04-11-2025 0 6	0	6
Query that checks if field values have changed to exclude events Hi Friends,I am working a query that checks if the value of a field has changed to a state of resolved to exclude it ... by Splunkie Explorer in Splunk Search 04-11-2025 0 4	0	4
Regex refining RegexPlease tell me what will be the best and effective way to write regex here:"vs_name":"v-juniper-uat.opco.sony-44... by Karthikeya Communicator in Splunk Search 04-10-2025 0 11	0	11
"New Search" function of Table view misses Index Hello,today I have found a bug(?) in the "New Search" function from the Table view.What I do mean with the "New Searc... by testuser013 New Member in Splunk Search 04-10-2025 0 3	0	3
Details under count How do I show details of individual records in a count total? I have a query that counts events, and then returns the... by spm807 Explorer in Splunk Search 04-09-2025 0 10	0	10
Applying an inputlookup across a list of values We have a use case where some JSON being ingested into Splunk contains a list of values like this: "message_se... by bpenny Explorer in Splunk Search 04-09-2025 0 4	0	4
data types How can you query an index to find out the data types of the fields and any attributes that describe the field? from... by rcbutterfield Explorer in Splunk Search 04-08-2025 0 2	0	2
Saved Search ( Scheduled Report) in Simple XML Dashboard Hello,I am facing an issue when a saved report is used in a simple xml dashboard using \| loadjob savedsearch="madhav.... by madhav_dholakia Contributor in Splunk Search 04-08-2025 0 1	0	1
Memory Usage this is the search\| rest /services/server/status/partitions-space splunk_server=*\| eval free = if(isnotnull(available... by SN1 Path Finder in Splunk Search 04-08-2025 0 2	0	2
Salesforce UserLicense Events I have been using the Splunk Add on for Salesforce Add on for while now but i want to know if anyone else is using it... by vishalduttauk Communicator in Splunk Search 04-08-2025 0 2	0	2
Rest search with map doesnt work as intended This is the SPL i m using\| rest /servicesNS/-/-/saved/searches splunk_server=local\| fields title\| search title=Report... by splunkinator53 Explorer in Splunk Search 04-07-2025 0 3	0	3
Is it possible to determine obsolete dashboards? Is it possible to identify obsolete dashboards? or the last time a dashboard was executed? by python Explorer in Splunk Search 04-07-2025 0 4	0	4
How to display a trendline for distinct count of a field I want to add a trendline to this chart:index=my_index \| timechart dc(USER) as DISTINCT_USERSHow do I accomplish this... by jbrenner Path Finder in Splunk Search 04-07-2025 0 1	0	1
eval field is not working in where condition by shraddha09 Observer in Splunk Search 04-07-2025 0 7	0	7
Human Readable Indexed Logs Hi All, I would like to read Splunk indexed log/data using text editor tool (like Notepad, etc.). I understand Splunk... by Splunkduck09 Explorer in Splunk Search 04-06-2025 0 7	0	7
Results returned from subsearch / appendcolos inaccurate I have the following simplified version of the query where for each caller, I need all_calls (from sourcetype=x) and ... by osh55 Engager in Splunk Search 04-06-2025 0 5	0	5
difference between data model vs splunk dashboards Hi All, could you please clarify me what is the diff between data models and splunk dashboards? Thanks by okumar1 Engager in Splunk Search 04-06-2025 0 5	0	5
Need help to extract field from raw Please find the below attached screenshot and data sample i need to create 5 felids problem statement - old splunk qu... by bhaskar5428 Explorer in Splunk Search 04-04-2025 0 5	0	5
Combining multiple events from downloading external document into a reportable event This has been scratching my head. I'm working on dashboards on user activity on our application. Multiple dashboards ... by DarthHerm Explorer in Splunk Search 04-04-2025 0 6	0	6
Merging local into default using git? I would like to periodically merge stuff in /local into /default and then delete whatever is in /localI have a reposi... by dominiquevocat SplunkTrust in Splunk Search 04-04-2025 4 31	4	31
ISE Logging Hello,I wanted to filter Cisco ISE Logging Activities by authentication, authorization, and accounting.So far, I've b... by netmart New Member in Splunk Search 04-04-2025 0 4	0	4
Regular Expression HI , I want to extract purple part. But Severity can be Critical as well .[Time:29-08@17:52:05.880] [60569130] 17:52:... by Siddharthnegi Contributor in Splunk Search 04-04-2025 0 2	0	2