Splunk Search

Discussions

Thread Info

How to search two different values in different text files which has same index?

How to search two different values both the values are in different text files which has the same index and the final...

by Explorer in

Add word in the workflow action.

Hey splunkers, I have a doubt. I created a GET workflow action to search field in the google, but I can't put a w...

by Communicator in

Cumulate counts in timechart for sw-rollout

Hi, I'm looking for a function to cumulate values in a timechart, so I can see a real-time development of a softwa...

by Path Finder in

stats count by multiple values with conditions

Hello All, i have the following query with results: Query: index=X1 OR index=X2 OR index=X3 OR index=X4| stats ...

by Explorer in

Upgrade to 5.x, some of my existing searches are taking longer to return results. Not as many scheduled searches are running on time. Could fetch_remote_search_log setting be a factor?

After upgrading to 5.x, I noticed that some of my searches are taking a longer time to return results than prior. Sea...

by Splunk Employee in

Can you go back to the previous query?

I was wondering if any thought was ever given to having a query back button similar to the browser back button but re...

by Splunk Employee in

Field Extraction for Values with random keys

Hi I am trying to extract a field named session_id (I have highlighted the fields in bold) from a log file, but th...

by Splunk Employee in

is there an equivalent to the back button in a search

sometimes I click on something I didn't mean to and it leaves the search results I was looking at. How do I get back ...

by Path Finder in

How can you restrict a timechart to display only weekdays?

Hi This has been asked before, over 18 month's ago, and there was no answer to it. http://answers.splunk.com/answ...

by Path Finder in

table cell clickable and dispaly related graph

i have a table with 4 columns and 5 rows .when i click on 1x1 cell should redirect to particular view and 2x1 cell sh...

by Explorer in

Splunk dont show fields after parsed. why?

Sample Log File 2013-10-31|2013-10-31 00:00:00|serv1|ws1|Mozilla|p1=1,p2=2,p3=3|hash1||method1|id||2.01 2013-11...

by Explorer in

Duration With Just days

I know that if you use duration it gives the days but it also gives the hours, minutes, etc. I want just the days. Th...

by Explorer in

how to get trend on a field from the logs

Hello i am new to splunk, i have this script that runs every minute and appends a log, it looks like this: 11:05:0...

by Explorer in

Calculate Seconds that are over 60 minutes, to Days, Hours, Minutes, Seconds

I have an issue with calculating seconds that go over 60 minutes that sums to be a few days. One of my eval calcul...

by Path Finder in

"Other" option in pie chart

I am displaying my 20 hosts in pie chart using following query:- index="test" sourcetype="power_usage" | chart fir...

by Path Finder in

Field Extraction (Regex) When Column Is Sometimes Absent

Hi, I'm working on a Regex for field extractions of an alert log. The log has 1 line per alert in the following forma...

by Path Finder in

DB connect not loading data

database connection added successfully. have given the sql query in that Data Inputs for a database source create ...

by Loves-to-Learn in

New Field From a Current Field Up to a Certain Character (In a Search)

I have a field named FieldA. It looks like this: 10.10.10.10->10.11.11.11 I want to create a new field (FieldB)...

by Builder in

Comparing two fields from different sources

Dear all, I would like to compare two fields on a sequential way coming from different sourcetypes already indexed...

by Explorer in

Transaction Duration Duplicated due to multiple same event

Hello, I'm trying to get the duration of a transaction starting with "green" and stopping with "red" : The problem...

by Engager in

Get Updates on the Splunk Community!

Splunk Search

Discussions

How to search two different values in different text files which has same index?

Add word in the workflow action.

Cumulate counts in timechart for sw-rollout

stats count by multiple values with conditions

Upgrade to 5.x, some of my existing searches are taking longer to return results. Not as many scheduled searches are running on time. Could fetch_remote_search_log setting be a factor?

Can you go back to the previous query?

Field Extraction for Values with random keys

is there an equivalent to the back button in a search

How can you restrict a timechart to display only weekdays?

table cell clickable and dispaly related graph

Splunk dont show fields after parsed. why?

Duration With Just days

how to get trend on a field from the logs

Calculate Seconds that are over 60 minutes, to Days, Hours, Minutes, Seconds

"Other" option in pie chart

Field Extraction (Regex) When Column Is Sometimes Absent

DB connect not loading data

New Field From a Current Field Up to a Certain Character (In a Search)

Comparing two fields from different sources

Transaction Duration Duplicated due to multiple same event

Take the 2021 Splunk Career Survey for $50 in Amazon Cash

Using Machine Learning for Hunting Security Threats

Observability Newsletter Highlights | March 2023

Look up table with "*" or "any&quot...

Splunk searches using lookup might get affected if...

How to delay with search result when run via Splun...

KV Store status is currently unknown- How to resol...

Combining results in metric index?