Splunk Search

Discussions

Thread Info

Simple chart from field values, rather than field count

sourcetype=syslog "CPU Temp" | sort –CPU_Temp | table host CPU_Temp CPU_Temp is a field with a numerical value (Te...

by Communicator in

Filtering queries by large lookup

I have a large lookup full of bad domains. The lookup is simply a domain name per line. I would like to search throug...

by Path Finder in

Calculating Mb/Sec over time

We are having trouble properly rolling up web access logs to show a macro view of Mb/Sec (megabits per second). We ar...

by Communicator in

Recommended kv extract syntax

What would be the recommended syntax for writing kv pairs in our logs to easily get extracted by splunk. (performance...

by Path Finder in

How can I create a timechart for two different searches

Hi, I want to create a timechart that plots results from two separate searches overlapped in the same chart. An ex...

by Path Finder in

Add image to search

Hi, i need to add an image like green, yellow, red to a rangemap search. Instead of the string of the rangemap. ev...

by Path Finder in

Merging different log formats

All, I am wondering it it's possible to take two entirely different source file formats (containing the same data)...

by Contributor in

Transaction command in Oracle XML Logging

I am trying to do a search that matches on the term of commit, then use the transaction statement to tie it back to e...

by Path Finder in

Need simple search help

Hello all, I haven't taken as much time to understand the splunk search capabilities as I should. I'm reading up toda...

by Explorer in

CDR - Calculate number of Active Calls at any give time

Hi, I am trying to calculate the number of Active Calls at any 'given time' from Call Detail Records (CDR). CDRs stor...

by Explorer in

Simple question.. I think.. Charting field values over time

I have a search that defines a transaction. Fields extracted are rmi_time and persist_time. How can I graph those val...

by Path Finder in

How to graph values using timechart?

Here is a snippet from my logfile: Mar 24 01:31:11,388 INFO [0x41401960]: NoSnmpMibInstance: CountWorker.ProcLoTi...

by Splunk Employee in

Routing to nullQueue based on extracted field

Hi, is it possible to route events to nullQueue based on the value found in a field generated by a csv lookup? I a...

by Builder in

Field extraction from source plus custom sourcetype

Hello, I am using Free Version. I would like to use field extraction at (search time or run-time it does not matt...

by New Member in

setting field values

Hi guys, how doi go about setting a field value if it is empty... I have a field prefix... i use this field whe...

by Path Finder in

Searching, regex, learning opportunity

I am trying to refine a built in search to the Windows app. The search is failed logins. source="wineventlog:s...

by Contributor in

Trim field for operations

Hey everyone, I have an event type containing two fields that I need to trim. They're currently in this format: 02...

by Builder in

Limit Queries based on user accounts

I would like to spearate general query utilization between various groups. Example: only allowing Scruirty personnel ...

by Explorer in

Find text in field

I am working to try and correlate two types of records. Each has telephone number fields called Calling_Number and Ca...

by Builder in

Using regex to extract domain from delimited email recipients, and then count them

I need to count the number of incoming emails from external and internal sources, and the number going out to interna...

by Path Finder in

ServerSideInclude and Cache

I am using the ServerSideInclude feature to add custom javascript to a module. The problem comes up when I take a ...

by Communicator in

How do I count the results I'm getting?

When I do this search, I get 17 results back: index=hubtracking | where like(sender_address, "%@gmail.com") I ...

by Path Finder in

Increase chart image size

I have the following pie chart. It's working fine but the chart is really small and the writing gets bunched together...

by Path Finder in

Append Eventtype to Top listing

I have a listing of top denied connections that lists the src_ip, dest_ip, count for the top 10 denied connections th...

by Communicator in

How would I do a DNS lookup against an internal IP table?

If I have an internal IP address in my data, is there some way I can run a lookup to determine the hostname via Splun...

by Champion in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Simple chart from field values, rather than field count

Filtering queries by large lookup

Calculating Mb/Sec over time

Recommended kv extract syntax

How can I create a timechart for two different searches

Add image to search

Merging different log formats

Transaction command in Oracle XML Logging

Need simple search help

CDR - Calculate number of Active Calls at any give time

Simple question.. I think.. Charting field values over time

How to graph values using timechart?

Routing to nullQueue based on extracted field

Field extraction from source plus custom sourcetype

setting field values

Searching, regex, learning opportunity

Trim field for operations

Limit Queries based on user accounts

Find text in field

Using regex to extract domain from delimited email recipients, and then count them

ServerSideInclude and Cache

How do I count the results I'm getting?

Increase chart image size

Append Eventtype to Top listing

How would I do a DNS lookup against an internal IP table?

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

What’s New in Splunk Observability – September 2025

Fun with Regular Expression - multiples of nine

In Splunk studio, is it possible to populate a tex...

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

Splunk Search

Are you a member of the Splunk Community?

Discussions