Splunk Search

Ask a Question

Discussions

Thread Info

Users who have never logged in.

How do i find users who have never logged in.I have the total list of users available in a lookup file.

by Communicator in

Thruput search help

I've got a search that will display max daily thruput over the last 30 days. index="_internal" source="/*/metrics....

by Communicator in

Query results based on stats

I would like to produce results from a query of syslog, based on the number of events using "stats", but show the res...

by Path Finder in

How I compare multivalued fields over time?

I perform a search that has results like the following where dest_port is a multivalued field: There are three fie...

by Communicator in

How do I get the total number of events per day per host... Efficiently and accurately?

We are trying to create a summery index search so that we can record the number of events per day per host. I would u...

by Communicator in

Adding multiple stanza as list in conf file via setup.conf

For my app i have my own .conf file. The app is the webmonitor app that will on a schedule iterate through a list of ...

by Splunk Employee in

Searching Saved Results

If you select "Action->Save results", is it possible to make reference to the results in a subsequent search? While s...

by Engager in

Limiting precision

Is there any easy way to limit precision in mathematical operations with eval? I've been requested to limit everythin...

by Builder in

Summary Indexing (or nice monthly stats from data)

So I'll explain what I've got, what I want then what I can't make work... I have lots of log files, they've been i...

by Communicator in

Searching events between period of time

Hi, i have configured a data input to monitor breakable-text logfiles. Now i want to search for events which are c...

by Contributor in

SQL table is log data and I want to export it into a text file???Help....

Anybody have any suggestions on how to export a SQL table which are full of logs to export it into a text file so tha...

by Explorer in

using top and stats in the same query? aggregated data and nonaggregated data?

I'm trying to do a search like this: index="errorlogs" | rex field=_raw "EXCEPTION:\s(?<exceptiontext>.*)" | stats...

by Communicator in

Extracting data from Splunk using splunkmse

Hi All, We are using splunk and we need to extract application data into a Datawaehouse to report alongside other ...

by Engager in

Extracting tabular information using KV_MODE

Hello I have a search that uses multikv in the search command to take my tablular event and split it up into field...

by Communicator in

Line Graphs Dynamic Line

Finally getting used to Splunk and have it importing my data from a database. Now I'm working on generating a line...

by Engager in

How do I list all active input stanzas in all apps?

Is it possible to get an list of all input stanzas currently configured? I am currently looking in to performance ...

by Path Finder in

search every day in last week at specific times

hello again. I have a search where I'd like to go back 1 week and then search the same time on each day during tha...

by Builder in

Results of Saved Search included in email but since 4.1.6. gets cut off

In Splunk 4.1.4 we had a scheduled search running that delivered hourly a Top 1000 result list via email + RSS feed. ...

by Contributor in

How do I disable the free version's reminder that the search scheduler is disabled?

I have been trialling the Enterprise version and tweaking so I could fit under the 500MB/day limit (we're a startup, ...

by Engager in

Windows Events Log

Hello list, i have a requirement where i imported Windows Event log (CSV format) into splunk, and now i need to ex...

by Explorer in

How to Parse Results?

I am interested in seeing only pieces of a message in the results. I would like to be able to run a search and return...

by New Member in

Splunk Support Python 2.7 ???

Wondering if Splunk latest version support Python 2.7 otherwise user community has compatability issues

by Path Finder in

Count by grouping on a string in the results?

I have a bunch of log entries that all come from the same host as far as Splunk is concerned, but contain the name of...

by Path Finder in

Search XML data inside Text File

The Log file fed to splunk is a *.txt i.e. Text file but it has XML data inside it as shown below 2010-11-17 12:59...

by Path Finder in

Intermediate forwarder problems / timestamping / transforms

Hi we have a rather complicated setup, part of which uses an intermediate forwarder (full wf) to pass events from a s...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Users who have never logged in.

Thruput search help

Query results based on stats

How I compare multivalued fields over time?

How do I get the total number of events per day per host... Efficiently and accurately?

Adding multiple stanza as list in conf file via setup.conf

Searching Saved Results

Limiting precision

Summary Indexing (or nice monthly stats from data)

Searching events between period of time

SQL table is log data and I want to export it into a text file???Help....

using top and stats in the same query? aggregated data and nonaggregated data?

Extracting data from Splunk using splunkmse

Extracting tabular information using KV_MODE

Line Graphs Dynamic Line

How do I list all active input stanzas in all apps?

search every day in last week at specific times

Results of Saved Search included in email but since 4.1.6. gets cut off

How do I disable the free version's reminder that the search scheduler is disabled?

Windows Events Log

How to Parse Results?

Splunk Support Python 2.7 ???

Count by grouping on a string in the results?

Search XML data inside Text File

Intermediate forwarder problems / timestamping / transforms

Can’t make it to .conf25? Join us online!

Take Action Automatically on Splunk Alerts with Red Hat Ansible Automation Platform

Calling All Security Pros: Ready to Race Through Boston?

Beyond Detection: How Splunk and Cisco Integrated Security Platforms Transform ...

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions

Can’t make it to .conf25? Join us online!