Splunk Search

Start a Conversation

Discussions

Start a Conversation

Thread Info

How to subtract total values of 2 fields in a dashboard?

Hi there, I have a dashboard and I want to subtract the total number of events of 2 queries but not sure how to do...

by Path Finder in

Lookup and setting default values using a variable if an entry is not found in the lookup table

I have the following Query: index=obh_prod sourcetype=obh:edge:api proxy!="ow*" |lookup blink_six_providers Provide...

by Engager in

How to index data from zigbee2mqtt?

can't figure out how to indexing my data from zigbee2mgtt. The logs are exported from Home assistance via syslog, as...

by Observer in

What's best way to count calls from main search excluding sub search results?

Greetings. I'm trying to count all calls in this:index="my_data" resourceId="sip*" "CONNECTED"Where not in this:in...

by Path Finder in

How to find field value, based on where condition, and assign to variable?

Good Morning! I rarely get to dabble in SPL, and as such, some (probably simple) things stump me. That is what bro...

by Path Finder in

run different filter in an index search based on a condition in dropdown

Is it possible to run different filter in an index search based on a condition in dropdown below?The second filter wo...

by Communicator in

Need help with python script to log into Splunk Cloud

I have the following script, but it keeps erroring out. def connect_to_splunk ( username ...

by Path Finder in

Using comparison function within mstats

Hello fellow Splunkthiasts! I need some insights to understand how comparison functions in mstats could be used. Co...

by Path Finder in

Capture multiple values of same pattern in an event

How do we capture multiple URLs in a single event? Log1: type=EXECVE msg=audit(1695798790.101:25214323): argc=17 ...

by Explorer in

Getting a count of the number of fields associated with a sourcetype

I've done a little looking and poking around but haven't seen an answer to this - hopefully I haven't overlooked some...

by Motivator in

what is the use of below query?

index=botsv1 sourcetype="stream:http" | timechart max(date_year)

by Observer in

How to capture x,y data from stacked charts for drill down option

Is there a way of capturing the x, y and z data from a stacked chart? At the moment, my x and y are as follows ...

by Explorer in

Plot graph using lookup file

Hi Team, I have a got a request to plot graph of previous 30 days. But the org has a retention period of 7days set...

by New Member in

How to combine two csv?

Hi All, I have two csv files. File1.csv -> id, operation_name, session_id File2.csv -> id, error, operation_name ...

by New Member in

Blocked auditqueue causing random skipped searches and scheduler slowness on SH/SHC. Slow UI.

Blocked auditqueue can cause random skipped searches, scheduler slowness on SH/SHC and slow UI.

by Splunk Employee in

How to parse grepable Nmap output?

I have several events with similar to this raw data field that I would like to break down into a new event for each I...

by Path Finder in

ingesting nmap xml output

I have been trying to get nmap output into Splunk. I thought the xml output would be nice and straightforward! Whil...

by Explorer in

How to create a search for matching two fields value to one new field?

Hello Splunker, I'm trying to join two fields values in stats command using Eval , looks like I'm doing it wrong,...

by Explorer in

Missing settlement notification

Event and Report extract rules Use the payment business events to identify Transactions which have ACCP clearing st...

by Explorer in

How to filter results based on timeframe?

In my search results, I am getting IP and user details. I want to filter my search results if the same IP has been...

by Contributor in

Get Updates on the Splunk Community!

Splunk Search

Discussions

How to subtract total values of 2 fields in a dashboard?

Lookup and setting default values using a variable if an entry is not found in the lookup table

How to index data from zigbee2mqtt?

What's best way to count calls from main search excluding sub search results?

How to find field value, based on where condition, and assign to variable?

run different filter in an index search based on a condition in dropdown

Need help with python script to log into Splunk Cloud

Using comparison function within mstats

Capture multiple values of same pattern in an event

Getting a count of the number of fields associated with a sourcetype

what is the use of below query?

How to capture x,y data from stacked charts for drill down option

Plot graph using lookup file

How to combine two csv?

Blocked auditqueue causing random skipped searches and scheduler slowness on SH/SHC. Slow UI.

How to parse grepable Nmap output?

ingesting nmap xml output

How to create a search for matching two fields value to one new field?

Missing settlement notification

How to filter results based on timeframe?

Streamline Data Ingestion With Deployment Server Essentials

Remediate Threats Faster and Simplify Investigations With Splunk Enterprise Security ...

Introduction to Splunk AI

AD servers with indexing delays when evt_resolve_a...

Using comparison function within mstats

splunk search statement using keyword from input b...

Ex Cisco - run a report for all DFS users who logg...

Splunk query to list all the queries that time out