Splunk Search

Community Activity

Help Getting Grandparent Processes added to events I have an alert which filters process creation Windows logs. I'm attempting to add the grandparent process and comman... by dtaylor Path Finder in Splunk Search 4 weeks ago 0 18	0	18
How get data for yesterday, last month on that day, and last year on that day I want o create a dashboard for my API response times and TPS for comparison between multiple timeframes. When ever s... by kuul13 Explorer in Splunk Search a month ago 0 8	0	8
Alert Hi , I want to make an alert of all the indexes that are receiving 0 events in last 24 hr. Thanks by SN1 Path Finder in Splunk Search a month ago 0 1	0	1
How to finetune subsearch I have below requirement. I am working on two types of events. Source 1 - From here I wanted to take employee email a... by NAGA4 Engager in Splunk Search a month ago 0 2	0	2
Extraction does not take place in raw events This happens in one of newly installed 10.0.1 instances. The only data ingested is tutorialdata.zip from Splunk Tuto... by yuanliu SplunkTrust in Splunk Search a month ago 0 3	0	3
Help with DNS Top 10, HTTP Traffic Volume by Day, and Time-Based Line Chart BOTSv1 Hi all,I’m working with the BOTSv1 dataset in Splunk and I’m trying to solve three tasks.I would appreciate some guid... by samaG02 Engager in Splunk Search a month ago 0 2	0	2
Duplicated JSON fields on search Hello, I am running into the "common" issue of duplicated JSON fields. I use Splunk Enterprise 9.2, with an Universal... by john789789 Observer in Splunk Search 11-22-2025 0 4	0	4
Create a HEC Token For splunk Enterprise & Splunk Cloud via the PostMan Tool I ve came across a post where im trying to fetch the HEC Token via the REST API.When I tried that locally Im getting ... by PoojaDevi Loves-to-Learn Lots in Splunk Search 11-21-2025 0 4	0	4
Using Splunk to Analyze Web Traffic & Machine-Generated Data from External Content Sites I’ve been working with Splunk recently to improve the way we collect and analyze machine-generated data coming from v... by Joe_Hartzel Explorer in Splunk Search 11-21-2025 0 0	0	0
search to generate 5 sample events for lots of index/sourcetype pairs I need to provide feedback on ways logging formats could be improved.To that end, I'm trying to create a search that ... by esalesapns2 Communicator in Splunk Search 11-21-2025 0 3	0	3
Splunk forwader Can i get help with how i can download the older version of splunk forwader. The 9.0.5 specifically. It's not amongst... by ginagodwin New Member in Splunk Search 11-20-2025 0 3	0	3
Limits of events returned Hi guys, is there a limit of the number's events returned in splunk? I'm trying to run a query with inputlookup, but... by AleCanzo Explorer in Splunk Search 11-20-2025 0 5	0	5
Is there a way to determine the install date for Splunk universal forwarders? We are using SCCM to install Splunk Universal Forwarder in our organization and via our Deployment server, I can keep... by jwalzerpitt Influencer in Splunk Search 11-20-2025 3 2	3	2
Does the REST API allow to retrieve the XML source code of Classic Dashboards? I sometimes lose the source code of a dashboard, and therefore, I wonder if I can automatically take a backup of my d... by danielbb Motivator in Splunk Search 11-19-2025 0 2	0	2
DMP files are killing my drive!! Every 10 min DMP files and the text document are being created on my drive: C__Program Files_Splunk_bin_splunkd_exe_... by ethompso Explorer in Splunk Search 11-19-2025 1 6	1	6
How to find the file name of largest file using splunk query I have file name and file size.I would like to find largest file name.My query:<search>\| stats max(File_Size_MB) AS L... by Nithiya1 Explorer in Splunk Search 11-19-2025 0 3	0	3
OR statement with results from DBXquery Hopefully this makes some sense. I am working on a dashboard that pulls up activity when someone clicks on the detai... by DarthHerm Explorer in Splunk Search 11-17-2025 0 2	0	2
Using lookups to augment searches with additional filters I sometimes need to make some changes to my eventtype definitions.However, I do not actually want to edit the query i... by zapping575 Path Finder in Splunk Search 11-17-2025 0 12	0	12
How to identify external IP addresses I am attempting to identify external IPs that are accessing our servers more than a given number of times each day in... by brandonmurphy New Member in Splunk Search 11-17-2025 0 8	0	8
How do I find internal and external ip addresses of splunk universal forwarder? Hi there, I have a use case to query internal and external ip addresses of the host which has UF installed. I am usin... by snakhuda Engager in Splunk Search 11-17-2025 0 13	0	13
What capabilities are required for the "sendemail" search command? The ability for many things in Splunk is controlled by capabilities applied to roles/users. In order for a user to ut... by athoma31 Explorer in Splunk Search 11-17-2025 0 3	0	3
Outputlookup followed by stats command causes extra column to be generated Hello, I came across some unexpected search behaviour today.When using the outputlookup command followed by a stats c... by Anders333 Explorer in Splunk Search 11-16-2025 0 2	0	2
Forward logs from Splunk A to Splunk B, restricted to hosts within a specific index. I have a Splunk server (Splunk A) with indexes named var_log_***, which contain logs from both UAT and Prod hosts. I’... by quangtran Explorer in Splunk Search 11-16-2025 0 3	0	3
Configuration initialization took longer than expected when dispatching a search I must admit what is happening makes no sense. Take this error for example:[OurIndexer01,OurIndexer02,OurIndexer03] C... by Gregski11 Contributor in Splunk Search 11-13-2025 0 2	0	2
Why are not all field values are extracted for long JSON files? Hi, I am trying to ingest long JSON files into my Splunk index, where a record could contain more than 10000 characte... by wu_weidong Path Finder in Splunk Search 11-12-2025 0 9	0	9