Splunk Search

Discussions

Thread Info

What is Splunk search runtime?

OK I think I know what it is Splunk Search Runtime, but I have not ever thought what values or insights can this feat...

by Observer in

Why are incidents are not showing in impact tab in Splunk?

Hi all, We are creating episodes and incidents are getting created in SNOW , the incident number is available in A...

by Engager in

How to compare two results every week and display the differences from one index?

Hi team, I want to compare two results every week and display the differences from one index. And I want create Jir...

by Loves-to-Learn Lots in

When I am using this search, I am not getting accurate results?

Search: |tstats count where index=att_acc_app source=applicationissues.log by PREFIX(client_application_name=)...

by Path Finder in

Why does Dashboard studio datetime looks strange?

HI! My Dashboard studio dateime looks strange T. T [Dashboard Studio View ↓ ] namedatetimecounttom2022-12-01T0...

by Explorer in

How to disable word wrap in custom apps table search?

Hi Everyone, I created a custom Splunk app, and when using the (un-modified) search dashboard within the app to pr...

by Path Finder in

How to display label inside chart area in pie chart?

Hi i am unable to display lable or any result need to display chart area instead of default lables for splunk pie...

by Loves-to-Learn Lots in

Regex help to extract logname

I'm trying to extract logname from the following. So the logname value would be message.log/bblog.log/api.log Pl...

by Communicator in

How to achieve searching multiple indexes with one table?

I'm trying to create a table to view hosts in multiple indexes, and report if they are returning data. For exampl...

by Explorer in

Is there any way to execute a linux query and fetch the results of it in the Splunk search board?

Hi, Is there any way to execute a linux query and fetch the results of it in the Splunk search board? Following...

by New Member in

How to display a timechart of the Health Score as a function of time?

I am calculating a health rate for projects based on specific criteria, generaly its the SUM of projects ranked A or ...

by Loves-to-Learn Everything in

Where did my new dashboard get saved?

guys and gals let me start off by saying that my Search Game is weak, lolIn version 9.0.0 on a Winderz platform I was...

by Contributor in

Execute regex statements only when a condition is met?

I have a use case where i would need to use regex to extract values only if a condition is met. ...

by Observer in

Can you help to match events with an inputlookup search?

Hi, I use the basic query below in order to collect the model of a host (workstation) index="xx" sourcetype="WM...

by Motivator in

Is it possible to get a list of all the Indexes which are used in ITSI and all the related services to those indexes?

Hello Community ! Is it possible to get a list of all the Indexes which are used in ITSI and all the related services...

by Explorer in

lookup output renaming and running into issues? Trying to tstats + lookup doesn't work

Hello, I have let's say "inherited" a few searches and try to understand them. here is the search: | look...

by Communicator in

How to get the percentage using values in event over two columns?

Hello Splunk masters I am trying to figure out how to get a rate (percent) by looking at two strings within a colu...

by Path Finder in

Help with search using eval and table?

index="hx_vm" LogName="Microsoft-Windows-Sysmon/Operational" "EventCode=11" ComputerName=DESKTOP-933JR8...

by New Member in

Can anyone explain what is ad hoc search?

by Explorer in

How to invert y-Axis in any chart?

I tried official documents and community searches but couldn't find out how to reverse y-axis. not transpose or xy-...

by Loves-to-Learn Everything in

How to add values from a split to an existing field?

Hello, i'm trying to add values to an existing field but i'm running into a wall. I have a field name vector and a...

by Explorer in

How to hide duplicate values in consecutive table rows?

Hello! If I have this: LetterNumberA1A2A3B1B2 is there a way to get this: LetterNumberA1 2 3B1 2 ...

by Explorer in

Splunk search that will find when customers first logged in?

I'm trying to come up with a Splunk search query that I can use to find when customers have first attempted to log in...

by Path Finder in

How to group certain values in a column in a table?

I want to group the below table as below, I have a column we’re numbers are in all series, I want to segregate 100 se...

by Explorer in

Help with Regex?

I have a field "facilityAlias" for which location can be changed in every api log file. I have to extract that field...

by Explorer in

Get Updates on the Splunk Community!

Splunk Search

Discussions

What is Splunk search runtime?

Why are incidents are not showing in impact tab in Splunk?

How to compare two results every week and display the differences from one index?

When I am using this search, I am not getting accurate results?

Why does Dashboard studio datetime looks strange?

How to disable word wrap in custom apps table search?

How to display label inside chart area in pie chart?

Regex help to extract logname

How to achieve searching multiple indexes with one table?

Is there any way to execute a linux query and fetch the results of it in the Splunk search board?

How to display a timechart of the Health Score as a function of time?

Where did my new dashboard get saved?

Execute regex statements only when a condition is met?

Can you help to match events with an inputlookup search?

Is it possible to get a list of all the Indexes which are used in ITSI and all the related services to those indexes?

lookup output renaming and running into issues? Trying to tstats + lookup doesn't work

How to get the percentage using values in event over two columns?

Help with search using eval and table?

Can anyone explain what is ad hoc search?

How to invert y-Axis in any chart?

How to add values from a split to an existing field?

How to hide duplicate values in consecutive table rows?

Splunk search that will find when customers first logged in?

How to group certain values in a column in a table?

Help with Regex?

Cultivate Your Career Growth with Fresh Splunk Training

Introducing a Smarter Way to Discover Apps on Splunkbase

How to Send Splunk Observability Alerts to Webex teams in Minutes

MLTK - What algorithm should I use?

How to show the line when its value is NULL with ...

Search for triggered save searches and their actio...

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions