Splunk Search

Community Activity

	sum(count) returning 0 events Hi everyone.I have a query that basically filters certain events and sums them by category. But I'm facing issues whe... by pedropiin Path Finder in Splunk Search 03-10-2025 0 4	0	4
	Dedup removing all elements Hello everyone. I'm dealing with a query that deals with certain "tickets" and "events", but some of them are duplica... by pedropiin Path Finder in Splunk Search 03-10-2025 0 2	0	2
	Append number by value to results Hi SplunkersI'm looking for a way to append a column with an ID based on the value of another field.Base search gives... by dataisbeautiful Communicator in Splunk Search 03-10-2025 0 9	0	9
	how to remove few content from splunk output Hi All,I have a splunk query giving results in this format:Time ... by avi123 Explorer in Splunk Search 03-10-2025 0 2	0	2
	Logging Requirement CTO 24-003 Is there anyone familiar with any guidance on fulfilling the logging requirements for CTO 24-003 with splunk queries ... by Aghansah New Member in Splunk Search 03-10-2025 0 2	0	2
	Different search results in search and dashboard Hello everyone!I came across a strange behavior.I was building a dashboard and noticed that some results look unexpec... by NoSpaces Contributor in Splunk Search 03-10-2025 0 3	0	3
	Splunk Query to extract id's from a event and display the ID's Below is the search and I need to extract the ID's shown in the below event and there are also many other ID's. Pleas... by Vin Engager in Splunk Search 03-09-2025 0 4	0	4
	Pie Chart is not showing smaller values Hi , I have a CSV file, whose visualization I want to see in the form of Pie-Chart. But on display, one of the parame... by harshal_chakran Builder in Splunk Search 03-08-2025 0 7	0	7
	How to calculate properly calculate delay for multiple events with same reference Hi,Here is a scenario:Step 19h30 TradeNumber 13400101 gets created in system9h32 TradeNumber 13400101 gets sent to ma... by DPOIRE Path Finder in Splunk Search 03-07-2025 0 8	0	8
	Data Not Stored in Metric Index Hey all,I am new to Splunk Enterprise and I would like to understand more about metrics and the use of metric indexes... by olahlala24 Engager in Splunk Search 03-06-2025 0 3	0	3
	How to Perform a Lookup in Splunk When Some Fields in the Lookup Table Are Empty ? I’m working on a Splunk search that needs to perform a lookup against a CSV file. The challenge is that some of the f... by tomapatan Contributor in Splunk Search 03-06-2025 0 3	0	3
	How do I monitor Windows application install and removal? I need to monitor all Windows servers to alert if there is a critical application got uninstalled. The simplest query... by deav Loves-to-Learn in Splunk Search 03-06-2025 0 5	0	5
	How to display one to one mapping between fields in stats command Hi there, how can i use stats command to one to one mapping between fields . I have tried "list" function and "valu... by neerajs_81 Builder in Splunk Search 03-06-2025 0 1	0	1
	How to use only the latest group of events for each machine to display in the table Hello dear Community!I have a set of separate machines logging number of different events to Splunk, each group can b... by nksiba Engager in Splunk Search 03-06-2025 0 2	0	2
	Extract value by dynamic fields Hi Community,I have the following challenge. I have different events, and for each event, I want to generate a summar... by alesyo Engager in Splunk Search 03-05-2025 0 5	0	5
	Can you pass a regex as field value to the rex command Hi All,In SPL2 Ingest Pipeline I want to assemble a regular expression and then use that in a rex command but I am ha... by Keith_NZ Explorer in Splunk Search 03-05-2025 0 6	0	6
	Ingest processor rex problem Hi,I am new to Ingest Processor and have had some success but am having an issue with the rex command so I have creat... by Keith_NZ Explorer in Splunk Search 03-05-2025 0 2	0	2
	Merging data from JSON snippets Dear Splunk community,I have following sample input data, containing JSON snippets in MV fields: \| makeresults count=... by rikinet Path Finder in Splunk Search 03-05-2025 0 2	0	2
	After Splunk upgrade from 9.2.2 to 9.3.1 getting cmath error in saved search We upgraded our Splunk enterprise from 9.2.2 to 9.3.1, after the upgrade one of the app is not working as the related... by cadrija Path Finder in Splunk Search 03-05-2025 0 5	0	5
	missing extraction fields I've created field extractions in splunkcloud.com, but they don't appear.Here are my extractions:settings>fields>fiel... by gersplunk Engager in Splunk Search 03-04-2025 0 6	0	6
	How to use IF and ROUND together Hello,I am trying to write a search query for responding byte sizes that is a catch all. Currently I have:index=index... by ajmach343 Explorer in Splunk Search 03-04-2025 0 2	0	2
	How to get Index or Sourcetype not accessed or used by anyone in splunk I am want to get the list of Index and sourcetype which is not used by anyone for more than 90 days. by harishsplunk7 Explorer in Splunk Search 03-04-2025 0 10	0	10
	API dashboard -passed SLA/request per min/response time Hi TeamI want to have a dashboard that show API stats1.Nof request--how to get the total count for a request made bas... by nithys Communicator in Splunk Search 03-03-2025 0 12	0	12
	summarize stats by month I have this search to see logins to our splunk environment: index = _audit user="*" action="login attempt" info=succ... by mvasquez21 Path Finder in Splunk Search 03-03-2025 0 14	0	14
	Back fill of data in timerange Hello Splunkers,I'm having a logs which will be generated only where there is change in system,6:01:01 - System Stop1... by smanojkumar Contributor in Splunk Search 03-03-2025 0 6	0	6