Splunk Search

Ask a Question

Discussions

Thread Info

Why is there error when trying to get data from REST API using Python script?

I'm trying to get data by registering it as a Splunk script using Python code. But the problem only occurs when I ...

by Path Finder in

How to use multiple numbers in search?

Hello Guys, I'd like to create a search based on business hours, and like to use a field with value like this: "20...

by Engager in

How to create a search for group by and filter query?

My data looks like the following student_idbrowser_idguiddatetimex_id12_aChrome_211221/9/23 14:45788a13_aChrome_4...

by Explorer in

How to group by and concat column values?

Given the below scenario: base search| table service_name,status,count Service_name Status Count serviceA ...

by Engager in

How to pass a value to a non existent field/null?

Is it possible to assign a value to a different fields. I am trying to combine two different events but the same inde...

by Explorer in

How accelerate only one root dataset from datamodel with multiple datasets?

Hi! I try to accelerate only one dataset in datamodel with multiple datasets. How i can do it through datamodel.conf ...

by Engager in

How to remove a word with Regex using Capturing group?

Hello, I have a Regex for splitting a Person full name into Person lastname, firstname and middlename. Regex us...

by Explorer in

How to extract data from .conf file?

I need to extract ITSI app version from app.conf fileTo display the data on a dashoboard I found a way sing the confi...

by Engager in

How to get total number of hours elapsed from last event raised till now()?

Hey people, I want to find out the total number of hours that elapsed from the last event raised. This is ...

by Path Finder in

How can a regex query be written to extract source IP address?

The position of IP address is getting changed(appearing before or after https) in the logs, in such scenario how rege...

by Explorer in

How to group records and find the max/min per group?

Hello! Can I ask something very basic as it will help me get started quickly? How can I structure a query to: 1...

by New Member in

How to get only active hosts?

I have an application that have some instances/hosts. Because of change of throughput or instability new instances/ho...

by Explorer in

Is there a tools for Splunk to view messages in a cleaner format?

Hello, We have migrated from an app called Mirth to Splunk. With Mirth we used a tool called Interface Explorer fo...

by New Member in

インデックスデータの削除方法について

間違ったデータがインデックスされてしまいましたが、どのようにインデックス内のデータを削除すれば良いでしょうか？

by Contributor in

How to bold specific column headers in a table?

I have a dashboard with a table with 6 headers. I would like to bold the text of the second, fourth, and fifth colum...

by Path Finder in

Realtime search with a sliding window that doesn't snap to the hour?

Hi folks, I have a realtime search that looks at failed windows logins, producing a "single value" timechart visua...

by Explorer in

3rd Token handler doesn't work with 1st and 2nd token handler together?

Hi, Splunkers, I have the following token handler, if input "Gucid_token_with3handlers" is 2 digits number, it w...

by Communicator in

How to add two field values into new field?

I have a field A which has percentage values. Also, I have a field B which has percentage values in it. Both are diff...

by Path Finder in

How to join query with condition and comparison?

Hi, I need to show error messages for one particular service. But the challenge here is that for example , I ne...

by Path Finder in

How to configure pie-chart to display count within the chart?

I were able to append the count of each slice in the pie-chart to the back of each slice info. But I really want to d...

by Contributor in

Why are fields getting trimmed while fetching?

I have some error logs like below: TYPE=ERROR, DATE_TIME=2022-12-31 03:30:27,281, CLASS_NAME=myClass...

by Path Finder in

How can we limit the tstats record?

I am using tstats command from a while, right now we want to make tstats command to limit record as we are using in k...

by Path Finder in

How to get the exact row from a results table to use for other panel searches in the same dashboard?

Hello! I want to make an error monitoring dashboard. I want to have a table with (operation| okOperations/allOper...

by New Member in

How to get fields value which are not matched with other field value?

Hi, I have 2 searches. 1st query: (100 results including duplicate number) index="abc" message...

by Contributor in

How to create a dynamic dropdown based on token value?

Hey people, Here is what I am trying to do: - I have two dashboards, dashboardA & dashboardB - I am sending ...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Why is there error when trying to get data from REST API using Python script?

How to use multiple numbers in search?

How to create a search for group by and filter query?

How to group by and concat column values?

How to pass a value to a non existent field/null?

How accelerate only one root dataset from datamodel with multiple datasets?

How to remove a word with Regex using Capturing group?

How to extract data from .conf file?

How to get total number of hours elapsed from last event raised till now()?

How can a regex query be written to extract source IP address?

How to group records and find the max/min per group?

How to get only active hosts?

Is there a tools for Splunk to view messages in a cleaner format?

インデックスデータの削除方法について

How to bold specific column headers in a table?

Realtime search with a sliding window that doesn't snap to the hour?

3rd Token handler doesn't work with 1st and 2nd token handler together?

How to add two field values into new field?

How to join query with condition and comparison?

How to configure pie-chart to display count within the chart?

Why are fields getting trimmed while fetching?

How can we limit the tstats record?

How to get the exact row from a results table to use for other panel searches in the same dashboard?

How to get fields value which are not matched with other field value?

How to create a dynamic dropdown based on token value?

September Community Champions: A Shoutout to Our Contributors!

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

What’s New in Splunk Observability – September 2025

In Splunk studio, is it possible to populate a tex...

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

Splunk Search

Are you a member of the Splunk Community?

Discussions