Splunk Search

Discussions

Thread Info

Using the xpath command with namespace declarations (xmlns='mynamespace')

Splunk's xpath documentation does not show any examples on how to use the xpath command if the XML contains namespace...

by Motivator in

Python splunk-sdk vs Python requests library

Is there any particular reason for using Python splunk-sdk over standard restful API libraries or tools (such as Pyth...

by Path Finder in

Can't format table with stats to exclude unwanted matches

Good day, I'm hoping someone smarter than me can help me figure this out. In the search below, I'm trying to co...

by Path Finder in

Query for sender, recipient(s) and sender's IP

Hello, Below is a sample for a single message from Proofpoint log. It looks simple, but I am struggling to write a ...

by Explorer in

extract all the key-value pairs from the json data

Hi splunk team, I have a question about how to extract the key-value pair from json data. Let's say for example I ...

by Engager in

search by Http code 500 is not working

Team, when we search by http code 500 internal server error in the Splunk is working fine. the same query which we ...

by Loves-to-Learn Everything in

Display Dashboard in Stacked row

Hello There,I'm having 3 panles, where i need to display panel 1 in left side, In the same row I need to display Panl...

by Contributor in

Combining multiple text strings and fields into one common field

I'm wondering if anyone could advise on how to best standardize a log of events with different fields. Basically, I h...

by Explorer in

Exclude Names from a dashboard

How do I exclude 6 names from my dashboards? They come up in all my multiselects and several panels

by New Member in

Extract names and ids within array

I have the following log from splunk where i want to extract names and their respective ids. Please help with the spl...

by Explorer in

ignore a line in splunk payload if a variable is null

Hi, I want to ignore below line inside splunk alerts payload if email address is not provided buy user. ...

by Engager in

check if url in a lookup match logs

Hello, I have a lookup with url like urlwww.url.com.url.comsite.url.com And i try to match it with my ...

by Explorer in

Metrics search average and max

Hi guys! I've been struggeling for a while understanding metrics. When making a line chart for both average and max ...

by Explorer in

How to get multiple values from xml using xpath and spath?

I am trying to get multiple values from xml as shows below I have tried xpath and spath and both shows nothing ...

by Explorer in

tstats with | search()

TLDR; does, | search(), operate differently in tstats, especially with wildcards, NOT, OR, AND, parentheses, etc.?I'm...

by SplunkTrust in

Applied Group Policy Objects for all domain joined computers report

Hello, I am trying to find a way to report on all Applied Group Policy Objects for all of our domain joined compute...

by Observer in

Product of a Column

I'm trying to find a simple way to calculate the product of a single column, e.g. value_a0.440.250.67 Ideally, I ...

by Engager in

How do I change time format in dashboard?

Hello,I would like to display dates in a dashboard studio table,i want the format to be "%Y-%m-%d" but it is not disp...

by Engager in

How to use substr or regex to extract part of text

I have string like this , {"code":"1234","bday":"15-02-06T07:02:01.731+00:00" "name":"Alex", "role":"student","age":"...

by New Member in

Eval command

Hello, We have separate indexes created for non-prod and prod. Sample index name : sony_app_XXXXXX_non_prod - ...

by Communicator in

Combining events over time

I am not sure where to even start on this one. I have 2 log file types I need to extract data to get final acc...

by New Member in

Replicating the Output of a Field Popup/Bubble?

Possibly a silly question, but I've wondered this for a while and now it'd actually be exactly what I need; I've got ...

by Explorer in

dashboard time token with multiple ealiest/latest search

It's a bit long, hope i will not bore you.I made a splunk graph with two lines I need to see the values compared...

by Explorer in

How to change span alignment

I've tried a few methods shared here to adjust the start/end times of span. Mainly: 1 - | eval _time=_ti...

by Path Finder in

paranthesis error in search query

Hi, Im trying to use an OR function in the below query trying to combine two indexes and then use stats function li...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Using the xpath command with namespace declarations (xmlns='mynamespace')

Python splunk-sdk vs Python requests library

Can't format table with stats to exclude unwanted matches

Query for sender, recipient(s) and sender's IP

extract all the key-value pairs from the json data

search by Http code 500 is not working

Display Dashboard in Stacked row

Combining multiple text strings and fields into one common field

Exclude Names from a dashboard

Extract names and ids within array

ignore a line in splunk payload if a variable is null

check if url in a lookup match logs

Metrics search average and max

How to get multiple values from xml using xpath and spath?

tstats with | search()

Applied Group Policy Objects for all domain joined computers report

Product of a Column

How do I change time format in dashboard?

How to use substr or regex to extract part of text

Eval command

Combining events over time

Replicating the Output of a Field Popup/Bubble?

dashboard time token with multiple ealiest/latest search

How to change span alignment

paranthesis error in search query

Reduce and Transform Your Firewall Data with Splunk Data Management

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions