Splunk Search

Start a Conversation

Discussions

Start a Conversation

Thread Info

Using a resulting time from one query as the latest time in another query

Hello! I am having trouble with a query where I want the results to depend on the time results of another query. Th...

by Explorer in

Why use eventstats and stats together?

Hello, I have seen eventstats and stats used together, but I’m not clear on why and when the use of the mentioned w...

by Explorer in

Chart Percentage Issue Percentage is miscalculated

Hello Splunk Community, Here is my code and explanation of the issue below:I am having a very annoying issue that ...

by Communicator in

How to replace hostnames with own names

When i use below query i can see multiple servers in the index. Index=abc sourcetype=vmstat (host=windows1* OR ho...

by New Member in

How To Get First and Last Events within a Set of Events

Hi, I'm having trouble grabbing the first event of a specific type and the last consecutive event after that with the...

by Explorer in

Splunk REST API

Hi Splunkers!!I'm working with a team where they have to access to one of the saved search results through Splunk AP...

by Path Finder in

Is it possible to hide the filed value for one index but keep it for the other index?

Hey Guys, I am new to Splunk, and want to know if there is an easy way of hiding the value of one filed from one i...

by Explorer in

Find the duration between two events

Hello, I need to find the duration between two events. I went over the solutions on Splunk, but still can't get the...

by Explorer in

splunk search

{ Exams : { “Message” : “Passed in Maths paper 1 exam” ,”Result”:”Passed”, ’Name’ : “s3”} SubjecctName:Passed-Mat...

by Observer in

Find Job Duration from two separate events.

Jobs Running on daily basis. Events like- 1) "Job_Name": "XYZ", "status":" Start" 2) "Job_Name": "XYZ", "status...

by Explorer in

How to update geoip database for iplocation command?

Hello, I use Splunk's iplocation (not Maxmind or other) command extensively in our monitoring dashboards. Since th...

by Builder in

Find highest and lowest salary taker employee

Hi i need to find the name employee name who are taking high salary and low salary. please help in this Field Names...

by Explorer in

Industry standard salary expectation is year of experience * 1.5. Find out employees who are all not matching these crit

Hi I need to count the employee numbers who are not match with experience*1.5. i tried lot with eval and where comm...

by Explorer in

Bar chart comparing 2 values

Hi, I have this stats table Column1 Column2 400 500 I want to have a bar chart which...

by Explorer in

Multivalue fields match issue

Hi, I have below sample dataset. This dataset is for an asset being compliant or not compliant. What I need is: I...

by Contributor in

rex extract

Value session_value containg this info: not found, name: user@mycompany.com more text here Trying to use this:re...

by Explorer in

JSON vector of vector

I have a data source which I collect using DB CONNECT from an oracle database which brings the information in JSON fo...

by Contributor in

What causes delayed searches alerts in Splunk Enterprise - Error says "searches delayed"

What do I need to check / do to resolve this please? What causes delayed searches alerts in Splunk Enterprise - Err...

by Contributor in

Rex Command with multiple formatting options

Trying to get the rex command to extract the last name when the user field has multiple formatting outputs below. Is ...

by Engager in

Grouping data by multiple attribute values

I have basic web logs with username and jsessionid. I want to group (assume a single index, with one set of data). So...

by Splunk Employee in

Splunk Search

Discussions

Using a resulting time from one query as the latest time in another query

Why use eventstats and stats together?

Chart Percentage Issue Percentage is miscalculated

How to replace hostnames with own names

How To Get First and Last Events within a Set of Events

Splunk REST API

Is it possible to hide the filed value for one index but keep it for the other index?

Find the duration between two events

splunk search

Find Job Duration from two separate events.

How to update geoip database for iplocation command?

Find highest and lowest salary taker employee

Industry standard salary expectation is year of experience * 1.5. Find out employees who are all not matching these crit

Bar chart comparing 2 values

Multivalue fields match issue

rex extract

JSON vector of vector

What causes delayed searches alerts in Splunk Enterprise - Error says "searches delayed"

Rex Command with multiple formatting options

Grouping data by multiple attribute values

Don't miss your chance
to share your Splunk
wisdom in-person or
virtually at .conf21!

Call for Speakers has
been extended through
Thursday, 5/20!

Submit Now! >

See SQL queries on Splunk

Time-charting Several Series

Regex: Error using where/match and backslash chara...

Split trellis over two variables

Export value from the filed based on another log

Splunk Search

Discussions

Don't miss your chance to share your Splunk wisdom in-person or virtually at .conf21!Call for Speakers hasbeen extended throughThursday, 5/20! Submit Now! >

Don't miss your chance
to share your Splunk
wisdom in-person or
virtually at .conf21!

Call for Speakers has
been extended through
Thursday, 5/20!

Submit Now! >