Splunk Search

Discussions

Thread Info

Joining searches on common columns

HI query joining 2 searches on left join.Its matching some rows and not matching some rows although the column where ...

by Loves-to-Learn Everything in

Session Key Authentication fails sometimes

Apologies if this is in the wrong place. Im using the Splunk REST API to connect and run search requests through a...

by New Member in

What does the error "File has no line endings" for a lookup table means?

I'm trying to upload a file to be a new lookup table and I get the following error - What can it be?

by Ultra Champion in

Replace host IP address with Name

Hi Team, Need some help, while running below query I get host IP i.e. 10.65.x.x in Number display visualization b...

by Engager in

Guidance Needed for Integrating Citrix NetScaler with Splunk Enterpris

Hi everyone, I’m new to working with Citrix NetScaler and need assistance with integrating it into Splunk Enterpris...

by Explorer in

Why are the results of set diff and join different?

Each of the two lookups has URL information.And I queried it like this: 1) | set diff [| inputlookup ...

by Path Finder in

How to use the regex matched variables from the first search into the other search to get all matching results

Hi All, I am searching UiPath Orchestrator Logs in Splunk as following: index="<indexname>" source = "use...

by Explorer in

Is there a way to have a "sliding window" time span in a non real time search?

I need to get the amount of users per web product every 5 minutes, grouped by 15 second bins. However, I need those 1...

by Explorer in

Is it possible to use streamstats over a 3 minute window over a 9 minute search to pick up three consecutive events?

Hi I have an ask to create an alert that must trigger if there are more than 50 '404' status codes in a 3 min period....

by Contributor in

How to solve indexing issue?

Can someone give some steps on this issue Push Unnecessary: manager-apps and master-apps are both populated. Ther...

by New Member in

Using Time Range with Bin

SplunkersI'm trying to detect when a user fails GT 5 times in time range of one hour for last 24h, and i have the spl...

by Path Finder in

HI Team , i want to extract 8.9 value from this string " service error rate 50x 8.976851851851853". can you please help

" service error rate 50x 8.976851851851853"field = " service error rate 50x 8.976851851851853"need to extract 8.9 val...

by Engager in

How to ignore minor breakers when searching for a term?

I've been attempting to see if it's possible to search for a term while ignoring all minor breakers that may or may n...

by Path Finder in

Filter out all elements of a list which match the first element

I'm a bit stumped on this problem. Before I jump into the issue, there's a couple of restrictions: I'm working in a...

by Explorer in

Help generating table

I'm new to Splunk and trying to display table in the below format after reading data from json. Could someone help me...

by Explorer in

Not coming values for message.backendCalls.responseCode field in below query

When trying to fetch values using below query then its not showing result in statistics, Reason is i want to fetch me...

by Explorer in

How do you parse two time formats in Splunk?

The first time format is Fri Dec 21 11:17:30 2018 the other one is 2018-12-21T11:17:31.051061 I was wondering...

by Engager in

How to find empty indexes in Splunk Cloud?

I'm trying to create an alert that looks through a given list of indexes and triggers an alert for each index showing...

by Explorer in

Time comparison different results in search and dashboar

Dear experts Why is the following line | where my_time>=relative_time(now(),"-1d@d") AND my_time<=relativ...

by Path Finder in

How to compare events from two sourcetypes in the same index without using join

I am trying to track file transfers from one location to another. Flow: Files are copied to File copy location -> ...

by Path Finder in

How to generate a regular expression on a URL to capture a resource path and end on a optional parameter?

Hi all, I am looking for some help for the following use case. I have a series of endpoints represented by full U...

by Path Finder in

How to write a search to find if a field contains a valid IPv4 or IPv6 address?

Hi all, as a splunk newbie I'm not sure what direction to go with the following. Basically I have two Interesting fie...

by Path Finder in

How to extract ip address using regex?

index="testd" | rex field=_raw "Remote host:(?.*):" |dedup Remotehost |stats count by Remotehost My events: Rem...

by Builder in

Upgrade to 5.x, some of my existing searches are taking longer to return results. Not as many scheduled searches are running on time. Could fetch_remote_search_log setting be a factor?

After upgrading to 5.x, I noticed that some of my searches are taking a longer time to return results than prior. Sea...

by Splunk Employee in

How to send hard coded message as an email from Splunk

Hi Everyone, I need to send a hard coded message to the users just before every daylight savings of the year saying...

by Explorer in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Joining searches on common columns

Session Key Authentication fails sometimes

What does the error "File has no line endings" for a lookup table means?

Replace host IP address with Name

Guidance Needed for Integrating Citrix NetScaler with Splunk Enterpris

Why are the results of set diff and join different?

How to use the regex matched variables from the first search into the other search to get all matching results

Is there a way to have a "sliding window" time span in a non real time search?

Is it possible to use streamstats over a 3 minute window over a 9 minute search to pick up three consecutive events?

How to solve indexing issue?

Using Time Range with Bin

HI Team , i want to extract 8.9 value from this string " service error rate 50x 8.976851851851853". can you please help

How to ignore minor breakers when searching for a term?

Filter out all elements of a list which match the first element

Help generating table

Not coming values for message.backendCalls.responseCode field in below query

How do you parse two time formats in Splunk?

How to find empty indexes in Splunk Cloud?

Time comparison different results in search and dashboar

How to compare events from two sourcetypes in the same index without using join

How to generate a regular expression on a URL to capture a resource path and end on a optional parameter?

How to write a search to find if a field contains a valid IPv4 or IPv6 address?

How to extract ip address using regex?

Upgrade to 5.x, some of my existing searches are taking longer to return results. Not as many scheduled searches are running on time. Could fetch_remote_search_log setting be a factor?

How to send hard coded message as an email from Splunk

AppDynamics Summer Webinars

SOCin’ it to you at Splunk University

Credit Card Data Protection & PCI Compliance with Splunk Edge Processor

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Joining records in a table

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

Splunk Search

Are you a member of the Splunk Community?

Discussions