Splunk Search

Community Activity

	drilldown and panel depend not working when clicking chart Hi,I am doing an initial search based off of initial field inputs within a dashboard. The issue I am having is after... by dickersons Explorer in Splunk Search 03-17-2025 0 1	0	1
	Question regarding search using IN Hello:I have a query that extracts a set of 5 request_ids based on certain criteria. I then need to include these re... by rnayak New Member in Splunk Search 03-17-2025 0 7	0	7
	Can not configure any external lookup - can not find executable Hello TeamSplunk 9.4.0. Running as root. All in one.Seems super simple problem. I am not able to have maxmind lookup ... by MichalG1 Path Finder in Splunk Search 03-17-2025 0 8	0	8
	Large JSON payloads don't always perform field extractions I have some rather large json data payloads being sent over to Splunk. I've seen payloads around 1MB in size. It took... by tchamp Explorer in Splunk Search 03-17-2025 0 2	0	2
	Need help in query Need help for the below Query index=na sourcetype=na:co state=down host_state_type="HARD" [\| tstats prestats=f values... by Praz_123 Communicator in Splunk Search 03-17-2025 0 2	0	2
	Determine which site's search is taking time I have a multisite setup. Each site has 3-4 indexers, with a Replication Factor = 2.Search Factor is = 1.When queryin... by Na_Kang_Lim Path Finder in Splunk Search 03-16-2025 0 4	0	4
	spl qquery HiNeed help in finding DistinctAdminUserCount and DistinctAdminUserNames of each associated Name inside test or prod ... by nithys Communicator in Splunk Search 03-15-2025 0 5	0	5
	matching hostnames issue Hii have a list of servers coming from two different sources list A has server without domain names and list B has se... by secure Path Finder in Splunk Search 03-14-2025 0 6	0	6
	Wildcard in the middle of hostname Below is my search \| inputlookup uf_ssl_kv_lookup\| search hostname=AB100TILL hostname!=AB100*TILL100 hostname!=AB10... by Chakri Engager in Splunk Search 03-14-2025 0 5	0	5
	Search numbers of messages received by application based on json message Hello All, This is my first post . I have just started learning writing splunk query . Ok so we have one application... by Punnu Path Finder in Splunk Search 03-14-2025 0 4	0	4
	How to Improve a search with Join or suggest alternate way Hello,I'm trying to join based on a common field using a similar query like below, however, the in the result i only ... by RamMur Explorer in Splunk Search 03-14-2025 0 4	0	4
	Odd Behavior using tstats with a datamodel Splunk: 8.0.3 (I know its old we're working on approvals to upgrade)We’re receiving behavior I have never encountered... by ccWildcard Explorer in Splunk Search 03-14-2025 0 2	0	2
	splunk forwarder not detecting Hello everyone,I have set up my Splunk server[with receiving port 9997 is enabled] and Splunk forwarder to monitor my... by okumar1 Engager in Splunk Search 03-14-2025 0 8	0	8
	Multivalue Field Formatting Issue in Lookup Export Hi Team,I have a multivalue field in one of the user fields, along with other fields. However, when exporting the dat... by Varun18 Loves-to-Learn in Splunk Search 03-13-2025 0 6	0	6
	capture error 4xx/5xx HiUsing below query to capture 4xx,5xx error ,but getting as no result found index=* source IN ("/aws/lambda/*") ... by nithys Communicator in Splunk Search 03-13-2025 0 2	0	2
	How to use 2 events and calculate in SPL So I have in the past used a report which finds a string and then calculates the size left and it came as 1 whole eve... by LizAndy123 Path Finder in Splunk Search 03-13-2025 0 3	0	3
	change time on date field Hello,I have 2 columns, one with date and other with the day of weekbased on day of week whenever is Saturday or Sund... by _Mauro_Costa_ Explorer in Splunk Search 03-13-2025 0 1	0	1
	Unexpected behavior of searchmatch function We use Enterprise Splunk Version: 9.1.6I have noticed a strange behavior of searchmatch() function. \| makeresults \| ... by pm771 Communicator in Splunk Search 03-12-2025 0 5	0	5
	How to get compare latest values across an index with a lookup and display the latest? Hi All, looking for some advice as in how to take the latest values from 2 datasets . We have a base search that pul... by hummingbird81 Explorer in Splunk Search 03-12-2025 0 5	0	5
	Indexer I want to get total memory allocated on 1 indexer and how much memory it is using. so that i could get remaining disk... by SN1 Path Finder in Splunk Search 03-12-2025 0 8	0	8
	Total Memory Hello i run df -h on indexer and i gotnow i want the total , available and used space but using SPL how can i achieve... by SN1 Path Finder in Splunk Search 03-12-2025 0 6	0	6
	comparing scores I am trying to find a way to compare the results listed in a table to each other. Basically the table lists the resul... by dolj Explorer in Splunk Search 03-12-2025 0 3	0	3
	Searches returning unexpected results I am fairly new to Splunk. I am testing out different search queries and getting inconsistent results. In this examp... by tchamp Explorer in Splunk Search 03-11-2025 0 3	0	3
	Help with search query using multiple tokens and filters HI, im trying to create filter for network connections. But i cannot make work few tokens in the same time.I want to ... by ekmek4 Explorer in Splunk Search 03-11-2025 0 4	0	4
	Why Am I Seeing Events In The Future And How Do I Stop It Hi Guys, I hope someone can help me out or give me a pointer here. When I run my searches I always get events in the... by OgoNARA Explorer in Splunk Search 03-11-2025 0 4	0	4