Splunk Search

Discussions

Thread Info

Why does the clickable pie chart only show the IP address in question?

I have a pie chart displaying the top 10 ip address for the past 60 minutes, and I'm trying to figure out how to then...

by Path Finder in

How to search backwards from a event time in a workflow action?

I created a workflow action of off some netflow logs. I want to pass the source IP from the netflow and pass it to a...

by Path Finder in

Splunk Cloud compatibility checks- Any suggestions on how to resolve the errors?

I received the following error from splunk team which failed the cloud compatibility check Any suggestions...

by Loves-to-Learn in

How to convert values in a single row with missing fields?

Hi, How to display what values are missing in my lookup table comparing to actual data? I have one field w...

by Engager in

How to check the first character of the string is numeric or not?

I have a field called Identifier which has values of server names. I need to check the server names first character ...

by Engager in

Search returning different number of results every time?

I am trying to execute this search but 90% of the times this search does not complete and returns incomplete res...

by Explorer in

How to compare a field with accents with a field without accents?

I need to compare two fields "Name" and "StudentName" and I am having problems with this, the values in the field "Na...

by Explorer in

How to combine data from 2 separate events?

I have the following scenario. An object transitions through multiple queues , I want to query the time spent in Queu...

by Loves-to-Learn in

How to extract id from url message?

Hi, I have below message and Iam trying to use rex to extract the id... But myid always shows empty.. Please help ...

by Engager in

How to search 25 digit numbers to find and compare a subset?

Hello, we have a system that receives data from multiple sources each of these sources identifies the data being s...

by Engager in

CIDR lookup with normal lookup- Can I add single IP's to the same lookup file/definition?

Hello, I have created a lookup definition for CIDR. The CIDR matching works just fine and I am able to whitelist t...

by Path Finder in

How to use appendpipe to sum count and calculate correct percentage?

I have a query that works, but the output calculates a percentage column in a chart. I need to show the total of TAM...

by Path Finder in

What is Best Practice for keeping my real time dashboard running indefinitely?

In Splunk GUI, after I create a real time report and put it on my dashboard, it eventually times out. Wondering if...

by Splunk Employee in

How to use the results of subsearch?

My requirement is to utilize the results of the sub-search and use it with the results of the main search results, bu...

by Contributor in

How to track transaction with multiple indexes with different fields?

Hello everyone. I am trying to track office and remote logins using multiple indexes with the transaction command. On...

by Loves-to-Learn Everything in

Unused indexes: Why simple strings won't provide any events?

Hi all. I currently experiencing an issue where simple strings won't provide any events while two weeks ago I had....

by Explorer in

Performance check- How can I check why I'm not getting any results?

Hi all. I use Splunk on my workplace and recently I feel like it's performance is decreasing. Basic search queries...

by Explorer in

How to compare .csv file with results from search and join by uniqueID?

Hi I have a search index=main sourcetype=data2 type=policythat gives me the following in json: custome...

by Loves-to-Learn Everything in

How to list and plot total and average events by hour?

I'm trying to do something pretty straightforward, and have looked at practically every "average" answer on Splunk C...

by Path Finder in

Error in search: Configuration initialization for /opt/splunk/etc

Hi, I have an issue with about a searching, someone know about it, this is the issue: Error in search: "Confi...

by Explorer in

How to replace severity values by respective levels?

Hello,In the events, the severity is captured as values between 1 to 10. I want to represent them as High, Low, Mediu...

by Explorer in

How to add multiple field values from a CSV to my main search?

I need to add multiple values from a CSV to a main Search I have, I used the lookup command but I think that will jus...

by Explorer in

How do I create bar chart where I want x axis to display all the value in field even If Y axis don't have value?

I use index= main | lookup test1.csv Severity1 | stats count by Severity The lookup table have 5 value ( Ver...

by Communicator in

How would I fix my search not counting correctly?

Hello y'all!I'm trying to use the Single Value object, and build a search which count the number of the records and s...

by Engager in

How to generate a parent child process chain to use dendogram visualization?

Hello all! I´m so lost trying to get full process tree to visualize it in dendogram https://splunkbase.splunk.com/...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Why does the clickable pie chart only show the IP address in question?

How to search backwards from a event time in a workflow action?

Splunk Cloud compatibility checks- Any suggestions on how to resolve the errors?

How to convert values in a single row with missing fields?

How to check the first character of the string is numeric or not?

Search returning different number of results every time?

How to compare a field with accents with a field without accents?

How to combine data from 2 separate events?

How to extract id from url message?

How to search 25 digit numbers to find and compare a subset?

CIDR lookup with normal lookup- Can I add single IP's to the same lookup file/definition?

How to use appendpipe to sum count and calculate correct percentage?

What is Best Practice for keeping my real time dashboard running indefinitely?

How to use the results of subsearch?

How to track transaction with multiple indexes with different fields?

Unused indexes: Why simple strings won't provide any events?

Performance check- How can I check why I'm not getting any results?

How to compare .csv file with results from search and join by uniqueID?

How to list and plot total and average events by hour?

Error in search: Configuration initialization for /opt/splunk/etc

How to replace severity values by respective levels?

How to add multiple field values from a CSV to my main search?

How do I create bar chart where I want x axis to display all the value in field even If Y axis don't have value?

How would I fix my search not counting correctly?

How to generate a parent child process chain to use dendogram visualization?

AppDynamics Summer Webinars

SOCin’ it to you at Splunk University

Credit Card Data Protection & PCI Compliance with Splunk Edge Processor

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Joining records in a table

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

Splunk Search

Are you a member of the Splunk Community?

Discussions