Splunk Search

Discussions

Thread Info

How to produce a csv based on a complex business logic?

We have a Splunk UI that allows the users to export a certain set of the rows from a lookup. The caveat is that each ...

by Motivator in

How to extract key/value with dynamic key name?

I found this, but I am unable to replicate it. I am not understanding where I am messing up here. Problem: I...

by Path Finder in

How to extract 2 values from different events based on another 2 common fields?

Hello,I'm new here, tried to find the answer for my problem by failed. I'm looking for a method to extract values fro...

by Engager in

How to add severity to fetched errors messages?

Hi All, I am trying to add severity column to output of first command, could you please let me know how to do it. ...

by Engager in

How to search to track the OS migration on the host?

Hi folks, I need your support to build a search query to track the migration activity. We have a requirement to tr...

by New Member in

Event mismatch to different forwarding servers?

We re-routed data from Splunk SaaS cloud to On-perm but we see event mismatch between these two instances, if I route...

by Explorer in

How do I find the time difference for each change in the location of the city?

I have a query like this: | dbxquery connection=xxxxx query="select xxx FROM xxx WHERE xxx and to_char(LOG_DATE_TI...

by Explorer in

Help with stats building a wrong result on my table

Hello,I have a lots of records, some one has account_id field filled.. others has org_id field filled, and some ones ...

by Engager in

How to rename column and row labels after using transpose?

Hi All, I am having no luck renaming "column" and "row1, row2,..." successfully to "fields" and "event 1, event 2, ev...

by Contributor in

How can I customize color for cell value based on condition?

Hi All,Currently we have a table like below , Target values are fixed for each row but Columns will added dynamically...

by SplunkTrust in

Does a Heavy Forwarder have a limit for thruput ?

Hello Splunkers,Everything is in the title, I've read the limits.conf documentation, [thruput] maxKBps = <integer> ...

by Contributor in

Splunk Alert for Response Time- How to add the time condition value?

Hi Team, I want a splunk search query for alert creation. My requirement is service Response time is > 3 seconds and ...

by Loves-to-Learn Everything in

Create Alert if condition is met?

Hi , I have a scenario where the files needs to be transferred for both inbound and outbound at 2 am daily. I...

by Loves-to-Learn Lots in

Help with a simple search: How do I count how many days match a certain criteria? (example below)

I have this search which builds a table my_search | timechart span=1d sum(eval(b/1024/1024/1024)) AS volume_b it ...

by Path Finder in

Need help with a search where I am using streamstats and timechart?

I am trying to create a search where if there is a change of 30 percent within 5 mins of a few field values, I would ...

by Communicator in

How to get the count over exceptions for the past 3 days individually?

Exceptions Day1 Day2 Day3 Abc 5 4 3 Start 3 4 4 xyz ...

by Path Finder in

What is the difference between eventtype and macro?

Hi Even if i have read some documentations, i have difficulty to understand the difference between macro and event...

by Motivator in

How to visualize percentage rate of matching event pairs that share a common key value?

I'm working on a query with the goal of determining the percentage rate of request/response event pairs that match by...

by Path Finder in

How to sort column headers in timechart?

Hi, I've got a timechart with several columns. The headers of these columns are numbers (0,1,2,3... etc) and I wou...

by Motivator in

How to combine rows in groups of 2, grouped by nearest time?

Title may be a bit confusing, so here's an example of what I'm trying to achieve: I want to convert a table that lo...

by Explorer in

How to divide a field by its average?

I have a time chart of count by field | timechart count by field_name limit=0 I woul...

by Explorer in

How to show search on condition - do not show or erase/delete on other condition?

Hello All, I have been searching for "how to" but not had much luck. I have this search: I run it realtime, and te...

by Builder in

How to filter results from multiple date ranges?

Hello, I am creating some reports to measure the uptime of hardware we have deployed, and I need a way to filter out...

by Explorer in

How to get all events between two events?

I have the following events.I am trying to get all the events between START and END of a job (inclusive).For instance...

by Builder in

How search total number services count based on host?

hai all, i am checking about list of services down based on a host using below search index=ivz_unix* Service ...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

How to produce a csv based on a complex business logic?

How to extract key/value with dynamic key name?

How to extract 2 values from different events based on another 2 common fields?

How to add severity to fetched errors messages?

How to search to track the OS migration on the host?

Event mismatch to different forwarding servers?

How do I find the time difference for each change in the location of the city?

Help with stats building a wrong result on my table

How to rename column and row labels after using transpose?

How can I customize color for cell value based on condition?

Does a Heavy Forwarder have a limit for thruput ?

Splunk Alert for Response Time- How to add the time condition value?

Create Alert if condition is met?

Help with a simple search: How do I count how many days match a certain criteria? (example below)

Need help with a search where I am using streamstats and timechart?

How to get the count over exceptions for the past 3 days individually?

What is the difference between eventtype and macro?

How to visualize percentage rate of matching event pairs that share a common key value?

How to sort column headers in timechart?

How to combine rows in groups of 2, grouped by nearest time?

How to divide a field by its average?

How to show search on condition - do not show or erase/delete on other condition?

How to filter results from multiple date ranges?

How to get all events between two events?

How search total number services count based on host?

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions