Splunk Search

Ask a Question

Discussions

Thread Info

How to connect driver influxdb to Splunk db?

Hi I want to connect influxdb via splunk db, in connection type I can't find influx db! is there any jdbc or od...

by Motivator in

Does csv file accepts * symbol for lookup?

I have apis which has params in between and trying to match the api from csv but it doesnt show when using lookup. ...

by Communicator in

How to query the deployment server to get the serverclasses for a hostname?

We have a chef recipe, that people are using and loving. Now, they want the ability to find out their serverclasses o...

by Champion in

How to get forwarded data into Splunk Enterprise?

Hello Members, I have a basic question - I am not sure how to get data into splunk, into a custom index, use a sou...

by Builder in

How to find count of events by host from inputlookup?

I have a lookup table with only one field, named host. The table contains a list of hostnames. I'm trying to find...

by Path Finder in

How to identify the knowledge object related to a field?

Hi folks, I have an admin user running a search and he gets results, however I have another users with a custom ro...

by Path Finder in

How to make a table using Server Status?

Hello everyone, I have a csv file which shows me the power status of the server i.e if the server is powered on or of...

by Explorer in

Search to sum if IP is observed in different days

Hello community I’m trying to figure out how to perform a search which considers events on different days. The id...

by Builder in

Replacing Field Value

Hello, I have some field values which I am unable to replace with the 'replace' command in the csv file. I have Power...

by Explorer in

Help with Timechart splunk

Hey AllI have this search, and I want two results on my visualization. I want to see both "Method" and "User". What i...

by Engager in

How to sort the data in a row based on the last word after hyphen?

How do I sort the data based on the last word after hypen data_file_hyper_v_serverdata_file_linux_serverdata_file_...

by Engager in

Creating report search issues

Hi All, I am trying to create an efficient way to pull out certain win events for my report but I am not sure it wo...

by Communicator in

Excluding daily values in chart if less then 1

Hello community I am trying to combine two different things and cannot figure out how. I am looking at a certain ac...

by Builder in

How to Lookup cidrtomatch for loop

I have a lookup with IP addresses (CIDR), I need to find the intersection of IP addresses. There is a command in splu...

by Observer in

Please help me understand Eval function query

Please help to understand the logic of below query eval count=if(isnull(count), -1,count)

by Explorer in

Complex JSON (and Multivalue) processing

I've been working on a project with JSON in the event where Tags are stored similar to this... {"Name": "exampl...

by Explorer in

How to fix appendcols returning more than necessary?

Hi everyone, I am new to Splunk and I am learning as I go. I'd like to know if anyone has any idea what I am doin...

by Explorer in

How can I make transpose work for all more than 5 days of data?

My actual query as all this data. but after i use transpose | sort by _time desc| eval mytime=strftim...

by Path Finder in

Is it possible to break a value down to partial values as a match or field?

So I have a field (plugin_output)that has a paragraph of hardware info as one value. The only part of the value I'm c...

by Path Finder in

How to pass calculate the latest row count in multiple lookups?

Hi All, I have around 100+ lookups, which get updated daily from indexed data using macro and saved search. I...

by Engager in

Is there an SPL query to know the last date UFs phoned in to a specific DS?

Is there an SPL query to know the last date UFs phoned in to a specific DS. We've many DS in our company

by Explorer in

How to resolve Error in 'similarity' command: External search command exited unexpectedly with non-zero error code 9?

I use nlp-text-analytics app for similarity between two strings but I get above error when I run line...

by Engager in

How to sum two fields?

I am attempting to eval a new field, from two other fields: | eval 4XXError=if(metric_name="4XXError...

by Explorer in

How to calculate Average with condition based?

Hi All, i am writing a query with the following: index=a0_payservutil_generic_app_audit_npd "kubernetes.lab...

by Path Finder in

Why am I yielding an error with Where Statement for exact numeric value?

Hello, I am experiencing an interesting Issue. I am trying to filter for a specific value in a numeric field. Foll...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

How to connect driver influxdb to Splunk db?

Does csv file accepts * symbol for lookup?

How to query the deployment server to get the serverclasses for a hostname?

How to get forwarded data into Splunk Enterprise?

How to find count of events by host from inputlookup?

How to identify the knowledge object related to a field?

How to make a table using Server Status?

Search to sum if IP is observed in different days

Replacing Field Value

Help with Timechart splunk

How to sort the data in a row based on the last word after hyphen?

Creating report search issues

Excluding daily values in chart if less then 1

How to Lookup cidrtomatch for loop

Please help me understand Eval function query

Complex JSON (and Multivalue) processing

How to fix appendcols returning more than necessary?

How can I make transpose work for all more than 5 days of data?

Is it possible to break a value down to partial values as a match or field?

How to pass calculate the latest row count in multiple lookups?

Is there an SPL query to know the last date UFs phoned in to a specific DS?

How to resolve Error in 'similarity' command: External search command exited unexpectedly with non-zero error code 9?

How to sum two fields?

How to calculate Average with condition based?

Why am I yielding an error with Where Statement for exact numeric value?

Can’t make it to .conf25? Join us online!

Can’t Make It to Boston? Stream .conf25 and Learn with Haya Husain

Splunk Lantern’s Guide to The Most Popular .conf25 Sessions

Unlock What’s Next: The Splunk Cloud Platform at .conf25

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions

Can’t make it to .conf25? Join us online!