Splunk Search

Ask a Question

Discussions

Thread Info

Table creation without Unknown Users

This is my scenario When I so a search on my event log there are 2 events for the same user. I have extracted the ...

by Communicator in

Force Span to have values

Hello! I'm trying to make a timechart with this: sourcetype=processedsiebel NOT error*| eval X =replace(SWEMeth...

by Path Finder in

Getting counts on multiple fields, while grouping by one of those fields

I am working with the fields srcip and malware-type. I need to show how many instances of each type of malware have b...

by Path Finder in

Bandwidth Report

Hello, I am new to Splunk and I set it up and configured my Sonicwall TZ200 to send syslog information to it. That...

by Engager in

regex formation

hi, in my log files there is a field name cpu time with different time values like 57.682 sec,0.572 sec and among the...

by New Member in

Replace from right side

How to replace from right. for example I want to replace string "3:12:34" to "3 hours 12 minutes 34 seconds". but in ...

by Explorer in

FIELDNAME regex rex

sourcetype="apache-access" | rex "(?i)\(.*?; (?P \w+)(?=/)" | top 100 FIELDNAME i'm using the above to...

by New Member in

Fields not extracted automatically,

Hi, I am using splunk 5.0.3 but found fields can't be extracted automatically on the splunk UI. To test, I loaded the...

by Builder in

Easier way to search a stanza?

Trying to parse out a set of stanza Node 1 Device 1 Healthy Device 2 Healthy Device 3 Healthy Node 2 Dev...

by Contributor in

Alerts in Dashboard Panel

I'm working on developing an app for a client, I'm looking to display the alerts that have fired (like it would appea...

by Explorer in

Cross reference sourcetype in a lookup table

I have a large number of Mid-Tier systems. Each one is associated with a specific set of IIS logs. Unfortunately the ...

by Builder in

How to get the clicked value using javascript

Hi, Iam using simpleresultstable module with pager to show results like below. a link View http://www.some u...

by Path Finder in

Every 1st of month Splunk stops showing data indexed from Splunk DB Connect

Hello, I have some queries running at Splunk DB Connect, when month changes, like today (from July to August), it ...

by Path Finder in

Ignore records in a lookup

I have a lookup table (attached sample) and in my search I want to return records "ACCT" is not in "ACCTNBR4" in the ...

by Engager in

compound query

Not sure this is really a "compound query" question, but not sure how else to describe it. I'm searching proxy log...

by Communicator in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Table creation without Unknown Users

Force Span to have values

Getting counts on multiple fields, while grouping by one of those fields

Bandwidth Report

regex formation

Replace from right side

FIELDNAME regex rex

Fields not extracted automatically,

Easier way to search a stanza?

Alerts in Dashboard Panel

Cross reference sourcetype in a lookup table

How to get the clicked value using javascript

Every 1st of month Splunk stops showing data indexed from Splunk DB Connect

Ignore records in a lookup

compound query

What’s New in Splunk Cloud Platform 9.1.2308?

Index This | Why do they call it hyper text?

State of Splunk Careers 2023: Career Resilience and the Continued Value of Splunk

Users with the same roles, in the same app, and sa...

auto_generated_pool_download-trial

Automatic lookup during data ingestiont (Splunk cl...

Working with OpenTelemetry Cumulative Histogram Bu...

Better PDF report visualization