Splunk Search

Discussions

Thread Info

How to create a search to check single user having multiple transaction?

Hello Team @SPL, Was working on some of the development activity, got stuck at some level. We have a scenario whe...

by Explorer in

Indexing data rather than the log file containing the data?

Is it possible to ship only specific statements from a log file, to be indexed on Splunk rather than indexing the ent...

by Engager in

How to add Dynamic Json path addition in splunk query

Hi Team, I have below JSON structure data.searchByUserName.customerDetails.... data.searchByLastName.custo...

by Observer in

Why are eval fields not in table?

Hi, Iam trying a simple query where i want to see the percentage of calls with a particular response time in splun...

by Engager in

Is there Documentation on Sumo logic data migration to Splunk?

Hello, we are trying to find a way to import sumo logic data into Splunk, existing sumo logic is getting replace ...

by New Member in

Lookup Editor: Can I open a specific lookup file from a link in my dashboard?

Hello All, I am wanting to create a user-defined "dictionary" for a dashboard and would desire for the user to clic...

by Path Finder in

How can I index logs to a specific splunk cloud?

Hi there, If I have several splunk clouds and a heavy forwarder on-premise, how can I configure the heavy forwarder t...

by Explorer in

Multivalued field mapping issue from an nested XML source

Hello Splunkers! I have an issue in grouping multivalued field after extracting fields from nested xml. The sample ...

by Path Finder in

Why do daily outputlookup searches have zero results and leave an empty lookup file?

We often create daily lookups from our search results, which are then used for several other key searches. On occasio...

by Contributor in

Can I press enter in a splunk search and not do a search it just moves the text to a new line.

Can I press enter in a splunk search and not do a search it just moves the text to a new line. In excel it is to ...

by Motivator in

Help with Transforming an ingest of timestamped data into a weekly backlog graph

Hi forum! I have a couple of tricky questions on working with same indata and same type of graphs... I am curre...

by Observer in

How to compare splunk ingestion volume?

Hi Team, I'm looking for a query to compare Splunk ingestion volume between the current date and a week ago i.e co...

by Path Finder in

How to Multiple Source Type Search?

Hello, I need some help. I am new to Splunk and have run into an issue. I want to have table that will displa...

by Engager in

Why does search only return partial columns?

Hello folks, Been busting my head here.. trying to pull data from multiple sourcetypes which I thought would run ...

by Engager in

Why is the strptime() eval not returning anything?

I am using imported CSV data to search throughout Splunk and the CSV file defines the column TIME and only includes t...

by Engager in

How to append string to timechart data labels?

Hi, I have a column timechart with numerical values, and I would like to add strings, or characters, after these valu...

by Explorer in

How to get list from inputlookup and run search on this smaller list?

Hi All, I have a SPL query that runs on an index , sourcetype which has milions of jobnames. I want to my SPL t...

by Explorer in

Help getting count by letter grade based on score range

Hi, I was hoping someone can help me, though I have seen some examples, but all of them involve case. I need to cr...

by Loves-to-Learn in

How to create a search check on a single day which a user had done transactions for more than 3 different vendors?

Hello Splunkers, @SPL , Was working on some of the development activity, got stuck at some level. We have a sc...

by Explorer in

How to get result for field value difference?

Working with this query, I'm hoping to get only results where field values are greater than the other. ...

by Explorer in

*NEW* Splunk Love Promo!
Snag a $25 Visa Gift Card for Giving Your Review!

It's another Splunk Love Special! For a limited time, you can review one of our select Splunk products through Gartner Peer Insights and receive a $25 Visa gift card!

Review:
SOAR (f.k.a. Phantom) >>
Enterprise Security >>
Splunk Enterprise or Cloud for Security >>
Observability >>

Or Learn More in Our Blog >>

Splunk Search

Discussions

How to create a search to check single user having multiple transaction?

Indexing data rather than the log file containing the data?

How to add Dynamic Json path addition in splunk query

Why are eval fields not in table?

Is there Documentation on Sumo logic data migration to Splunk?

Lookup Editor: Can I open a specific lookup file from a link in my dashboard?

How can I index logs to a specific splunk cloud?

Multivalued field mapping issue from an nested XML source

Why do daily outputlookup searches have zero results and leave an empty lookup file?

Can I press enter in a splunk search and not do a search it just moves the text to a new line.

Help with Transforming an ingest of timestamped data into a weekly backlog graph

How to compare splunk ingestion volume?

How to Multiple Source Type Search?

Why does search only return partial columns?

Why is the strptime() eval not returning anything?

How to append string to timechart data labels?

How to get list from inputlookup and run search on this smaller list?

Help getting count by letter grade based on score range

How to create a search check on a single day which a user had done transactions for more than 3 different vendors?

How to get result for field value difference?

Is it possible to change the severity/color of the...

Why does statistics from a tstats change while the...

How to write query for Windows Remote Desktop Conn...

Help with Transforming an ingest of timestamped da...

How to generate alarm for when CPU peaks at100% o...