Splunk Search

Ask a Question

Discussions

Thread Info

Date field comparison

I need help regarding comparise a ISO 8601 date field with a specific date. Below is a simple example: index=devi...

by Explorer in

How to show data from TWO different sourcetypes ?

I have,sourcetype_A (fields : ID, age, city, state)sourcetype_B (fields : ID, job, salary, gender)The fields "ID" i...

by Contributor in

Extract raw data for URL into field

Hi, In the following log, I wanted to extract Url, Method, ResponseTimeMs, StatusCode as a table: log: a_level="I...

by Explorer in

Splunk Join is Left the same as outer in Splunk?

Is Type=Left the same as type=outer in Splunk? If so why do they list it as three options? https://docs.splun...

by Influencer in

Is it possible to query IIS logs for a monthly web application hit count for multiple web applications on a domain?

Hello, I was wondering if it is possible to use Splunk to query IIS logs for a monthly application hit count for mu...

by New Member in

Count and chart two different queries

Hey all, Newbie here learning Splunk. I'm starting to get into dashboards and want to create either a pie chart or ...

by Explorer in

Did my search work or not?

I've been trying to resolve this since October and not getting traction. Turning to the community for help: I have...

by Path Finder in

json Field value extraction

I would like to get the list of those items in the properties field, like appName, levelId, etc. ...

by Path Finder in

action field is not returning any results from all indexes

Hello, Looks like the action field is not returning results for almost all of the indexes. This is only impacting o...

by Engager in

Searching for 2 different events on the same order number

Hello Splunk Community, I'm fairly new to splunk and am using it to search and alert me for testing failures in my ...

by Engager in

Create bar graph with ranges specified in the x axis

I have created a bar graph. The following is the query. index= "cx_metrics_analysis" sourcetype="cx_metrics_httpeve...

by Communicator in

Convert years month days to Days

Hey, Can anyone help me convert Age to Days? Have trouble parsing and calculating. Sample Data Age 2 year...

by New Member in

Search peer and search process errors

hello, Our physical servers had to restart and as such the splunk servers dropped. we are now having issues o...

by Communicator in

How to pass the search results to an email body by using sendresults

I am using "sendresults" command and pass the search results to an email body template; however, the search results d...

by Path Finder in

macro with calculated parameters

I am trying to assign a value to a parameter in a macro that is based on a calculation of a value being sent to the m...

by Path Finder in

lookup table to search lookup table?

I have been trying to figure out why this doesn't work. |inputlookup ioc_domain.csv | table query | search NOT [inp...

by Engager in

Using variables with IN and LIKE functions

I am using Splunk Enterprise V8.2.3.2. I am trying to alert when a scheduled search becomes disabled. The problem is ...

by Explorer in

how to have one droplist input used for 2 panels with adding suffix for one panel?

Hi,Splunkers, I have a dashboard with 2 Panels， which share one droplist input. droplist has name/values as A...

by Communicator in

Join multiple events and separate timestamp fields

I've been having difficulty with this for a while and looking for some help. I'm attempting to find users logging ...

by Engager in

rex to extract duration

HiHow can I extract duration with below condition? (it is important to check these condition to find correct match)1)...

by Motivator in

How to get ServiceNow to create an event ticket

Can someone help me to get ServiceNow to create an event ticket every time my Splunk alert gets triggered? I had foll...

by Engager in

count value not returning

Hi, I'm Trying to calculate success percentage, for that I'm taking total and request count. but, I'm unable to get...

by Explorer in

How to search for values greater than 10 in the results?

I am working on the query that generates a table with count of security violations. I want to filter our the users wi...

by Path Finder in

how to change the lables of x axis of a bar graph

Hi all, I have to plot a bar graph in which duration in hours will be in x axis and number of tasks will be in y ax...

by Communicator in

Group by a substring within a event results

I am actually new to splunk and trying to learn . Is there a way to group by the results based on a particular string...

by Engager in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Date field comparison

How to show data from TWO different sourcetypes ?

Extract raw data for URL into field

Splunk Join is Left the same as outer in Splunk?

Is it possible to query IIS logs for a monthly web application hit count for multiple web applications on a domain?

Count and chart two different queries

Did my search work or not?

json Field value extraction

action field is not returning any results from all indexes

Searching for 2 different events on the same order number

Create bar graph with ranges specified in the x axis

Convert years month days to Days

Search peer and search process errors

How to pass the search results to an email body by using sendresults

macro with calculated parameters

lookup table to search lookup table?

Using variables with IN and LIKE functions

how to have one droplist input used for 2 panels with adding suffix for one panel?

Join multiple events and separate timestamp fields

rex to extract duration

How to get ServiceNow to create an event ticket

count value not returning

How to search for values greater than 10 in the results?

how to change the lables of x axis of a bar graph

Group by a substring within a event results

Can’t make it to .conf25? Join us online!

Can’t Make It to Boston? Stream .conf25 and Learn with Haya Husain

Splunk Lantern’s Guide to The Most Popular .conf25 Sessions

Unlock What’s Next: The Splunk Cloud Platform at .conf25

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions

Can’t make it to .conf25? Join us online!