Splunk Search

Ask a Question

Discussions

Thread Info

Creating a new field from another field

Hi, Wondering if anyone can help. I am trying to create a new field called FS_Owner_Mail using |eval from both ...

by Engager in

Choose one result in Splunk table Query

Hello All, 1) I would like to add radio button / any way to select - one of the results of my below REST query sea...

by Explorer in

Search based on two different dropdowns

I have two dropdowns. I only want to run a single dropdown everytime for a search. Closed Dropdown has token value...

by Engager in

..

by Engager in

Find Ids of a table not in other search table

I have 2 type of search messages - Problem #1 Problem #5 and other one goes like this - Solved problem_id suc...

by Engager in

Daily and weekly discrete count in the same query?

I've got some queries I need to do periodically that use the exact same base search, one with teh weekly uniques and ...

by Explorer in

java curl splunk search produces error in SearchParser - missing a search command

In Java, I am trying to call a curl command that has a Splunk search to get contents of a lookup file. I've used ht...

by Path Finder in

How: transform csv field value, split, join and create dynamic field value pair

I use a lookup to define alert/SLO specifications. I use the lookups as input filters to my alert searches where I ca...

by Explorer in

extract pattern like splunk pattern

Hi, How can I extract pattern of raw data like pattern tab in splunk search? Thanks

by Motivator in

How to write field name in its value

Hi, How can I write the name of a field in the value like I have : test_1test_2test_3warnerrorcritical I wa...

by Builder in

How to reorganize a table

Hello, I have a table like that : customerprod_1prod_2prod_3customer_1 green customer_2red orange and I wou...

by Builder in

Limiting and grouping OTHER in stats command

Hi! I have a summarized field (docsReturned) by customer id that I would like to make a top X pie chart of, while sum...

by New Member in

filter time for specific range

| savedsearch cbp_inc_base | eval _time=strftime(opened_time, "%Y/%m/%d") || bin _time span=1d here _ time is g...

by Path Finder in

Want to merge two query with different fields in one

First queryindex = pcf_logs cf_org_name = creorg OR cf_org_name = SvcITDnFAppsOrg cf_app_name=VerifyReviewConsumerSer...

by New Member in

How to count every 15mins with complete time bucket

If I use bin _time as time span=15m | stats count by time on 17:20 for the past 1 hour, the result would be like .....

by Engager in

unable to convert epoch fomat to human readable format

When i convert following timestamp to human readable format i am getting "12/31/9999 23:59:59" instead of '01/04/22 0...

by Loves-to-Learn Everything in

Foreach command with eval if

Hi, I have a table like that : teststate_Astate_Bstate_C1okko- WARNko - ERROR2ko- WARNokok3okokok I would ...

by Builder in

lookup command not working while inputlookup working

Hi All, I have a .csv file named Master_List.csv added to splunk lookup. It has the values of the fields "Tech Sta...

by Contributor in

Can a subsearch return only the value (without the fieldname)?

(Copied from a legacy Splunk Forums post by user bpf) Hello I have the following problem: I have a Name. Wit...

by Splunk Employee in

SSLError

This code import splunklib.client as client host = "127.0.0.1"port = "8000"username = "---"password = "----" se...

by New Member in

How to count event by chosen month

Hi, I have a list of events span across more than a year, the event will contain type of card, transaction status. I ...

by Communicator in

splunk search query for CPU usage

Hi i am new to splunk.i have splink event like this" system CPU | 6.039 % | system time | 0.009 % | how can i get a...

by Loves-to-Learn Lots in

Extracting port number from url field

Hello, Suppose I've got the following url among lot of others : (logs come from something close to Squid but not in...

by Path Finder in

Truncate characters after a specific character using the Trim function

Dear all, best wishes for 2022. Is it possible to use rtrim to remove all characters out of a search result that co...

by Engager in

How to get the event count for the last 24 hours as a scheduled report?

can you please tell us, how to get the last 24 hours event count to schedule the report?

by Builder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Creating a new field from another field

Choose one result in Splunk table Query

Search based on two different dropdowns

..

Find Ids of a table not in other search table

Daily and weekly discrete count in the same query?

java curl splunk search produces error in SearchParser - missing a search command

How: transform csv field value, split, join and create dynamic field value pair

extract pattern like splunk pattern

How to write field name in its value

How to reorganize a table

Limiting and grouping OTHER in stats command

filter time for specific range

Want to merge two query with different fields in one

How to count every 15mins with complete time bucket

unable to convert epoch fomat to human readable format

Foreach command with eval if

lookup command not working while inputlookup working

Can a subsearch return only the value (without the fieldname)?

SSLError

How to count event by chosen month

splunk search query for CPU usage

Extracting port number from url field

Truncate characters after a specific character using the Trim function

How to get the event count for the last 24 hours as a scheduled report?

Building Reliable Asset and Identity Frameworks in Splunk ES

Cloud Monitoring Console - Unlocking Greater Visibility in SVC Usage Reporting

Automatic Discovery Part 3: Practical Use Cases

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Using Machine Learning Toolkit to detect auth abus...

Splunk Search

Are you a member of the Splunk Community?

Discussions