Splunk Search

Ask a Question

Discussions

Thread Info

Mean Time To Triage

i have this spl | tstats `summariesonly` earliest(_time) as _time from datamodel=Incident_Management.Notable_Event...

by Explorer in

Need to extract aws-region from host name

Hi Team, I want to extract aws-region from host name. host= "my-service-name-.ip-101-99-126-252-us-west-2c". ...

by Path Finder in

pass variable and value to subsearch

Hi All I have a question and need to do the following: Search contidtion_1 from (index_1 ) and then get the value...

by Engager in

Splunk - Output of one query as an input to another query

Hi, I have two different queries running on same dashboard but a different panel. Below is the query one which ...

by Path Finder in

calculate percentage of a each ErrorCode field by servername

Hi how can I calculate percentage of a each ErrorCode field by servername? here is the spl: index="my_index"| r...

by Motivator in

Looking for a splunk UberLegend to give me a man page on multireport

I've seen a few of my colleagues recently use a command called multireport which seems to be largely undocumented to ...

by Contributor in

Sysmon Event Parsing

I'm having trouble getting all the fields from sysmon automatically parse with the microsoft sysmon add in could some...

by New Member in

How to display content from uploaded CSV

Hii have uploaded a CSV file and would like to know if it is possible to only display the content in the file? Feat...

by Engager in

Hide _raw instead of using a sed expression to trim _raw?

Dear Splunk community, I am using rex to extract data from _raw and put it into new fields like so: [...

by Communicator in

To merge rows of a column into one

Hi All, I am trying to merge the rows of a column into one row for the below table: App_Name Country Last_Deploy...

by Contributor in

Matching only part of a string to return a result when different

Hi, I am streaming results from a Kubernetes cluster and i am monitoring for pod restarts by looking at the name of...

by Communicator in

Use Trellis with many values by graph.

Hello, I don't find solution here and I managed to get it to work. First of all, if you want separate in many da...

by Path Finder in

Splunk labels in table format

Hi There, Log event: [ 2021-02-04 23:14:28.925 SingleApp log:158] 200 GET /apache/proxy/user/1123123/qsdd...

by Explorer in

Line breaking help

Hello,Can anyone please help me with the line breaking. Multiple Security events are merged into a single event, putt...

by Loves-to-Learn Lots in

How to remove path from spath field names

Hello, So I love the spath command. With just one call, it will automatically extract and make searchable each and...

by Explorer in

How to get rid of extra space from the output of a splunk query

Hi Guys, I have a splunk command which returns a filename as the output. But i found that there is an extra sp...

by Explorer in

Exclude 1 date of duration calculation when jobs ran late.

Hello here's is my problem, I made a search which calculates duration between two jobs.Jobs are supposed to run durin...

by Engager in

How to find out Iphone device details from user agent string

Hi Can any one help me finding out Iphone device information from user agent Example - iphone 12 , SE , 6 etc ...

by Path Finder in

Adding email domain to values

I have a field, let's say the user field, that has both usernames without a domain and some with. I want the fields...

by Explorer in

output csv file is splitting in different rows

Hi , Could someone help me with the below issue In splunk cloud I have 500+ events and each event contains 100+ l...

by Path Finder in

Jira Add on for splunk

how to pull data from JIRA ID, and use the value pulled from JIRA in splunk search query

by New Member in

Using subsearch result as a "contains" filter

I have a search that I need to filter by a field, using another search. Normally, I would do this: main_search ...

by Path Finder in

Proper use of join vs. append - correlating events by a common field

Hi all,I'm working to correlate a series of events. These events are all part of a logging process of a separate appl...

by Path Finder in

Extract a file name from the splunk logs

Hi team, I am new to the splunk. I am just running a splunk query with an ID name to get the file assocaited w...

by Path Finder in

Need help to create a regular expression

Hi All, I am trying to create a regular expression to extract a value from a given log. Below is the log: 2021-10...

by Contributor in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Mean Time To Triage

Need to extract aws-region from host name

pass variable and value to subsearch

Splunk - Output of one query as an input to another query

calculate percentage of a each ErrorCode field by servername

Looking for a splunk UberLegend to give me a man page on multireport

Sysmon Event Parsing

How to display content from uploaded CSV

Hide _raw instead of using a sed expression to trim _raw?

To merge rows of a column into one

Matching only part of a string to return a result when different

Use Trellis with many values by graph.

Splunk labels in table format

Line breaking help

How to remove path from spath field names

How to get rid of extra space from the output of a splunk query

Exclude 1 date of duration calculation when jobs ran late.

How to find out Iphone device details from user agent string

Adding email domain to values

output csv file is splitting in different rows

Jira Add on for splunk

Using subsearch result as a "contains" filter

Proper use of join vs. append - correlating events by a common field

Extract a file name from the splunk logs

Need help to create a regular expression

🌟 From Audit Chaos to Clarity: Welcoming Audit Trail v2

Splunk Enterprise Security 8.x: The Essential Upgrade for Threat Detection, ...

Get Early Access to AI Playbook Authoring: Apply for the Alpha Private Preview ...

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions