Splunk Search

Ask a Question

Discussions

Thread Info

Typecasting String to Hex/Dec/Oct

I'm looking for a way of typecasting ASCII characters (A,B,C,D,etc) into their decimal or hexadecimal formats. I've...

by New Member in

How to match strings that in a text .file with my logs that indexed?

hi. I have a txt file include many strings, and many logs from my web server that indexed. I want to find the lo...

by Engager in

compare 2 field different source type

Hello guys, I have the VPN log and network log.- In VPN log's it's possible to show IP and USERNAME - In Network lo...

by Loves-to-Learn Lots in

Extract multiple key value pairs from one of the partially auto extracted field

Hi, I am having difficulty in extracting key=value pairs from one of the auto extracted field.The problem is that, ...

by Path Finder in

Convert 210910085155 to yymmddhhmmss or dd/mm/yy hh:mm:ss

Hi Need help converting 210910085155 to yymmddhhmmss index=mydata| eval fields=split(EventMsg,",")| eval file_st...

by New Member in

Webtools app how to make get requests

Hello @jkat54 , @richgalloway I am new to the add-on and am not able to figure out how to make API calls...

by Explorer in

Backslash character on subsearch result

Hi, i am currently working in a search to filter values based on a lookup table and i am having a difficult time with...

by Communicator in

Display line chart of average of fields

I have quiz values for 10 quizzes. Each quiz is a column and the values are 0-100 in each row. I am trying to just ...

by Engager in

How to Calculate the Percentage of each entry

I have the following SPL and I want to show table below. The value of Total must be equal to count of events (1588). ...

by Explorer in

Capture and remove zeros from ipv4 address

Hello I'm trying to capture the ip address from the PXE log example shown. I want to also trim any preceding 0 so I c...

by Explorer in

Create a stats line per host

Hi, We have a custom search that should alert when a critical host, that we have defined in the search, is missing....

by Communicator in

Why source name in chinese characters display with messy code in web browser？

Hi I've upload a file with chinese name，the content(which is also in chinese character)can display and query normal...

by New Member in

PROPS Configuration for csv without Header Source files

Hello, I have issues to write PROPS configuration file for following csv file (please see screenshot below for samp...

by Motivator in

Transforming Search Output

base search| fields _time host pdfpath status| stats values(pdfpath) as pdfpath values(host) as host by _time status|...

by Communicator in

How to write the regex to remove the filename and only return the path from my data?

I'm trying to remove the filename from path and return path only in Splunk example: `C:\path\path\path\path\app...

by Explorer in

extract basename from path

Hi, Im trying to extract basename that's is abc.log from the below D:\Program Files\User\abc.log using | eval ...

by Explorer in

Percentage of two values

Hi I have a field called STATUS with 2 possible values "SUCCESS" or "WARNING" but the percentages don't seem to w...

by Builder in

Search xml data

I have logs in the format of json where message is the key and message contains the value mentioned below messa...

by New Member in

search a value in previous time period and add to current count

Hello! is it possible to search a field value and then count it for example first the current week and then add...

by Communicator in

Unknown error for indexer: XXXX . Search Results might be incomplete! If this occurs frequently, check on

Hi I am migrating from a single install to a cluster 1SH + 1MD + 3 Indexers. ...

by Influencer in

Use results from a search to make multiple different searches and place the results in a table

Dear Splunk Community, I need some help fetching data from a source, then use the results as a searchparameter for ...

by Communicator in

how do I make a table out of common nested json keys with uncommon json key parents?

I have the following JSON event that I'm indexing in splunk: { "plugins": { "Redirection": { ...

by Path Finder in

EVAL to Determine match to field.

Hi, I have a data source of call records for phone calls. This data contains a field "A_Number". I want to class an...

by Explorer in

How to (chart / graph) the percentage of two string occurrences ?

This is the query that I am starting with: index=index sourcetype=logs StringA | stats count as A | appendcols ...

by Contributor in

Append multiple field values to a csv list

Hi folks, I'm trying to append multiple field values to a csv as a result of a search. The csv file contains a list...

by Engager in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Typecasting String to Hex/Dec/Oct

How to match strings that in a text .file with my logs that indexed?

compare 2 field different source type

Extract multiple key value pairs from one of the partially auto extracted field

Convert 210910085155 to yymmddhhmmss or dd/mm/yy hh:mm:ss

Webtools app how to make get requests

Backslash character on subsearch result

Display line chart of average of fields

How to Calculate the Percentage of each entry

Capture and remove zeros from ipv4 address

Create a stats line per host

Why source name in chinese characters display with messy code in web browser？

PROPS Configuration for csv without Header Source files

Transforming Search Output

How to write the regex to remove the filename and only return the path from my data?

extract basename from path

Percentage of two values

Search xml data

search a value in previous time period and add to current count

Unknown error for indexer: XXXX . Search Results might be incomplete! If this occurs frequently, check on

Use results from a search to make multiple different searches and place the results in a table

how do I make a table out of common nested json keys with uncommon json key parents?

EVAL to Determine match to field.

How to (chart / graph) the percentage of two string occurrences ?

Append multiple field values to a csv list

Index This | When is October more than just the tenth month?

Observe and Secure All Apps with Splunk

What’s New & Next in Splunk SOAR

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions