Splunk Search

Community Activity

Can I rename different fields the same thing? I'm working with a dataset that lists companies and individual people, so that some entries have the field "Entity Na... by Federica_92 Communicator in Splunk Search 10-25-2024 2 6	2	6
How can I display only 1 value in a timechart that uses a by Hellohow can I display only 1 value of these 3 "maxCapacitMachine" results (which are the same in all 3 cases) in a B... by Splunked_Kid Explorer in Splunk Search 10-25-2024 0 5	0	5
How can I optimize my Splunk queries for better performance? I’m experiencing slow performance with my Splunk queries, especially when working with large datasets. What are some ... by sajjadali1122 New Member in Splunk Search 10-25-2024 0 2	0	2
How to extract fields from source? How to extract fields from below source./audit/logs/QTEST/qtestw-core_server4-core_server4.log I need extract QTEST ... by karthi2809 Builder in Splunk Search 10-25-2024 0 2	0	2
Replace Notable Title Variable With Value I need to replace the variables in the field rule_title field that is generated when using the `notable` macro. I was... by Devinz Loves-to-Learn Lots in Splunk Search 10-25-2024 0 1	0	1
Help with join query for Salesforce Hello Smarties... Can someone offer some assistance; We recently started ingesting Salesforce into Splunk, Username a... by linaaabad Observer in Splunk Search 10-24-2024 0 2	0	2
Dashboard panels with shared base search stopped working... Some years ago I've created a (beautiful!) dashboard, with multiple panels, which presented related data at different... by unitedmarsupial Path Finder in Splunk Search 10-24-2024 0 3	0	3
Dedup Question Hello Everyone,Having a hard time finding the appropriate way to display data. I have duplicate data where one field ... by enb_splunk Engager in Splunk Search 10-24-2024 0 1	0	1
Compare results from same field I'm using cmd \|iplocation src, and the results produce results for the City. Next i want to compare each City and rep... by CyberWolf Path Finder in Splunk Search 10-24-2024 0 5	0	5
Using Lookup csv file to query fieldname I have a lookup file saved with a single column having values of specific fields in it. And want to use to search in ... by chrismatt02 Explorer in Splunk Search 10-24-2024 0 6	0	6
Splunk query to build a table with total event count, sub event count and sub event in percent Hi Team,i am trying to design a query which show be result like total event count, sub event count and sub event in p... by cbiraris Path Finder in Splunk Search 10-24-2024 0 2	0	2
delete fault submitted events, including avg timechart delete Hi Community,i have a data source, that submit sometimes faulty humidity data like 3302.4 Percent.To clean / delete t... by CMEOGNAD Engager in Splunk Search 10-24-2024 0 9	0	9
Service maintenance in search Hi,I am a rookie in SPL and I have this general correlation search for application events:index="foo" sourcetype="bar... by niemi_splunk Explorer in Splunk Search 10-23-2024 0 4	0	4
extract fields Oct 22 14:20:45 10.5.0.200 DNAC {"version":"1.0.0","instanceId":"20fd8163-4ca8-424b-a5a9-1e4018372abb","eventId":"AUD... by afeng New Member in Splunk Search 10-23-2024 0 4	0	4
How to merge two fields into one field? I have the following result set coming from a search: field_1 field_2 1 2 3 4 5 6 I need to mer... by lpolo Motivator in Splunk Search 10-23-2024 9 32	9	32
Field Extraction index=_internal I tried to run the Indexing Performance: Instance dashboard but was not getting any data, on exploring the search I f... by geekf Path Finder in Splunk Search 10-23-2024 0 6	0	6
How to convert the value into months , days Hi I am building dashboard for UPS monitoring and i would like to convert a specific metric which is battery age. W... by jaibalaraman Path Finder in Splunk Search 10-23-2024 0 5	0	5
Missing values in results I found this very usefull search for a dashboard on gosplunk:\| rest /services/data/indexes \| dedup title \| fields tit... by Jakfarh Loves-to-Learn in Splunk Search 10-23-2024 0 2	0	2
How to assess the storage if we modify the index searchable retention days Hi,I have an use case in which I need to assess the storage difference of the index.Like for example, I have an index... by shoaibalimir Explorer in Splunk Search 10-22-2024 0 3	0	3
optimizing a query that check the ldap service I created the following query to check the status of ldap service but i was wonder if there a better query tag=NAME ... by bond77s Explorer in Splunk Search 10-22-2024 0 2	0	2
Displaying unique URIs visited per session as columns I have a splunk search that returns two columns, SESSION and URI. How can I show the sequence of URIs visited by each... by jbrenner Path Finder in Splunk Search 10-22-2024 0 4	0	4
Error in "litsearch" command Good morning, Getting a weird error this morning when trying to run searches. It is saying that m license is expired,... by JoshuaJJ Path Finder in Splunk Search 10-22-2024 0 6	0	6
Variable earliest/latest in main search I have a working dashboard that displays a number of metrics and KPIs for the previous week. Today, I was asked to e... by DATT Path Finder in Splunk Search 10-22-2024 0 3	0	3
Drilldown Token from Single Value Panel to Stats Table Panel Need help passing a token value from a Single Value Panel using the ( \| stats count) in conjuction to the ( \| rex fie... by ramuzzini Path Finder in Splunk Search 10-21-2024 0 1	0	1
Fecth the field based on other field condition Hi,I need help to fetch field based on other field condition.I have lookup table as below,NAME STATEabc-a-0 host1 ma... by myusufe71 Explorer in Splunk Search 10-21-2024 0 1	0	1