Splunk Search

Community Activity

	Using Index info to cross reference CSV and Map Hello, I have an indexed list of internal IPs that I have been able to get a count for based on a CIDR list on a CSV ... by IrishGuru Loves-to-Learn Lots in Splunk Search 09-01-2021 0 0	0	0
	rex extract literal stings with special characters I have a list of hundreds of string values that need to be extracted from a fieldthe problem is the values that need ... by spicy Path Finder in Splunk Search 09-01-2021 0 5	0	5
	subsearch matching latest I'm trying to create a query that basically says: Show me events that contain A, B, C or D where the latest is A or B... by rj1 Engager in Splunk Search 09-01-2021 0 2	0	2
	Dealing with logs that have different update times (while comparing them) (This is a continuation of https://community.splunk.com/t5/Splunk-Search/Creating-a-search-that-looks-up-values-from-... by aubine Explorer in Splunk Search 09-01-2021 0 0	0	0
	Creating a search that looks up values from one logfile and compares against another I have two logfiles, logfile1.log and logfile2.log. I have created their own field extractions for both of them. Here... by aubine Explorer in Splunk Search 09-01-2021 0 4	0	4
	Count events matching a specific string From the logs, I need to get the count of events from the below msg field value which matches factType=COMMERCIAL and... by newtosplunk14 Explorer in Splunk Search 09-01-2021 0 2	0	2
	Subtraction of X days from a date Hi guys, Probably very simple question but I just tangled myself in the logic. I want to create 2 fields, one with t... by klaudiac Path Finder in Splunk Search 09-01-2021 0 6	0	6
	Single value panel with trend based on avg(count) Hello there.What I'm trying to do is the following: search \| bucket span=60s _time \| stats count by _time \| ... I wan... by marco_carolo Path Finder in Splunk Search 09-01-2021 0 13	0	13
	Determining the total storage space a user's search artifacts are occupying (and calculating the time a search expires) I'm working on calculating the storage space taken up by a specific user. I would like to calculate the total size of... by BernardEAI Communicator in Splunk Search 09-01-2021 0 4	0	4
	How do I search for a list of Saves searches that don't use index name for searching in Splunk Ent. or ES. Thank u a lot I need to find a list of saved searches that don't use the index name in searching please. Any way to list the name o... by SamHTexas Builder in Splunk Search 08-31-2021 0 4	0	4
	Sum of particular field values Hi,Current tableExpectedfstatuscountsuccess604Userdefined39 Need to sum the "password mismach","policy policy constra... by Madhusri Engager in Splunk Search 08-31-2021 0 2	0	2
	Unable to get values of a field Hi Team, I have data with me as below. 2021-08-31 00:05:28\|Test\|Event\|[c.f.d.aop.sql.database ] 2ms :testing82021-08-... by sahil237888 Path Finder in Splunk Search 08-31-2021 0 1	0	1
	How do I make a list of Dashboards that are not working & who created them? in Splunk Ent. or ES? How do I search (any SPLs) for Dashboards that are not working (either built-in or created by users) or having errors... by SamHTexas Builder in Splunk Search 08-31-2021 0 1	0	1
	Why do I get "this health check item is not applicable" in Monitoring Console in ES while I have many KVstores ? Thank u How do I make sure the the ES KVstores are working & mapped properly to use them & avoid such errors? I appreciate so... by SamHTexas Builder in Splunk Search 08-31-2021 0 0	0	0
	How do I obtain an API key for an App. in ES please? I am getting an error with MITRE ATT&CK app that the API key needs to be corrected. Please advise. Thanks a million. by SamHTexas Builder in Splunk Search 08-31-2021 0 0	0	0
	How to exclude blank rows with time being displayed Hello Splunk Community,I've a query which lists accountNumber , targetAccountNumber, eventType, eventTimeThe query is... by iamsplunker Communicator in Splunk Search 08-31-2021 0 4	0	4
	multi lookup If the fields are different I'm going to stats through two lookups.srcip.csv fieldsrc_ip , subnetmaksdest.csv fielddest_ip,subnetmakssrc_ip , des... by nnonm111 Path Finder in Splunk Search 08-31-2021 0 1	0	1
	Remove spacing from records after inputlookup The contents of my lookup file, test12345.csv is shown below.ProductNumber,SerialNumber,StatusDateTime,Status"A12345 ... by moinyuso96 Path Finder in Splunk Search 08-31-2021 0 3	0	3
	How to use the result from one function into another function Hello all, I need help with this :((How to use derivatives of 1st function results into the 2nd function in splunk? P... by splunkymage Observer in Splunk Search 08-31-2021 0 1	0	1
	if else conditions in query Hi Team,Current tablecolumnrow1row2statusfailuresuccess My Requirement-1------if the row 1 has value as failure and i... by Madhusri Engager in Splunk Search 08-31-2021 0 1	0	1
	How do I search if a windows Event code xxxx from the Security logs is being ingested into Splunk? Please share a SPL to show if a certain event code ( Windows) from Security logs is being ingested into Splunk. I app... by SamHTexas Builder in Splunk Search 08-31-2021 0 3	0	3
	Use parametric time variable in source name Hello to everybody,we are trying to set a search that makes a diff between two files of two different days. This is t... by nicofantinato Path Finder in Splunk Search 08-30-2021 0 2	0	2
	how to extract payload data (key,value) into table i have data something like thisinput: firstname=value1,lastname=value2,email=value3,address=value4.. etc firstname=v... by ramki1459 Explorer in Splunk Search 08-30-2021 0 2	0	2
	Adding a row that is the sum of the events for each specific time to a table Is this possible to transform a data set from : TimeUserNumber of Errors9 pmJosh29 pmAndy110 pmJosh010 pmAndy111 pmJ... by learningsplunk Path Finder in Splunk Search 08-30-2021 0 2	0	2
	timewrap charts having timescale as the current week + 1/2/3 weeks before I am using timewrap function to compare data for a particular day of the week with same day of the week for last 4 we... by MayankChandra Engager in Splunk Search 08-30-2021 0 0	0	0

Get Updates on the Splunk Community!

Monitoring AI Agents with Splunk Observability Cloud

Let’s say I’m running a travel planning AI app in production. A user asks for three concise hotel options in ...

[Puzzles] Solve, Learn, Repeat: Tiling

This puzzle (first published here) is based on finding groups of tessellated tiles (inspired by floor tiles I ...

SOK it to Me: Top 3 Benefits of Using Splunk Operator on Kubernetes that’ll Make ...

Thursday, July 9, 2026 | 11:00AM–12:00PM PDT Duration: 1 hour (includes Q&A) Managing can feel like a ...

Splunk Search

Using Index info to cross reference CSV and Map

rex extract literal stings with special characters

subsearch matching latest

Dealing with logs that have different update times (while comparing them)

Creating a search that looks up values from one logfile and compares against another

Count events matching a specific string

Subtraction of X days from a date

Single value panel with trend based on avg(count)

Determining the total storage space a user's search artifacts are occupying (and calculating the time a search expires)

How do I search for a list of Saves searches that don't use index name for searching in Splunk Ent. or ES. Thank u a lot

Sum of particular field values

Unable to get values of a field

How do I make a list of Dashboards that are not working & who created them? in Splunk Ent. or ES?

Why do I get "this health check item is not applicable" in Monitoring Console in ES while I have many KVstores ? Thank u

How do I obtain an API key for an App. in ES please?

How to exclude blank rows with time being displayed

multi lookup If the fields are different

Remove spacing from records after inputlookup

How to use the result from one function into another function

if else conditions in query

How do I search if a windows Event code xxxx from the Security logs is being ingested into Splunk?

Use parametric time variable in source name

how to extract payload data (key,value) into table

Adding a row that is the sum of the events for each specific time to a table

timewrap charts having timescale as the current week + 1/2/3 weeks before

Monitoring AI Agents with Splunk Observability Cloud

[Puzzles] Solve, Learn, Repeat: Tiling

SOK it to Me: Top 3 Benefits of Using Splunk Operator on Kubernetes that’ll Make ...

How to get an extract of threshold values set in s...

how to query OCI Audit logs from Datasafe

SPLUNK ES 8.2.3 Drill Down not appearing

Using Splunk to Analyze Web Traffic & Machine-Gene...

How can i export a list of all services in APM

Splunk Search

Join the Conversation