Splunk Search

Ask a Question

Discussions

Thread Info

Earliest time and latest time

I'm doing Splunk search at 5 minute intervals. Getting data every 5 minutes. For example, earliest="07/10/2021:07:...

by New Member in

Average EPS

We are using Splunk Cloud and the Cloud Monitoring Console provides a graph showing the KB/s and Events/s per forwar...

by Path Finder in

split 2 multivalue fields concurrently/ split 1 multivalues row into multiple row

Hello, Currently encounter 1 issue which unable to split 2 multivalues fields concurrently.my table: Productcolor...

by Path Finder in

help on single panel with trend

hello I need to display a single panel with trend but it doesnt works does it miss something? <dash...

by Motivator in

Providing time filter in firedalerts rest apis

I want to fetch the results from triggered alerts from time T1 to T2. Tried passing the earliest_time or earliest ...

by Engager in

regex to extract "WFLY*:"

Hi What is the regex for this "WFLY*:" I want to get all jboss error code start with (WFLY) and (star wildcard) t...

by Motivator in

Compare 2 datasets

I have 2 data sets index=support source=sites earliest=-1d@d latest=-0d@d index=support source...

by Path Finder in

Compare the row values to the above row.

Compare the row value with the above row value ,if the above row value is grater than the present row value, it shou...

by Communicator in

Several searches on one table

I'm trying to take the results of 2 different searches in the same index and display them on one table, I tried to us...

by Loves-to-Learn Lots in

Splunk query to check for error within 150 seconds range

Hi, I need to configure an alert when there is an error. Example: "error: file not able to found" for an app ...

by Communicator in

dbConnect-Schedule

Hi, Using dBConnect in SPLUNK, how I would setup to schedule my SQL query to run a particular time in a day or week...

by Motivator in

Searching for files that were successfully served

Hello, I am doing a fundamentals course lab and cannot figure out what to search in order to get a list of "all web a...

by New Member in

u

by Explorer in

awsAddOn sourcetype=aws:config:notification configurationItem.resourceType = AWS::S3::Bucket no Longer Showing

Hello, we use the AWS AddOn for Splunk for all of our AWS Inputs. For a few months, after many years of this showin...

by Explorer in

Dashboard : Input's searches produce no results

Hi everyone, I've an issue that I don't understand. As mentioned in subject, I'm realizing a dashboard with dropdow...

by Explorer in

How to get unique Maximum value of corresponding field?

Hi there, I have data like this: Server loadA65A50B35C55B45C70 I want to get a maximum peak loads of each ser...

by Path Finder in

Using Rex to combine multiple fields in separate columns

Hello Splunk Community! I was hoping if someone can help me out here. I have been having problems adding a thir...

by Explorer in

Extracting field from JSON data

Hi, New to Splunk, I am trying to create a Test Automation dashboard. I have the following JSON in my SPLUNK event...

by Explorer in

REGEX

Hi guys, im noob in regular expressions!!2021-07-05 23:22:12.807 +01:00 [WRN] XXXXX.Membership.Renew Long Running Req...

by Engager in

Find the count of a specific field value in json array of objects.

Hi i have a json data which i am working on and i used fieldsummary to get data similar to below image. sample exam...

by Explorer in

Unable to pass header using curl command

I am trying to hit a URL from splunk using curl command. The end point needs an header to be passed with the key valu...

by Explorer in

Sum Field value with no duplicates and how to timechart it.

Hello Team, I have just started learning Splunk  Example: I have done basic search index="xyz" | I have go...

by Explorer in

Find records with a certain field defined

I'm looking for records that have a "user_email" field defined and not equal to "unauthenticated" How do I do t...

by Engager in

Multiple rex expressions

I'm trying to write to write a search to extract a couple of fields using rex. The text string to search is: "SG:G0...

by Engager in

Subtract input from output

HiI have some process that does not finish successfully, Now i want to trace them with splunk. here is scenario:I h...

by Motivator in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Earliest time and latest time

Average EPS

split 2 multivalue fields concurrently/ split 1 multivalues row into multiple row

help on single panel with trend

Providing time filter in firedalerts rest apis

regex to extract "WFLY*:"

Compare 2 datasets

Compare the row values to the above row.

Several searches on one table

Splunk query to check for error within 150 seconds range

dbConnect-Schedule

Searching for files that were successfully served

u

awsAddOn sourcetype=aws:config:notification configurationItem.resourceType = AWS::S3::Bucket no Longer Showing

Dashboard : Input's searches produce no results

How to get unique Maximum value of corresponding field?

Using Rex to combine multiple fields in separate columns

Extracting field from JSON data

REGEX

Find the count of a specific field value in json array of objects.

Unable to pass header using curl command

Sum Field value with no duplicates and how to timechart it.

Find records with a certain field defined

Multiple rex expressions

Subtract input from output

.conf25 Community Recap

Splunk App Developers | .conf25 Recap & What’s Next

Congratulations to the 2025-2026 SplunkTrust!

In Splunk studio, is it possible to populate a tex...

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

Splunk Search

Are you a member of the Splunk Community?

Discussions