Splunk Search

Ask a Question

Discussions

Thread Info

Outlier detection

Hi! I have a data set consisting of a csv-file with three columns with numerical data. I have performed my own i...

by New Member in

Calculating Splunk License Usage Based on a condition

Hi Team, I am aware that we can able to pull the license usage stats in splunk for index, host and sourcetype for a...

by Contributor in

Need SPL advise for stats

I have following data: I am trying to generate SPL which provides me following: Essentially change_...

by Explorer in

How to filter ipv6 addresses and keep only ipv4?

Hi, We have a lookup file with some ip addresses. It could be in IPv4 or IPv6 format. There is also could be one or...

by Communicator in

extra data from particular filed and show in chart

I have logs like {"message": "Submitted amount category1: 213, category2: 543.56, category3: 4343.00", "specialCustom...

by Path Finder in

Get the context of an error

Hi Splunk Community! I'm trying to get the context of an error. Here is a snippet of the logs: 2021...

by Engager in

Remove everything after .com in website

Is there a simple way to remove everything after website.com Currently I have several urls imported into splunk, so...

by Loves-to-Learn Everything in

Specify a day w/ a Token

Just looking for a simple way to do this. I have an input token of how many days to look back where I want to just...

by Contributor in

Splunk and Azure SQL audit via Event Hub

I'm not sure how to even troubleshoot this. A few weeks ago, we started a dropoff in events into splunk. We are s...

by Explorer in

How to collect data from lookup into index without overwriting

Afternoon All, Have been playing with a search that will eventually become a saved search within Splunk ES. Idea is...

by Explorer in

Splunk App for Windows - Missing Task Category, Type and windows_perfmon_details_collection

Dear Sir i've tried to implement the Splunk App for Windows . But i have some problems. 1.Splunk add on for Micro...

by New Member in

Which chart I can use to display stats

My search query finding MAX, AVG response times of API. | search ("API-1 call start" OR "API-1 response sta...

by Path Finder in

Make a Chart by 2 fields

Hi guys, I want make a chart with the value below. With IP is the separated line, and connections is the value, apach...

by Path Finder in

Display only a particular key

Hi Can someone help me with the splunk query where i need to display only eapply as the key...|eval key=mvindex(spl...

by Path Finder in

How to distinguish two similar strings

Hello I have two similar strings that I need to differentiate. These are the key words in the String 1. Special ...

by Communicator in

Check event count before running stats?

I have a query where it runs a certain summary query every 15 minutes in a bucket. However, there are fairly frequent...

by Path Finder in

How to execute conditional DNS lookup in a search?

The problem I am trying to solve is the following: if src_hostfield is missing, null or empty, add it to events by pe...

by Path Finder in

Combining 2 Queries Using Same Field

I have two queries. One gets the total number of events using the message field: index=my_index sourcetype=...

by Explorer in

Text input field

Hi, In my dashboard i have set of inputs and when i submit the values gets stored in a lookup file. 2 dropdowns ...

by Path Finder in

Multiselect input

Hi, In my dashboard i have set of inputs and when i submit the values gets stored in a lookup file. 2 dropdowns ...

by Path Finder in

group search results by hour of day

Hi splunk community, I feel like this is a very basic question but I couldn't get it to work.I want to search my in...

by Path Finder in

Correlation of two searches

Good day Community,I would like to know what is the best approach to filters events based on previous query. My preci...

by Explorer in

Don't execute rest of commands if there is no events from base search?

Hi Our client have the next (kind of query) runs as a schedule. It can found events or not, based on current situat...

by SplunkTrust in

Jump multiple links at the same time

Hello everyone, I am now editing the pie chart section of the dashboard, I want to add a list of URLs to let click ...

by Engager in

SPL for Wrong Written Searches

Hi, I have a problem about wrong written searches. In our system, there are so many users. Every user will be able ...

by Explorer in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Outlier detection

Calculating Splunk License Usage Based on a condition

Need SPL advise for stats

How to filter ipv6 addresses and keep only ipv4?

extra data from particular filed and show in chart

Get the context of an error

Remove everything after .com in website

Specify a day w/ a Token

Splunk and Azure SQL audit via Event Hub

How to collect data from lookup into index without overwriting

Splunk App for Windows - Missing Task Category, Type and windows_perfmon_details_collection

Which chart I can use to display stats

Make a Chart by 2 fields

Display only a particular key

How to distinguish two similar strings

Check event count before running stats?

How to execute conditional DNS lookup in a search?

Combining 2 Queries Using Same Field

Text input field

Multiselect input

group search results by hour of day

Correlation of two searches

Don't execute rest of commands if there is no events from base search?

Jump multiple links at the same time

SPL for Wrong Written Searches

Fueling your curiosity with new Splunk ILT and eLearning courses

Splunk AI Assistant for SPL 1.1.0 | Now Personalized to Your Environment for Greater ...

Unleash Unified Security and Observability with Splunk Cloud Platform

Search for triggered save searches and their actio...

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Using Machine Learning Toolkit to detect auth abus...

Proactively stream data to different index after C...