Splunk Search

Thread Info

How do I monitor & troubleshoot if all data sources are communicating with assigned Indexers?

How do I monitor & troubleshoot if all data sources are communicating with assigned Indexers? The create a report or ...

by Builder in

Adding appendcols to table to produce two curves

I'm creating demand and supply curves which use streamstats to accumulate demand and supply in order to intercept the...

by Observer in

How to show logs happened 2 min before and 2 min after certain log

Hi Splunkers, i have search like this index=pkg_prespvm host IN (*)| dedup _raw| transaction host startswith="[In...

by Path Finder in

Concurrent VPN connections.

Hi guys, I'm going crazy and I'm completely lost. I'm trying to create a query that displays concurrent connect...

by Explorer in

Combine Sub searches with different time references

Hey, right now I am a bit messed up in the mind and not sure if I try to find an overly complicated solution to...

by Explorer in

How to get counts of same field with different info

Hello, We are logging various info during job level. Message filed carries all the info. I would like to get count...

by Explorer in

How to leverage a secondary time field at scale?

I have a dataset that has both FINISHDATE and CHANGEDATE fields in text. We use strptime(CHANGEDATE) for _time but w...

by Esteemed Legend in

Where to start learning to write splunk queries

by New Member in

Read regex based data from a log file using splunk forwarder

I have log file which polls an endpoint and if new version has come then only performs the operation. All the polling...

by New Member in

COmpare or join 2 fields to 3rd output

HI All, Need help in comparing 2 fields or join 2 values to build a table for another 2 field. CODE 1: ...

by Communicator in

Help calculating error breach rate

Hi, I'm trying to build a splunk query to calculate error rate breaches. Essentially, how often in 5 minute interva...

by Observer in

Comparing field with weekly average

Hi, I am trying to compare a field (Job duration) with its weekly average. Something is wrong with my join. It is r...

by Explorer in

How can i calculate the time difference with 1 key value and 1 col of data?

Hi there Splunkers,Maybe the title is a little bit weird but the point is, We have an entity who travel between 2 loc...

by Engager in

How do I extract a substring beginning by some characters and ending by :

Hi, I have this in my message string: Errors in file /u02/app/oracle/diag/rdbms/pwein1a/pwein1a1/trace/pwein1a1_c...

by Engager in

List indexes that are being used

Hello, I am trying to bring up a search that will tell me how much each index is being used, but the search_index fie...

by Path Finder in

Need help in append

Hello all, I am facing an issue in appending an query. Here my objective is to update the kv store with the lis...

by Explorer in

JSON formatting

I have the below JSON feed that I can see from a straight search. I'm trying to get some stats especially for pools-a...

by Loves-to-Learn in

Index specific columns from CSV file.

Hello Experts, The CSV file is located on file share and file is having columns Hostname, type, IP. From thes...

by Explorer in

Error using lookup command

I am running the below query,sourcetype="email" | rename SenderAddress as indicator |lookup tci indicator output type...

by Path Finder in

Configure HTTP Event collector to log client source-IP

Hi Team,I am looking to Configure HTTP Event collector to log client source-IP instead of the source host. Is there a...

by Loves-to-Learn Everything in

Field extraction for multiple types of values

Hello all, I am trying to extract the data from the field evtComponent from the below event, and this has a multipl...

by Explorer in

Need output value

Hi, Output of the below query has been attached, I need only the total value to be displayed in the dashboard. ...

by Builder in

Comparision of hourly Log count by average log count of last 7 days.

I have a Query need to compare hourly log count of today with the average value of last 7 days, if the count is great...

by Observer in

join search with condition

I have two searches:search-A gives values like typestatushostnameidportSizebasecachehttpOFFhost-117NANANANAhttpONh...

by Explorer in

Why isn't transaction working for me?

I have a process where I load data into database tables. My log file has the following entries for each : TableLo...

by Loves-to-Learn in

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Splunk Search

Discussions

How do I monitor & troubleshoot if all data sources are communicating with assigned Indexers?

Adding appendcols to table to produce two curves

How to show logs happened 2 min before and 2 min after certain log

Concurrent VPN connections.

Combine Sub searches with different time references

How to get counts of same field with different info

How to leverage a secondary time field at scale?

Where to start learning to write splunk queries

Read regex based data from a log file using splunk forwarder

COmpare or join 2 fields to 3rd output

Help calculating error breach rate

Comparing field with weekly average

How can i calculate the time difference with 1 key value and 1 col of data?

How do I extract a substring beginning by some characters and ending by :

List indexes that are being used

Need help in append

JSON formatting

Index specific columns from CSV file.

Error using lookup command

Configure HTTP Event collector to log client source-IP

Field extraction for multiple types of values

Need output value

Comparision of hourly Log count by average log count of last 7 days.

join search with condition

Why isn't transaction working for me?

Fueling your curiosity with new Splunk ILT and eLearning courses

Splunk AI Assistant for SPL 1.1.0 | Now Personalized to Your Environment for Greater ...

Unleash Unified Security and Observability with Splunk Cloud Platform

Search for triggered save searches and their actio...

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Using Machine Learning Toolkit to detect auth abus...

Proactively stream data to different index after C...