Splunk Search

Ask a Question

Discussions

Thread Info

Filter on service end date

Good day, I have been trying to figure out how to accomplish the following task for a few days now and thought I wo...

by New Member in

Replace multiple text strings with different values

i have to replace multiple text strings with different values. e.g. Log Statement:- "Hello, this is sample url f...

by Loves-to-Learn Lots in

splitting and sending the value from drill down to other dashboard

HI , I am trying to send values from one panel to another dashboard using drill down , is it possible to split ...

by Path Finder in

How to calculate the percentage of two columns?

Need to calculate the percentage of two columns- I have a search that gives me a total of two columns and I need to g...

by Path Finder in

Another rex field with backslashes question.

I can test \\[\w]+\\[\w]+\\(?<File_Path>.+) or simply \\\w+\\\w+\\(?<File_Path>.+) in Rex101 and it works fine ...

by Path Finder in

Group urls together for get requests that have GUID in them

Splunk noob here, Wanted to group our get endpoints under a single entry. We have the following query index=rep...

by Engager in

edit existing field extraction splunk ui

After Extracting fields for a source type, and spending a lot of time renaming them. I noticed I missed one. I can ...

by Path Finder in

IF Statement customized EVAL

Hi All, need help in my query, formatting an IF statement. My Code: index=opennms "uei.opennms...

by Communicator in

Index _internal doesn't return results when query from custom app

Hi friends! Im doing a search like index=_internal From a custom app, even if Im the admin user. I have a c...

by Explorer in

Some events are in Splunk, but are not searchable

Every event in an index has field XYZ (with a non-null positive number, no exceptions), and yet this search: index=...

by Explorer in

Insert a heading for 4 rows and give name using HTML

I have a dashboard which has 11 rows and each row has 4 panels, now out of 11 rows 5rows belong to one application an...

by Explorer in

Chart to show only values in X axis label when span=1m and query running for 1 day.

Hi All, I have a requirement where I need to show only alternate X axis label when I am running a chart command: ...

by Path Finder in

Listing all tags in the search interface

I have been tagging hosts to aid in searching by environment, service, sub-service I would like to make a dashboar...

by Communicator in

How to concat all rows in a single field able and use the result in another "search port IN"

In my Search 1, it will list all unique port numbers associated with a certain IP address, i.e. 1.2.3.4 "MYTOKE...

by Explorer in

How do i extract this field with regex?

i want to extract this below event from the _raw event for all the entries in query. Can you please help me on this. ...

by Explorer in

Why does stats via python SDK export returns multiple sets of results?

I get a different result set when using jobs.export of python SDK with a simple stats query compared to the same quer...

by Path Finder in

coalesce count

The goal is to get a count when a specific value exists 'by id'. This is not working on a coalesced search.The searc...

by Explorer in

How to suppress one or two fields and associated values in csv file.

I have data following data in csv file. need to suppress last one or two columns. please suggest me how to do that. ...

by Loves-to-Learn Everything in

Compare values of main search and subsearch

I am looking to compare the count of transactions processed in a 3 hour window to the count of transactions made in t...

by Engager in

Need to send mail with multiples information

Hello everyone, There is my search : my_severity=error my_app="name" earliest=-48h latest=-24h | stats count as ...

by Path Finder in

How to find SSH session in past month

I want to know that there are or not SSH sessions which is in last 5 minutes in past 1 month. (except today) - I wa...

by Explorer in

Rex expression Puzzle

Hey, is there anyone there good with rex expressions?I've been given a task by my boss, to extract 4 new fields from ...

by Path Finder in

How to table results only if field value within indexA is contained within field of indexB

I have email logs within index=Email and suspicious domain connections within index=Security. The field name within...

by Explorer in

How do I split a log entry into tags? how do I use this?

Hello, I am looking to split the log entry into tag using below link. https://community.splunk.com/t5/Splunk-Sear...

by Observer in

SPLUNK_HEC_URL is not working

Hello, I am trying to create Lambda function and enabling HTTP event collector using below doc. https://dev.splun...

by Observer in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Filter on service end date

Replace multiple text strings with different values

splitting and sending the value from drill down to other dashboard

How to calculate the percentage of two columns?

Another rex field with backslashes question.

Group urls together for get requests that have GUID in them

edit existing field extraction splunk ui

IF Statement customized EVAL

Index _internal doesn't return results when query from custom app

Some events are in Splunk, but are not searchable

Insert a heading for 4 rows and give name using HTML

Chart to show only values in X axis label when span=1m and query running for 1 day.

Listing all tags in the search interface

How to concat all rows in a single field able and use the result in another "search port IN"

How do i extract this field with regex?

Why does stats via python SDK export returns multiple sets of results?

coalesce count

How to suppress one or two fields and associated values in csv file.

Compare values of main search and subsearch

Need to send mail with multiples information

How to find SSH session in past month

Rex expression Puzzle

How to table results only if field value within indexA is contained within field of indexB

How do I split a log entry into tags? how do I use this?

SPLUNK_HEC_URL is not working

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

Using splunk-sdk in user-defined functions in Spar...

Verification of SAML assertion using IDP's cert fa...

ジョブを消しても復活する現象について

splunk threat intelligence taxii data

Splunk DB connect add-on InfluxDB 2.6