Splunk Search

Discussions

Thread Info

How to lower case the value present inside double quotes (String).

Hi Splunker, I would like to lower the string/value present inside the double quotes and then use as it is. Value...

by Engager in

Append more 50k or other soluction like a join

Hello community. I am not able to perform a sub-search between 2 sourcetypes. The 'drm' sourcetype has 5 million even...

by Explorer in

How to find events between date ranges

I am trying to find the events that are taking place between March 1 2021 and September 1 2021. I was hoping someone ...

by Observer in

help to extract value from field with rex function

Hi, please help. I would like to see in table (to extract with rex) value of field paid. Log is: 2020-12-23 12:14...

by Path Finder in

Run DBX query via REST API

I've checked this, but it hasn't solved the problem for me: https://community.splunk.com/t5/Getting-Data-In/Is-it-pos...

by Path Finder in

How to combine the values of same field into one

Hello My question is how to combine the same values into one which are getting differentiate by another field Ex...

by Path Finder in

Running loop on a search that takes one Id at a time

Hi, I have a lookup file that contains multiple Id's, I have a search that takes one Id at a time and returns the r...

by Explorer in

90th percentile

Hi I need to find 90th percentage avg, I tried by this way base search| mainMethod=LostStolen OR m...

by Path Finder in

Field Extraction from vcenter sshd logs

Hi team, I would like to extract the following fields from vcenter logs that are being sent to Splunk on a dedicated ...

by Path Finder in

How do I remove an app?

I see questions about difference between deleting apps and disabling them. I don't see how to actually delete them.

by Path Finder in

Min and Max Response Time

Hi I want to calculate Min and Max Response time only if the status is success.Below is the table format: MicroServ...

by Path Finder in

Get current date in splunk text area

Hi All, I am looking for a dashboard panel, where user can enter their comments in one column by typing themselves ...

by Path Finder in

Having a time range based on a second time field

Hi, i have extracted data from a database into a summary index which is updated every hour. The database has ...

by Communicator in

search field from 1 index to other index field

Hi , i have a index "otx" and having field "indicator" so i want to trigger alert if any IP address from "indicat...

by Explorer in

How to Extract specific word from application log

Here is the sample log and I need to check which modelId is having most of the error using rex and stats count ####...

by Path Finder in

how to accelerate get timechart data from datamodel

Hai, please I wanna ask how to accelerate to get timechart with datamodel from this query | datamodel Intru...

by New Member in

Merging and counting 3 data sets

I have 3 data sets that I'm trying to merge and count. Data set 1 my_id | company_id | company_name | my-ty...

by Observer in

How to compare each day's events to lookup table values and return differnces?

I have a search that gets events related to procedures from the past week and organizes them into days. I also have a...

by Explorer in

_timeの修正後の値で検索を行う

_timeの修正後の値で検索を行いたいのですが、うまくいきません。 |eval _time = _time +600 時間範囲で検索をしても修正前の値で検索がされます。ご教授ください。

by Engager in

How to create a list of literal values of strings with Splunk query language?

The requirements is to find the event_A and event_B such that There is some event A's before the event_B, and the e...

by Communicator in

Parse JSON string with different structures

We have Multiple apps that generate logs and there format is little different . Splunk currently just shows that f...

by Engager in

Extract specific data from logs.

Hello, I need help with extracting specific data from logs. I know this has been discussed few times before but ...

by Explorer in

how to create a script command in a ksh

Hello, I have some alerts that send an email with the events to me if triggered. I need to create a custom script f...

by Path Finder in

eval a new field base on a search result

hey ninjas, i have a search result like the following: error_code1 42 error_code2 55 error_code3 62 error_code4...

by New Member in

Triggered Alerts Results

Hello, I'm looking to get the triggered alert results with alert name and triggered time in one table. Being very s...

by New Member in

Get Updates on the Splunk Community!

Splunk Search

Discussions

How to lower case the value present inside double quotes (String).

Append more 50k or other soluction like a join

How to find events between date ranges

help to extract value from field with rex function

Run DBX query via REST API

How to combine the values of same field into one

Running loop on a search that takes one Id at a time

90th percentile

Field Extraction from vcenter sshd logs

How do I remove an app?

Min and Max Response Time

Get current date in splunk text area

Having a time range based on a second time field

search field from 1 index to other index field

How to Extract specific word from application log

how to accelerate get timechart data from datamodel

Merging and counting 3 data sets

How to compare each day's events to lookup table values and return differnces?

_timeの修正後の値で検索を行う

How to create a list of literal values of strings with Splunk query language?

Parse JSON string with different structures

Extract specific data from logs.

how to create a script command in a ksh

eval a new field base on a search result

Triggered Alerts Results

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions