Splunk Search

Thread Info

traverse through each record and check whether that ticket breached SLA or not

Hi All, I have one set of output having 8 closed tickets for two consecutive months as a result of splunk query. I ...

by Explorer in

Location by Octet

I have a Linux Environment and SSH is a thing here. I need to show SSH log in with location. I got the map to work bu...

by Explorer in

Query to find records in different events

I have thousands of records (events), I would like to search field a if it exists in field b of other event (record)....

by Observer in

How obtain the sum of a multivalue field

In each of my events, I have a field named watched. The watched multifield contains the array of integers. Is it poss...

by New Member in

$1234,000 i need to remove strings from value

but value are not change

by Observer in

Run makeresults command through REST API is giving error

I receive the following error while trying to execute a simple "makeresults" command by using REST API call:Used endp...

by Path Finder in

issue with "_time" after using fit command in DLTK

Hi here is the default spl of App: Splunk App for Data Science and Deep Learning (Time Series Anomalies with STUMPY...

by Motivator in

Want to filter events based on the existence of a field with the same value in a different log

Hello, I'm doing a detection for an event on the same index with 2 logs, I want to filter events of Event A based on ...

by Explorer in

Splunk search

HI, i am new to Splunk and trying to gain hands-on experience, i am facing trouble to search the data based on this q...

by Loves-to-Learn Lots in

Field exists with multiple hosts

I've got two servers providing me temperature data. Host A has Sensor1 and Sensor2. Host B has Sensor1 and Sensor2. ...

by Explorer in

Streamstats time_window current=f error

Hello all, I am using steamstats with time_window=60m to calculate the moving average over the past hour. However,...

by New Member in

Missing data in tstats output

Hi All, using below query but not getting complete output.If there is no data present for Response time for particul...

by Path Finder in

How to count the number of times each name is repeated?

I have the following csv file: id,name,age,male 1,lily,10,girl 2,bob,12,boy 3,lucy,12,girl 4,duby,10,bo...

by Explorer in

Some cloudwatch log collection errors

I take a log using Python's print statement in lambda and save it in the cloud-watch log group.The log group is being...

by New Member in

multifield key between indexes

index=db OR index=app | eval join=if(index="db",processId,pid) | stats sum(rows) sum(cputime) by join Above is ...

by Path Finder in

center align the x axis labels in timechart

Hi Is it possible to center align the x axis labels in timechart, instead of them being in the left side of the ba...

by Contributor in

Drill down with transpose not working as expected to fetch the row and colomn values

Drill down with transpose not working as expected to fetch the row and colomn values, as its not giving me the accura...

by Explorer in

Display a custom text when results=0

How do I run a search against a sourcetype (which is very low volume), and display a custom text when there are 0 eve...

by Path Finder in

Can't Preview Source Type When Uploading Data

I am trying to create a props.conf to pass a custom timestamp. To do so I wanted to upload data and use the set sourc...

by Explorer in

indexer has stopped working

Hello Splunk community, One of my indexes doesn't seem to have indexed any data for the last two weeks or so. This...

by Loves-to-Learn Everything in

Combining multiple field values for stats/charting

I have a field in my data named severity that can be one of five values: 1, 2, 3, 4, and 5. I want to chart on the ...

by Path Finder in

... | append [ | makeresults ] makes the search time explode

I have a dashboard with multiple line charts showing values over time. I want all charts to have the same fixed time ...

by Path Finder in

Remove results based on subsearch

I'm looking to get all failed event log based on a field , and then trying to find the success event log for the same...

by Explorer in

Query to show specified time per day in timechart

Hi, I would like to create a time chart for a specified time suppose 8AM to 2PM everyday for last 30 days. I am able ...

by Engager in

Tracking user logon (standard and admin account) Windows AD

Hello, I am looking to create a report of a search. I have a requirement of tracking user logon to window machines (A...

by Engager in

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Splunk Search

Discussions

traverse through each record and check whether that ticket breached SLA or not

Location by Octet

Query to find records in different events

How obtain the sum of a multivalue field

$1234,000 i need to remove strings from value

Run makeresults command through REST API is giving error

issue with "_time" after using fit command in DLTK

Want to filter events based on the existence of a field with the same value in a different log

Splunk search

Field exists with multiple hosts

Streamstats time_window current=f error

Missing data in tstats output

How to count the number of times each name is repeated?

Some cloudwatch log collection errors

multifield key between indexes

center align the x axis labels in timechart

Drill down with transpose not working as expected to fetch the row and colomn values

Display a custom text when results=0

Can't Preview Source Type When Uploading Data

indexer has stopped working

Combining multiple field values for stats/charting

... | append [ | makeresults ] makes the search time explode

Remove results based on subsearch

Query to show specified time per day in timechart

Tracking user logon (standard and admin account) Windows AD

Splunk Observability Cloud's AI Assistant in Action Series: Auditing Compliance and ...

Splunk Community Badges!

What You Read The Most: Splunk Lantern’s Most Popular Articles!

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Joining records in a table

Splunk Answers Content Calendar May 2025!

Search for triggered save searches and their actio...

Splunk Search

Are you a member of the Splunk Community?

Discussions