Splunk Search

Ask a Question

Discussions

Thread Info

Display latest data in dashboard

Hello all, I have a requirement below : I'm pushing csv file(not pushing regularly) data to splunk index using sp...

by Communicator in

How to get all the values in y axis - Visualization Tab

Hi All, How do we all the values for a single field? Currently, the chart is displayed with the LoginName(x axis)...

by Engager in

Calculate the average run duration for a job and display as a visualization

Hi everyone! In my logs coming in, I log the duration for a job to complete, for several different jobs. Example of d...

by Loves-to-Learn Everything in

Report with percentages and counts per month

I did a search of the last 3 months on fields A = "xxx" and B = "yyy" and it has to return me 2 other fields, C and D...

by Communicator in

Asterix search returns nothing

When I first setup Splunk on my local machine (Playing around with it as I learn it), I could search for '*' and get ...

by Explorer in

Help on where condition which doesn't works

Hello The search below returns results but the where condition doesnt works `wire` | eval USERNAME=upper(...

by Motivator in

Search for tag!=foo when "foo" doesn't exist as a tag returns nothing instead of all events.

Hello All, I am new to Splunk and ran into my first wall when attempting to omit search results using tags. Any hel...

by Engager in

multisearch in table format

Hi, I was trying to add 2 searches | multisearch [search host=p-css* SRCreateRequest 400 | stats ...

by Explorer in

How to parse p4 logs

2020/11/12 12:37:17 pid 282689 compute end .028s 23+5us 0+32io 0+0net 16472k 0pf Perforce server info: Server net...

by Engager in

Regex and subnets

Hi all!Help write a regular expression. You have to filter by url + filter exclude subnets.For example:example.com/ar...

by New Member in

splunk event identifier

hey there  i'm trying to make a table with the next fields: name, last name and message:index a | table name ...

by Explorer in

Not Results Found Error

I have uploaded a csv dataset into Splunk, and have been able to successfully use the dataset addon and pivot my data...

by Loves-to-Learn in

extracting fields & values from SQL logs

I am trying to extract field names and values from SQL logs. IE - “… INSERT INTO table (COL1, COL2) VALUES ('VAL1', '...

by Path Finder in

Sort rows

Hello all, I am a newer Splunk user and I am trying to sort the following rows: Level: Low Moderate Hig...

by New Member in

Unknown search command 'isnull'

Hi, I am trying the following search syntax in Splunk to build out a report of our top 25 riskiest systems. But wh...

by Explorer in

how to get last field value by time range picker

Hello,What I want to get a table with all fields populated with their last values by time range.For each form I have...

by Explorer in

'Stats count by' set to specific count?

I'm trying to create a query where I get results of a specific user triggering two of the same alerts. Is there a way...

by Explorer in

Non-admin user with list_settings capability failed to send alert email when mail sever use SMTP auth.

Have defined a new non-admin user and already add list_settings capability as instructed by the Splunk document here....

by Splunk Employee in

How can I remove the default tags from the Splunk Visio Icons?

It seems ridiculous that I can't remove a label. Example: the firewall icon has "Firewall" right below. Really? It's ...

by Explorer in

Error rendering Forecast Chart visualization

Hi I'm trying to make use of the Forecast Chart Visualisation. I have added this visualisation to my dashboard, but...

by Communicator in

Subquery in an else statement

Hello, I trying to perform a subquery on an else statement, I believe that the way I'm trying to do it is not right...

by Explorer in

Search on raw events and datamodel give different amount

When I create simple basic search (throught index) for events, I get such amount of results All events are t...

by Path Finder in

extract exception from stacktrace field

Below is a sample log message. Each message will have string "500 Server Error for HTTP" and i need to extract 3 fie...

by Loves-to-Learn Lots in

Distributed: Unable to distribute to peer named X.X.X.X:8089 at uri=X.X.X.X:8089 using the uri-scheme=https be

Hi @gcusello , I'm getting no results when I run any queries in splunk. The following error I'm getting.Can y...

by Path Finder in

highest event count in given time frame per seconds

I'm trying to do the following search based on my index 'transactions' and field name called 'customers' for a custom...

by New Member in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Display latest data in dashboard

How to get all the values in y axis - Visualization Tab

Calculate the average run duration for a job and display as a visualization

Report with percentages and counts per month

Asterix search returns nothing

Help on where condition which doesn't works

Search for tag!=foo when "foo" doesn't exist as a tag returns nothing instead of all events.

multisearch in table format

How to parse p4 logs

Regex and subnets

splunk event identifier

Not Results Found Error

extracting fields & values from SQL logs

Sort rows

Unknown search command 'isnull'

how to get last field value by time range picker

'Stats count by' set to specific count?

Non-admin user with list_settings capability failed to send alert email when mail sever use SMTP auth.

How can I remove the default tags from the Splunk Visio Icons?

Error rendering Forecast Chart visualization

Subquery in an else statement

Search on raw events and datamodel give different amount

extract exception from stacktrace field

Distributed: Unable to distribute to peer named X.X.X.X:8089 at uri=X.X.X.X:8089 using the uri-scheme=https be

highest event count in given time frame per seconds

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

What’s New in Splunk Observability – September 2025

Fun with Regular Expression - multiples of nine

In Splunk studio, is it possible to populate a tex...

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

Splunk Search

Are you a member of the Splunk Community?

Discussions