Splunk Search

Discussions

Thread Info

Comparing value from two objects based on another field

Hi Splunk experts, My events have a timeline that tells me how long certain operations took. What I'm trying to de...

by Loves-to-Learn in

Automatic lookup not producing output fields

I have an automatic lookup configured for a particular sourcetype. The events that have this sourcetype are stored in...

by Explorer in

if there is no data for next 3 minutes we need to consider severity as normal with starttime, endtime

we are getting severity medium and high data with time into splunk. normal data not sending into splunk. if there is ...

by Loves-to-Learn in

Condition and Search string together not working

In Total_error Count , I want to add if the logs contains string like "exception", "failed", "error" ( Case Insen...

by Explorer in

Search strings and conditions together

Splunk is too powerful. But i wish the search criteria language would have been more generic something like sql ...

by Explorer in

Can i rename row values

from the table output, i want to rename row values for few fields, say for eg: Column 1Column 21AAA2C3D4MMM5MMM6DD...

by Explorer in

DB COnnect Lookup setup

Hello SPlunkers, For DB connect lookup I have reference search with below format, 2020-11-13 01:14:12 * PUT /pa...

by Path Finder in

Using REGEX to extract part of a combination of URLs

Hello SMEs: I need some assistance extracting everything between the 5th and 6th "/" from URLs like the one below. ...

by Path Finder in

Python script - generating command plus sending email

Good day I'm trying to write a python script that will be called from Splunk search. The script has a generating co...

by Communicator in

Getting choppy future events with predict

I am using the predict function to try to forecast out about an hour into the future for volume. In doing so it seems...

by Contributor in

Log file test needed

Hi, I am beginner at splunk and wondering if there is a test log file somewhere that I can get to get to know more...

by Engager in

column data output is going to next row

Hi, Here is my query: | search SRCreateRequest Completed | stats count as CreateSR| appendcols [search SRUpdateRe...

by Explorer in

Is there a way to create Chatbot within Splunk

Is there a way to create Chatbot within Splunk which should answer and function according to user questions

by Loves-to-Learn in

Calculate Lag time between events

I am trying to calculate lag time but have the following issues: _time is the same for each event as the data is in...

by Explorer in

Splunk search to group by the field values

Hi, I need to assign the values of a field to a new field and group with the new field. For ex. Field-1 Field...

by New Member in

How to get single row table output with fields from 2 log files using common field to join

Hi, I am trying to join to log files under same index & sourcetype having a common field between them. log event...

by Observer in

Weird result when using *| dedup somthing | timechart count

Hi I am now creating splunk dashboard, but I am facing a weird result that I am really confused: I tried two querie...

by New Member in

Working with lookup tables larger than 10500.

I have many lookup tables that I am working with and I am using the REST API to dynamically populate the lookup table...

by Engager in

Creating table based on Logs

Hi everyone, I need help creating a table based on my logs. My logs are formatted as follows: [2020-11-10 20:2...

by Loves-to-Learn Everything in

Combining searches

I'm trying to combine multiple searches to get a count for each day, but it seems everything I do breaks the search i...

by New Member in

Splunk Newbie

Hello, I am a Splunk newbie and I am having issues using this software. I have gone through documentation, but I ...

by Engager in

Extreme rex help

I am comfortable with the rex command when straightforward text strings are involved. I've got something that is de...

by New Member in

Bubble chart without numbers

Is it so that you have to have numerical values for all the data in a bubble chart?I've got a table with 4 columns, b...

by Splunk Employee in

how to table the hosts missing in splunk with lookup file for span=1d and for 7 days

I've been poking around Splunk Answers for a while today and can't quite match the scenario I've got. I have a 100 ...

by Path Finder in

How do I display 20% as an integer and still display as 20%

If I execute... | stats avg(mem_free_percent) as mfp by Region| fieldformat mfp=round(mfp, 1)."%" It will display...

by Engager in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Comparing value from two objects based on another field

Automatic lookup not producing output fields

if there is no data for next 3 minutes we need to consider severity as normal with starttime, endtime

Condition and Search string together not working

Search strings and conditions together

Can i rename row values

DB COnnect Lookup setup

Using REGEX to extract part of a combination of URLs

Python script - generating command plus sending email

Getting choppy future events with predict

Log file test needed

column data output is going to next row

Is there a way to create Chatbot within Splunk

Calculate Lag time between events

Splunk search to group by the field values

How to get single row table output with fields from 2 log files using common field to join

Weird result when using *| dedup somthing | timechart count

Working with lookup tables larger than 10500.

Creating table based on Logs

Combining searches

Splunk Newbie

Extreme rex help

Bubble chart without numbers

how to table the hosts missing in splunk with lookup file for span=1d and for 7 days

How do I display 20% as an integer and still display as 20%

Observe and Secure All Apps with Splunk

Splunk Decoded: Business Transactions vs Business IQ

Fastest way to demo Observability

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions