Splunk Search

Ask a Question

Discussions

Thread Info

How to get count 0 for the field value which is not matching with events

Hi Splunkers, My requirement is below . I have lookup where 7 hosts defined . when my search is running for bot...

by Path Finder in

Splunk Citrix get-brokersession

I have a powershell script running get-brokersession which then exports the results to a txt file. The file is then...

by Path Finder in

SPL Time range is giving issue

Hi Splunkers! I wish to get data in a specific time range using earliest and latest command . I have checked with...

by New Member in

Framing query with tstats command

Hi, Can anyone please help me to frame the SPL script. I have to collect the list of devices reporting in splunk al...

by Explorer in

Head for each value of a field

Hi there. I'm relatively new to searching in Splunk so I can't sometimes get my head wrapped up around some Splunk ...

by SplunkTrust in

"Corrupt csv header" : how to find the corrupted csv?

I find on splunkd.log a lot of warnings as: "Corrupt csv header, contains empty value (col #3)" without any other det...

by Explorer in

How to remove missing value timestamps for accurate delta calculation

HI, I'm running a search for two different timeranges, for missing datapoint pair it's creating discrepancy with m...

by Explorer in

Hi Splunkers - Heat Map Index - Host

Hello friends, I am trying to create a heat map where I can see the indexes on the left side and in each cell of the ...

by New Member in

Multiple Server New Field

Can we create a new field which contains the group of multiple servers name and that field I can use directly in all ...

by Explorer in

Regex issue

Hi Teami am trying to make below field regex which is coming in every single event. but its not allowing me to use sa...

by Path Finder in

How to loop through times for same search

Hi Splunk Experts,I'm not sure how easy it's using Splunk, I've a field (_time) with list of epoch_time values in it....

by Contributor in

How to extract the json based key value pair for defined match?

below is my json file. I want to notify whenever there is a change in last property , "displayName": Included Update...

by Observer in

Fill field with first value

I have a data set for web traffic. A sessionID ties all traffic for an individual browsing session together - all ev...

by Engager in

Regex to query csv raw data

I have a CSV raw data which has files names and data inside the files which is seperated by double quotes and comma. ...

by Explorer in

Getting unique values of a field.

Hi all. I have a field called TaskAction that has some 400 values. But, I only want the distinct values of that field...

by Communicator in

How to use eval with If ,AND

Hello Splunkers,I have the following query returning the search results, index="demo1" | search "metrics.job.o...

by Explorer in

Optmise dedup Splunk search

Hi - I am looking to optimise this search by removing dedup, the idea of the search is to remove duplicate paymen...

by Observer in

Export

I want to export results of a search in pdf format but it shows

by Contributor in

Users who are logged in right now

Hey, Is there a search that shows all of the users that are logged in to my Splunk instance right now? I have s...

by Motivator in

Stuck in writing complex query

I want to get below in single query 1. dc of field1 overall 2. dc of field2 by field1

by Path Finder in

splunkd_ui_access logs

Im trying to create some dashboards to make reading _internal logs easier. I'm trying to figure out what all for the ...

by Communicator in

How to extract a csv data fields message data into fields?

I have a field message that whenI run the search index=example123 host=5566 |search "*specials word*" I table ...

by Communicator in

[Advice/Help] Lookup Table search taking long

Hello All, Can ya'll give me advice on why my query taking so long? In a dashboard it just times out and regular v...

by Engager in

Field from Automatic Lookup (KV Store) not usable

I have a KV Store with replicate turned on, a lookup definition with WILDCARD(match_field), and an automatic configur...

by Contributor in

How to join two queries and show not contain value

Good day, I am pretty new to Splunk and want a way to join two queries together.Query 1 - Gives me all of my assets ...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

How to get count 0 for the field value which is not matching with events

Splunk Citrix get-brokersession

SPL Time range is giving issue

Framing query with tstats command

Head for each value of a field

"Corrupt csv header" : how to find the corrupted csv?

How to remove missing value timestamps for accurate delta calculation

Hi Splunkers - Heat Map Index - Host

Multiple Server New Field

Regex issue

How to loop through times for same search

How to extract the json based key value pair for defined match?

Fill field with first value

Regex to query csv raw data

Getting unique values of a field.

How to use eval with If ,AND

Optmise dedup Splunk search

Export

Users who are logged in right now

Stuck in writing complex query

splunkd_ui_access logs

How to extract a csv data fields message data into fields?

[Advice/Help] Lookup Table search taking long

Field from Automatic Lookup (KV Store) not usable

How to join two queries and show not contain value

Splunk Enterprise Security 8.x: The Essential Upgrade for Threat Detection, ...

Get Early Access to AI Playbook Authoring: Apply for the Alpha Private Preview ...

Reduce and Transform Your Firewall Data with Splunk Data Management

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions