Splunk Search

Ask a Question

Discussions

Thread Info

timechart conditional result

Hello, i have objects with names that all carry a unique and constant "Software-Signature" with them. This si...

by Explorer in

Dashboard

As Per below screenshot, i getting results the difference between last week host and this week host count. But i...

by Motivator in

Search result from different App

Hi , Is it possible to get the search result from a specific app to my own application? Example: The result of...

by Builder in

Extracting multiple values for single field

I'm trying to extract multiple values for a single field. I've got the beginnings of the regex sorted to extract it, ...

by Communicator in

Charting diff of events with running total

I have some firewall session state logs which get sent to Splunk every minute. The session state events contain a uni...

by Contributor in

Top 10 stores for each state

Hello folks; Completely new to SPLUNK. I am trying to get a table of the 10 stores for each State for the current...

by Loves-to-Learn Lots in

Updating maximum value

I have a data set with values in a specific moment in time. Each day can have multiple values (but in different event...

by Observer in

Lookup from multiple table

Hello, my goal is to find and combine data from multiple source. Here: employee_lookup: the table for all emplo...

by Explorer in

Splunk Keywords definations

HI, I am new to Splunk and I am looking forward to learning more. I wanted to know where do I learn what keywor...

by Explorer in

Query to find out users belong to a particular role

Is there any query to find out users belong to a particular role . For example , if i have a role called "least_role"...

by Path Finder in

Splunk Education - Down for Maintenance

Hello I see that Splunk education is down for maintenance and was wondering when the site would be back up? ...

by New Member in

How to use eval with IF?

eval A=if(source == "source_a.csv", "1" , "0") The result is 0 in every entry. What is wrong? I have two sources s...

by Explorer in

Run a generating command over a set of values

I have a search that will return a number of search ids. index=_audit | <various modifications>| table search_id ...

by SplunkTrust in

Need last logon for a user

Need to know what was the last time a domain AD account “username” was logged into and from what server/machine pleas...

by Engager in

extract string from _raw data

Hello need help to extract the number from this result: Total number of files under /wmq/logs/AMXDEVRC120/active is...

by Explorer in

Manipulate Token Value and use in search

Hopefully, I can explain this to where it makes sense. I have a forum where I use a TEXT input to generate a token to...

by Engager in

Sub Search failing due to return with no items

I am very close but need some assistance. I am attempting to create an alert based upon the criteria "Free Megabytes...

by Path Finder in

Predict: In dashboards

can we keep bar chart in stacked from even after using predict command? My Case: In my case after using predict c...

by Path Finder in

How to exclude computer account name from results

I am running a very simple search to determine accounts locked out: server01 OR server02 OR server03 OR server04 E...

by Path Finder in

Stats count and field with oldest event

I'm sure it's out there somewhere and maybe I'm just brain fried from looking at Splunk for too long, but I wasn't ab...

by Explorer in

how can i perform a filter after i do a search

date reportid notificationid status 10/1/2020 5555 ...

by Path Finder in

Set max concurrent search for a particular saved search

Hello community and experts, Is it possible to set a max concurrent search for a particular saved search? The use...

by Explorer in

google and bing keyword

I am seeking to get a list of the user typed keyword searches from the proxy activity. Below is what i got but those...

by Engager in

Search optimization

by Explorer in

Yes / No Column if EventCode Found in Lookup

I have a lookup table with certain Windows Event Codes. I am searching our Windows index for all Windows Event Codes...

by Builder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

timechart conditional result

Dashboard

Search result from different App

Extracting multiple values for single field

Charting diff of events with running total

Top 10 stores for each state

Updating maximum value

Lookup from multiple table

Splunk Keywords definations

Query to find out users belong to a particular role

Splunk Education - Down for Maintenance

How to use eval with IF?

Run a generating command over a set of values

Need last logon for a user

extract string from _raw data

Manipulate Token Value and use in search

Sub Search failing due to return with no items

Predict: In dashboards

How to exclude computer account name from results

Stats count and field with oldest event

how can i perform a filter after i do a search

Set max concurrent search for a particular saved search

google and bing keyword

Search optimization

Yes / No Column if EventCode Found in Lookup

Celebrating Fast Lane: 2025 Authorized Learning Partner of the Year

Tech Talk Recap | Mastering Threat Hunting

Observability for AI Applications: Troubleshooting Latency

Error preventing me from saving search with chart

In Splunk studio, is it possible to populate a tex...

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

Splunk Search

Are you a member of the Splunk Community?

Discussions