Splunk Search

Ask a Question

Discussions

Thread Info

Symphony Grid Tasks query hangs up while using Splunk REST API

Hi Splunk Admins, Hi Users, I would like to give some background on our application. It is a C# application which r...

by Observer in

Can an alert be run from a specific Search Head in a clustered environment?

Hi all, we have a Splunk Enterprise clustered environment, with a cluster of 3 search heads. For many reasons, a ...

by Path Finder in

how to handle this kind of log using REGEX

Hi, I have log like following rid=iqwenoasd service=CP scopes=add-w,oot-s fields=birthdate,emails,identif...

by Explorer in

XOR decode search results?

Does anyone know a way to XOR results with a given key? By that I mean my search results would have an encoded hex st...

by New Member in

ML - best practice fillnull value to use for avg response time when count=0

Hi, I'm relatively new to Splunk. I'm building searches for mcollect to parse and store metrics into a metric sindex....

by New Member in

Send Search Data to Custom Command?

Hey All, I am wondering how you can make a search in Splunk, and then send the data it returns to a custom python c...

by New Member in

identify server host names as developemnt or test by name

Good afternoon I have a question about identifying the type of environment the servers are in by their hostnames be...

by Path Finder in

Duplicate entries in splunk search

Hi Splunk experts I need one help, the splunk search is giving me duplicate entries when I do a search. I have made...

by Explorer in

Remove the first line of CSV to index in splunk

I have a CSV file which first row contains the hear fields and remaining rows contains values as below. name,a...

by Explorer in

Adding Field Values Generated by a |stats latest(fieldvalue) command

Hello - I have the following search:<base search>| fields host registrations| stats latest(registrations) by ho...

by Communicator in

Disabling "Click Selection" on search results

Under "Format", there's a setting for "Click Selection". I remember that in Splunk 6, I could set that to "None" (or ...

by Explorer in

How to group by two months.

My query "mwt-service" my query |stats count by channel service date_month yields result like channelservicemo...

by Observer in

help on appendcols subsearch

Hello I use the search below in order to calculate a volume percentage | inputlookup host.csv | looku...

by Motivator in

subsearches

by Loves-to-Learn in

drilldown based on time

Hi, the following pic shows the chart in the left hand side, i want a drilldown based on time when i click on the ...

by Explorer in

How to feed a dropdown list from the search linked to this fropdown list

Hi As you can see in my XML I use a dropdown list which is feeded from a csv file I would like to be able to feed...

by Motivator in

event field extraction

We are unable to get more fields from search head. How we can to get more fields(all parsing fields) from event. T...

by Loves-to-Learn in

Search - joining results in table

Hello all, How would I join bellow results by common field -> host? Same index is used. I was able to create adva...

by Explorer in

JSON

I have a JSON file with .json extension which has a complete one line unstructured json. any events gets added to the...

by Observer in

Count distinct SPL help

Hi, Looking forward to learn from you guys. I am stucked at this calculation: Total of product in contract.I made a s...

by Explorer in

Need to split string at last character before numeric value.

So i have a possibly unique requirement, i'm trying to split up so log data but i have a string in one field that con...

by New Member in

Correlating two logs help, newbie

Hi, Ok at this point I can barely spell SPLUNK but I have gone through a bootcamp course and I'm trying to pull of...

by Explorer in

How to extract only latest events from particular field.

Hi Folks, I need your help in fetching latest event from a particular field. Sharing you a sample event and quer...

by Explorer in

Positive lookahead in rex to extract ABC, BCD, & CDE from ABCDE

Hi, folks.I am stumped on this matter. My goal is extracting ABC, BCE, & CDE from ABCDE into a multivalue field. So...

by Explorer in

Show SSL certs due to expire across windows servers

I have a CIM compliant log that includes an ssl_end_time which I am having trouble getting splunk to show me only cer...

by Explorer in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Symphony Grid Tasks query hangs up while using Splunk REST API

Can an alert be run from a specific Search Head in a clustered environment?

how to handle this kind of log using REGEX

XOR decode search results?

ML - best practice fillnull value to use for avg response time when count=0

Send Search Data to Custom Command?

identify server host names as developemnt or test by name

Duplicate entries in splunk search

Remove the first line of CSV to index in splunk

Adding Field Values Generated by a |stats latest(fieldvalue) command

Disabling "Click Selection" on search results

How to group by two months.

help on appendcols subsearch

subsearches

drilldown based on time

How to feed a dropdown list from the search linked to this fropdown list

event field extraction

Search - joining results in table

JSON

Count distinct SPL help

Need to split string at last character before numeric value.

Correlating two logs help, newbie

How to extract only latest events from particular field.

Positive lookahead in rex to extract ABC, BCD, & CDE from ABCDE

Show SSL certs due to expire across windows servers

Introduction to Splunk AI

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

Maximizing the Value of Splunk ES 8.x

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions