Splunk Search

Discussions

Thread Info

Download/Export all the Indexed data from Splunk cloud

We have approximately a year's worth of data in our Splunk Cloud instance. Due to certain reasons, we need to export ...

by Loves-to-Learn Lots in

_rawdata

Hi, I had been using search syntax "rename "_raw" AS errortrace" in my custom search but one of my app team needs ...

by Engager in

removing decimal value in table

how do i get the values in days_to_eol to just show without the .00 decimal. I even rounded the result to th...

by Path Finder in

Want To extract fields and values from JSON

Below is my row text in Splunk and i want to extract JSON array from from below row text. After extract I want to ...

by Path Finder in

how to convert number to string using tostring function?

Hello,how to convert number to string using tostring function?I tried using tostring function, but the result is stil...

by Motivator in

Extracting fields within nested json data

Hi, I am new to splunk development .Please provide your assistance for creating a search . Thanks advance. Tryin...

by New Member in

How to convert transpose rows to columns by column name match

I have result like this column, row 1 TotalHits: Create, 171 TotalHits: Health, 894 TotalHits: Search, ...

by Explorer in

Count of multiple unique events per field

Hi Folks, I have two types of events that look like this Type1: TXN_ID=abcd inbound call INGRESS Type2: ...

by Observer in

How to find a index are used in reports, alerts and dashboards?

It there any best way to find if an index used in any of the saved searches, alerts, reports and dashboard

by Engager in

timechart function not working as expected

I have this query which is working well in Splunk8 whereas I am getting timechart with wrong values in Splunk9. Is th...

by Observer in

Search earliest and latest within a field

Hi All; I have list of events, which includes a field called reported_date, format is yyyy-mm-dd. I'm trying to c...

by Explorer in

Count values changes only when value in a column changes

Hello wonderful Splunk community, I have some data where I want count to change only when status changes:Status C...

by Builder in

Using match to see if a container begins with a string and setting a value as a result

I am trying to write a search query as part of our alerting. The intention is that if search results come from a cer...

by Engager in

Help in optimising a horrible regex (46K+ steps)

Hi Splunkers,I am trying to extract a string within a string, which has been repeated, with the addition of some pre-...

by Explorer in

How to get ip range lookup?

I uploaded csv lookup table has 2 field location and iprange.iS THERE WAY TO GET WHAT ARE POSSIBLE IP IN EACH RANGE. ...

by Path Finder in

Search Query Specific Values

Hello, I'm trying to only capture and show only the time it took for the service to complete. Shown below, is is a ...

by Path Finder in

How to show only related fields when condition matches

Hi Team, I am trying to create a search which says If myField= xyz, then i need to show id , salary ,departm...

by Engager in

Split time period into shorter intervals

Hello, I have this data set: event, start_time, end_time EV1, 2024/07/11 12:05, 2024/07/11 13...

by Path Finder in

Host Field is Using the Old Hostname

Hi, I'm facing an issue with 5 hosts, recently we change the hostname of these machines but it is not reflected in ...

by Explorer in

How to convert the result to a 2-digit decimal and then convert it to a percentage

Hi How to convert the result to a 2-digit decimal and then convert it to a percentage. index=p1991_m_tiltline...

by Loves-to-Learn Everything in

Grab json value with dynamic key from splunk

Hi everyone, I have a json data payload as below: { location: US all_results: { serial_a: { resul...

by Engager in

Need help with a query

How can I match the IPs from csv file with the CIDR ranges in another csv? If no CIDR matches, I want to return ...

by Communicator in

Splunk for DBA

I have been trying to create some analyzes in splunk for a few week now. Sometimes I succeed, sometimes I fail. I ap...

by Path Finder in

How can i Search field from two different file source and merge in to a single table ?

Bellow mentioned table is an example which having same index and sourcetype, but it have a different source. I nee...

by Explorer in

Help refining .csv lookup evals, data not outputting properly

hi! Working on adding a holiday table as a lookup to reference for alerts based on volume and want to alert on differ...

by Engager in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Download/Export all the Indexed data from Splunk cloud

_rawdata

removing decimal value in table

Want To extract fields and values from JSON

how to convert number to string using tostring function?

Extracting fields within nested json data

How to convert transpose rows to columns by column name match

Count of multiple unique events per field

How to find a index are used in reports, alerts and dashboards?

timechart function not working as expected

Search earliest and latest within a field

Count values changes only when value in a column changes

Using match to see if a container begins with a string and setting a value as a result

Help in optimising a horrible regex (46K+ steps)

How to get ip range lookup?

Search Query Specific Values

How to show only related fields when condition matches

Split time period into shorter intervals

Host Field is Using the Old Hostname

How to convert the result to a 2-digit decimal and then convert it to a percentage

Grab json value with dynamic key from splunk

Need help with a query

Splunk for DBA

How can i Search field from two different file source and merge in to a single table ?

Help refining .csv lookup evals, data not outputting properly

Get Operational Insights Quickly with Natural Language on the Splunk Platform

Stay Connected: Your Guide to August Tech Talks, Office Hours, and Webinars!

Unleash the Power of Splunk MCP and AI, Meet Us at .Conf 2025, and Find Even More New ...

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions