Splunk Search

Discussions

Thread Info

Count requests that start, but don't finish

I have an API that logs the start and end of each request. What I'd like to make sure I'm monitoring is the requests ...

by Loves-to-Learn Lots in

using append with mstats and eval

The following query is being used to model IOPs before and after moving a load from one disk array to another. The "...

by Path Finder in

array

HelloI have log like belowFEATURES_USING=[tokenValidatorInfo=false, requestValidationRequired=false, requestPayloadVa...

by Explorer in

latest

HelloI have below logs in last 60 minslog1: ABC=1,DEF=2,GHI=3log2:ABC=0,DEF=0,GHI=3while executing my query for last ...

by Explorer in

grouping and counting rows with respect to 2 values

Hi everyone, after a search with some eval e rex commands, I end up in a table like this: ID --- FIELD(1) --- F...

by Engager in

Need help with Splunk Query

Hi What I have: I have a list of events with multiple <Key,Value> pairs. For eg., like below event1:attr...

by Explorer in

Splunk Search regex

Hello, My first post!!! I have a bunch of results that show up when searched. One of the example is Aug 5 19:...

by Engager in

How to combine multiple stats searches and get a result?

I have two individual stats searches that return a single value each. How can I combine the two to get a ratio? The...

by Path Finder in

Create an alert if error rate is over 10 ( or X number ) for 15min continusly.

Hi There, I have this query that reports the status code error rates. index=apache_core userAgent!="nginx/*"...

by Explorer in

How to replace URL string with a hyperlink in splunk?

Hi Everyone, I have a search query as below: index=xyz sourcetype=uio source="user.log" process (Type ="*")...

by Motivator in

Help in Regex

Hi Team, I have one requirement : I have multiple URL'S some contain id and some dont contain id's URL'S Exampl...

by Motivator in

How to extract portion of the string using Regex

Hi Eveyone, Can anyone help me out in this. I have a field name Request_URL as = https://xyz/api/groups/230df0...

by Motivator in

Using a different time picker on an inner query

I'm working on dashboard in which I would like to compare data across two different time periods. (I posted a previo...

by Path Finder in

Create a new field with categorical values for visualization

I would like to create a new field, FlagSC, based on the value of sc_status. The new field should have a value of "...

by Path Finder in

How to search a exception in splunk which didn't occurred in past

by Observer in

array

HelloI have log like belowFEATURES_USING=[tokenValidatorInfo=false, requestValidationRequired=false, requestPayloadVa...

by Explorer in

splunk

I have a dashboard like below screenshot When I click on 1.0.9-SNAPSHOT(which is hightighted with blue colou...

by Explorer in

lookup the fields in a different index

I have a splunk query in paloalto data (index=idx_paloalto) something like this: index=idx_paloalto sourcetype=pan:...

by Explorer in

Compare percentages with a week ago

Hello all, I'm trying to put together a dashboard that - among other things - compares the success rate of various tr...

by Path Finder in

Inputlookup used twice in 1 search with a NOT

I have a problem with a 2nd NOT inputlookup that doesn't work. If I break out of the 2nd inputlookup and run this wi...

by Contributor in

Comparing contents of separate but related events

Hi, I am trying to find the best way to query events based on windows event log 7036 , around status of a service. ...

by Explorer in

json

Hi I have a log like below which is having jsonFEATURES={ "featureDetails":[ { "featureName":"TOKEN_VALIDATION", "add...

by Explorer in

Search&Reporting的“数据摘要”无法显示“主机/来源/来源类型”

使用的版本： splunk:6.2.2 splunkforwarder:6.2.2 问题： 索引-当前大小/事件计数/最晚的事件：都显示有数据，而应用：Search&Reporting的“数据摘要”无法显示“主机/来源...

by New Member in

Time based counting.

Hi All, need your help in getting the count correct for the below table. Table: Timesitecodecount2020-08-21FAW...

by Communicator in

How to color a panel if the result is not equal a specific datetime ?

Hi, My issue is : I have a panel like that : what I want is to change dynamically the color (red for e...

by Builder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Count requests that start, but don't finish

using append with mstats and eval

array

latest

grouping and counting rows with respect to 2 values

Need help with Splunk Query

Splunk Search regex

How to combine multiple stats searches and get a result?

Create an alert if error rate is over 10 ( or X number ) for 15min continusly.

How to replace URL string with a hyperlink in splunk?

Help in Regex

How to extract portion of the string using Regex

Using a different time picker on an inner query

Create a new field with categorical values for visualization

How to search a exception in splunk which didn't occurred in past

array

splunk

lookup the fields in a different index

Compare percentages with a week ago

Inputlookup used twice in 1 search with a NOT

Comparing contents of separate but related events

json

Search&Reporting的“数据摘要”无法显示“主机/来源/来源类型”

Time based counting.

How to color a panel if the result is not equal a specific datetime ?

AppDynamics Summer Webinars

SOCin’ it to you at Splunk University

Credit Card Data Protection & PCI Compliance with Splunk Edge Processor

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Joining records in a table

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

Splunk Search

Are you a member of the Splunk Community?

Discussions