Splunk Search

Ask a Question

Discussions

Thread Info

Search to find the total number of ALL searches across the deployment in 24h

Hi there, Any thoughts on how I can get a list/count of all searches, both saved/ad-hoc etc that run on all servers...

by Builder in

Strip datetime and group by filename

Hello, I have the following logs from Cron File successfully sent - AllOpenItemsPT_YYYYMMDD_HR-MM.csv.zip @08:00 ...

by Explorer in

CLI search with FATAL: The search job terminated unexpectedly

Hello, I try to export a large log with CLI search below. It works well with a smaller log return, but giving error...

by Contributor in

Looping in Splunk Query

Hello Everyone. I have a traceability report as below Parent Child A B A C B D C E C F Where as I have create t...

by New Member in

Adding a field to the table Lookup if there is no value

Hello community. There were a lot of questions of cases with lookups, but something among them I did not find my an...

by Loves-to-Learn Everything in

Jenkins pipeline stage.children information not available

Hi, Below is the information about the environment im working on, Jenkins Version : 2.222.1 Splunk-devops plugin ...

by New Member in

How to find differences between two searches with "set diff" command?

Hi, It's been more than a week that I am trying to display the difference between two search results in one field ...

by Communicator in

Combined queries, matching unique rex values and comparing

Hi all, I've got two queries I'm trying to combine to track authorizations that are completed, or expire after a pe...

by Explorer in

How to compare two scan results from two different dates and display the differences from one index?

I am new to splunk. I need to find the difference in the two scan results from two different dates. Someone suggested...

by Explorer in

Dynamic Heading for dropdown

We have many dashboards of having different field name but similar query logic. So the heading changes for each dashb...

by Path Finder in

search using Inputlookup with wildcard field - unable to retain wildcard key in result

I am using inputlookup in a search query and search key in table (test.csv) has wildcard as shown below. FILENAMEEM...

by Explorer in

Passing a search result as a parameter in custom alert action

I have a custom add-on in the works and when I test with a username the script works create I am however stuck on try...

by Explorer in

running a script saved in SPLUNK_Home/bin/scripts import issues

Trying to set up a script to add a users to an AD group, got the script working on my computer and when I try to add ...

by Explorer in

Corrupted fields problem

I have a problem on this search below for last 25 days: index=syslog Reason="Interface physical link is down" OR R...

by Path Finder in

bullet points in date value and can't strptime()

For some reason there are invisible bullet points being extracted from the windows event message and I cant seem to b...

by Path Finder in

I want to write a search that should give me certain values at certain time

Hi, I am expecting an event at 7:15 and I want write a search that should give me results as below: If event ...

by Explorer in

Identify Unique events across all fields for different time

Hi, Below is my result after doing, xyseries Date_Time,APPROVAL_STATUS,ACT_UW_COUNT Date_TimeAPPROVEDBACK TO SAL...

by Observer in

Read character data where <results> or <response> was expected

Hi I'm using .Net (Splunk.Client) to search splunk data (firewall logs). Code is similar to this: usi...

by New Member in

Chart count with timespan

I have a query that produce a sample of the results below. DateTimeNamespaceType18-May-20sys-uatCompliance5-May-20e...

by Explorer in

How to populate multiple fields from lookup csv into search results

Hi, I am needing to pull multiple fields from a lookup CSV into the results from a proxy search Primary search is...

by New Member in

Not Getting result while trying to pass result of one query to other

Hi All, I'm trying to pass result of one query to other. but not able to achieve this. Can someone help on this. ...

by Communicator in

How to rank dynamic scores with ties in Splunk?

I have dynamic number of scores that I wanted to be ranked. For example I have 5 scores - 100, 100, 99, 98, 98. The t...

by New Member in

need to create separate field which will show rank based on event Count

ComputerName Events Rank ABC 100 1 BCD 200 2 CDE 300 3 i need to crea...

by Explorer in

multiselect table rows

Hi, I am currently trying to multi-select table rows. So basically I want to select multiple rows and on selction ,se...

by Super Champion in

Global time picker on the dashboard not working on savedSearch

I have 2 saved searches (non-transforming) on my dashboard and those are set to run every morning collecting data for...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Search to find the total number of ALL searches across the deployment in 24h

Strip datetime and group by filename

CLI search with FATAL: The search job terminated unexpectedly

Looping in Splunk Query

Adding a field to the table Lookup if there is no value

Jenkins pipeline stage.children information not available

How to find differences between two searches with "set diff" command?

Combined queries, matching unique rex values and comparing

How to compare two scan results from two different dates and display the differences from one index?

Dynamic Heading for dropdown

search using Inputlookup with wildcard field - unable to retain wildcard key in result

Passing a search result as a parameter in custom alert action

running a script saved in SPLUNK_Home/bin/scripts import issues

Corrupted fields problem

bullet points in date value and can't strptime()

I want to write a search that should give me certain values at certain time

Identify Unique events across all fields for different time

Read character data where <results> or <response> was expected

Chart count with timespan

How to populate multiple fields from lookup csv into search results

Not Getting result while trying to pass result of one query to other

How to rank dynamic scores with ties in Splunk?

need to create separate field which will show rank based on event Count

multiselect table rows

Global time picker on the dashboard not working on savedSearch

Introduction to Splunk AI

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

Maximizing the Value of Splunk ES 8.x

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions