Splunk Search

Community Activity

	How do I find internal and external ip addresses of splunk universal forwarder? Hi there, I have a use case to query internal and external ip addresses of the host which has UF installed. I am usin... by snakhuda Engager in Splunk Search 11-17-2025 0 13	0	13
	What capabilities are required for the "sendemail" search command? The ability for many things in Splunk is controlled by capabilities applied to roles/users. In order for a user to ut... by athoma31 Explorer in Splunk Search 11-17-2025 0 3	0	3
	Outputlookup followed by stats command causes extra column to be generated Hello, I came across some unexpected search behaviour today.When using the outputlookup command followed by a stats c... by Anders333 Explorer in Splunk Search 11-16-2025 0 2	0	2
	Forward logs from Splunk A to Splunk B, restricted to hosts within a specific index. I have a Splunk server (Splunk A) with indexes named var_log_***, which contain logs from both UAT and Prod hosts. I’... by quangtran Explorer in Splunk Search 11-16-2025 0 3	0	3
	Configuration initialization took longer than expected when dispatching a search I must admit what is happening makes no sense. Take this error for example:[OurIndexer01,OurIndexer02,OurIndexer03] C... by Gregski11 Contributor in Splunk Search 11-13-2025 0 2	0	2
	Why are not all field values are extracted for long JSON files? Hi, I am trying to ingest long JSON files into my Splunk index, where a record could contain more than 10000 characte... by wu_weidong Path Finder in Splunk Search 11-12-2025 0 9	0	9
	disable automatic search execution when time ranges change some datasets are large and when configuring an spl and changing the time range picker, it triggers the search to run... by lady_bl00dst0n3 New Member in Splunk Search 11-11-2025 0 3	0	3
	Replace parts of a string where values of a multivalue field match Unfortunately, I've hit the limit of my Splunk knowledge again, and I need some help. I'm attempting to write a searc... by dtaylor Path Finder in Splunk Search 11-09-2025 0 1	0	1
	Trying to filter a log using another log with same index Hello. I have an index="index", and if I add a field to the search, such as index="index" errorCode, I retrieve logs ... by chimuru84 Path Finder in Splunk Search 11-05-2025 0 10	0	10
	Datamodel autoextractSearch Hi community,When using datamodels, is it possible to remove/exclude the portion of the autoextractSearch: \| search (... by hank72 Path Finder in Splunk Search 11-04-2025 0 6	0	6
	Compare query to lookup table but don't print if the results are in the lookup table. index=web host!="TEST" \| rare limit=10 http_user_agent,c_ip,src,X_Forwarded_For,host ```\|lookup static_assets ip as... by hl Path Finder in Splunk Search 11-03-2025 0 3	0	3
	Visually correlate two searches by field and count There is an async process that logs first when something is created, then again when it is picked up by a service tha... by Ted-Splunk Engager in Splunk Search 10-31-2025 0 2	0	2
	Search to Provide Days in Hot/WarmDB In our environment, we have a CIFS share that is used to store all colddb. Warm is rolled to cold when the hot/warm ... by jodros Builder in Splunk Search 10-30-2025 0 8	0	8
	Extracted field in fast mode Hello, i try to understand the "fast mode" compared to the "smart" and "verbose mode" in relation to field extracti... by jariw Path Finder in Splunk Search 10-29-2025 0 11	0	11
	Alert Triggered Action: Dashboard Studio Snapshot I understand that it is currently possible to schedule the export of a Dashboard Studio dashboard in PDF or PNG forma... by josemanm12 Engager in Splunk Search 10-27-2025 0 2	0	2
	AuthorizationManager related error messages. 10-27-2025 03:21:21.006 WARN AuthorizationManager [28813 MainThread] - Capability 'use_file_operator' is not recogn... by dm1 Contributor in Splunk Search 10-27-2025 0 2	0	2
	Deployment Server Does Not Replace Existing Lookup CSV Files I am using the deployment server to push configurations to the search heads. All the .conf files are successfully dep... by JanYang Loves-to-Learn Lots in Splunk Search 10-23-2025 0 12	0	12
	Windows Session Tracking Hello, I am trying to build a search to identify windows user sessions. The main goal was a list/track of users who d... by dfarr Explorer in Splunk Search 10-22-2025 0 1	0	1
	Does Splunk have a logomark? Hi all, I’m working on a uni project where I need to represent Splunk visually alongside other tools that all have ic... by automation2704 New Member in Splunk Search 10-21-2025 0 1	0	1
	Compliance Dashboard I would like to create a search or a series of searches to retrieve all of my Windows Servers from LDAP. After obtain... by Foolish_Rogue Engager in Splunk Search 10-17-2025 0 1	0	1
	Splunk UI misbehavior for the parsing of the logs I've noticed in the last days, after the deployment process is done we are having some problems when making searches ... by DionisMjeku Engager in Splunk Search 10-15-2025 0 3	0	3
	Help me with splunk query to monitor CPU and Memory utilized by splunk adhoc and alert searches Help me with splunk query to monitor CPU and Memory utilized by splunk adhoc and alert searches by cogh3o New Member in Splunk Search 10-15-2025 0 2	0	2
	Some fields are not extracted in json i have json event in that some fields not extracting properly when i am table i am not getting some field after messa... by chandrasekhar46 Loves-to-Learn Everything in Splunk Search 10-15-2025 0 6	0	6
	How to exclude files from results using a lookup table with wildcard support? Hi Splunk Community,I'm working on a search that analyzes an index containing records of file activity. Each event in... by Splunked_Kid Explorer in Splunk Search 10-14-2025 0 5	0	5
	How to convert selected fields to FQDN All,Anybody got idea on the below selected fields on how convert to FQDN? Seems lookups/dnslookup are not possible be... by jfmph_ Explorer in Splunk Search 10-14-2025 0 6	0	6