Splunk Search

Thread Info

Including O365 UserAgent data in search

Hi all, I'm having trouble getting O365 UserAgent data to show up in a search. Currently, my search looks like: ...

by New Member in

lookup field value case sensitivity

While field values are not case sensitive by default on Splunk, when we use lookups the default setting for the field...

by Observer in

Search results are not wrapping, can't scroll right.

I have searched for some traps. The results are not wrapping and I can't scroll any further right. The only way I can...

by Engager in

How to Left Join is NULL

I just want to get the left cluster (only Table A )as below picture. How should Splunk search be? tu.

by New Member in

No result is showing when i enter the following code .

I am trying to generate report using the following command but it is not showing any result . i just want to make sur...

by New Member in

How to get the top 10 values using timechart?

Hi, I have this query and it works just fine index=blah1 OR index=blah2 OR index=blah3 host=*media* "/fileUploa...

by Motivator in

Issue with displaying CPU, Mem & Disk data on the dashboard of Template for Citrix XenDesktop 7

Hi, I have deployed the Template for Citrix XenDesktop 7 with the TA-XD7-Broker add-on deployed on the brokers. Ho...

by Path Finder in

How to put data in table format

Name :Test "extensionData": { "entries": [ { "key": "machinesTotal", "value": { "type": "integer", "value": 7 } }, { ...

by New Member in

I have added the Splunk search to my default.xml. Is it possible to only allow this to appear in the navigation bar for admins?

Example of search in nav bar: I only want the Search to be viewable by admins. I have looked at other Splunk ques...

by New Member in

Combine 2 searches with 2nd search dependent on first

I am trying to combine 2 searches into one. However, the results for the 2nd search should only return if there are r...

by Path Finder in

Adding vertical bars from one search to a timechart from another search

I've got a line timechart of some data based on one search. I'd like to take another search and add vertical lines/ba...

by Explorer in

Response Time from Splunk Logs using Transaction starts with and within an single event

I am trying to calculate the duration/timetaken between 2 strings in an event using transaction starts with and endsw...

by Engager in

Some time questions.

I'm working on a financial data dashboard, and i have a few panels that pull data from last year relative to this yea...

by Builder in

if one field is returning null value then how do i get all the fields to return null value

Hi Guys, I have one search query which is combining two Searches and giving results. But based on the condition...

by Path Finder in

Field extraction using props.conf and transforms.conf

Hello, This is what my field extraction looks like in the GUI: Name- source::/home/user/logs/* : EXTRACT-request_i...

by Explorer in

Navigations

Can anyone help me with navigation's, I have created 2 app's. In test app i have a dashboard , when i clicked my pane...

by New Member in

What is a good convention for config file organisation?

Something to ponder while working from home... I am planning on storing and managing my config files in Git. We r...

by Explorer in

Percentage of two calculated search values

don't hate me @to4kawa But can you help me one last time! Ive been stuck for a few hours trying to figure out how...

by Path Finder in

How to handle staggered logs

Hi , Basically their server send logs one line at a time. When it came to Splunk it ingest automatically and not fol...

by Builder in

Change the time format in time chart tool tip

We have time-chart visualization on a dashboard. The events are uploaded manually on last day of every month with tim...

by Path Finder in

Can the Splunk OS TAs capture time?

Apparently, the Splunk OS TAs don't capture time and if there are index time delays, _time would be skewed and actual...

by Motivator in

filtering in search also that filter value display one of the filed of stats or table column

I have query like below index="us_west_prod_power_platform" sourcetype="spark:metric" metricName="HRTBT_LHIST_METR...

by New Member in

Submit Button not working correctly

Hi Splunk Team, I am using a dropdown input form. Corresponding to a value of dropdown, it should show panel. But...

by New Member in

Calculate total count difference per day

I have a set of data like the below total=2000 date=2020-04-29 total=1975 date=2020-04-28 total=1951 date=20...

by Communicator in

Copy field to another event

Hello, I'm searching doing a search in splunk for the "request_id" field. For example: request_id = "XXXXXXX" It r...

by Explorer in

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Splunk Search

Discussions

Including O365 UserAgent data in search

lookup field value case sensitivity

Search results are not wrapping, can't scroll right.

How to Left Join is NULL

No result is showing when i enter the following code .

How to get the top 10 values using timechart?

Issue with displaying CPU, Mem & Disk data on the dashboard of Template for Citrix XenDesktop 7

How to put data in table format

I have added the Splunk search to my default.xml. Is it possible to only allow this to appear in the navigation bar for admins?

Combine 2 searches with 2nd search dependent on first

Adding vertical bars from one search to a timechart from another search

Response Time from Splunk Logs using Transaction starts with and within an single event

Some time questions.

if one field is returning null value then how do i get all the fields to return null value

Field extraction using props.conf and transforms.conf

Navigations

What is a good convention for config file organisation?

Percentage of two calculated search values

How to handle staggered logs

Change the time format in time chart tool tip

Can the Splunk OS TAs capture time?

filtering in search also that filter value display one of the filed of stats or table column

Submit Button not working correctly

Calculate total count difference per day

Copy field to another event

Detecting Brute Force Account Takeover Fraud with Splunk

Buttercup Games: Further Dashboarding Techniques (Part 9)

Buttercup Games: Further Dashboarding Techniques (Part 8)

Search for triggered save searches and their actio...

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Using Machine Learning Toolkit to detect auth abus...

Proactively stream data to different index after C...

Splunk Search

Are you a member of the Splunk Community?

Discussions