Splunk Search

Discussions

Thread Info

DB Connect - another "index 1 is out of range" - how to fix it?

Trying to pull specific fields out of the database tables "LastContact" and listing the output with a timestamp (Last...

by Explorer in

How do I do sparklines based on lookup table data

Trying to create a sparkline from data in a lookup table monitor_user_traffic.csv has fields -user -traffic_dest_i...

by Builder in

Why Isn't My String Value (a multivalue field) Being Converted to a Number?

Hello, I've checked many of the Answers pages, but to no avail. In my table, the value "appears" to be converted f...

by Builder in

How can I get the occurrence of a field in events as a percentage, when the field names are unknown (dynamic per event)?

I have events with JSON in them and I need to know what % of the time each field appears. The fieldset in the even...

by Explorer in

GeoLite IPLocation discrepancy

Good Afternoon everyone! We seem to be encountering a discrepancy with our IPLocation database. We're running Splu...

by Explorer in

permissions are not granted for Office 365 Management Activity API and permissions are not granted for ThreatIntelligence Read

not able to get logs into splunk regarding O365 Management activity and threatintelligence. due to this MSO365 app fo...

by New Member in

delta command doesn't return accurate results if i have multiple delta in the search

My search is index="xxx" sourcetype="yyy" topic=IN* | stats list(message_count) as message_count by _time topic | x...

by New Member in

rex command help...

Hi All, my data is like below-- I want to extract when it has string ignore numbers 853727-gcplusrspcndb01.usa....

by Motivator in

How can I list all the scheduled searches?

We have some spikes for concurrent search jobs? therefore, how can I list all the scheduled searches for a given mome...

by Motivator in

How to change the timechart x-axis label

I did a timechart and span= 1w, my time range is from Jan1. 2020(Wednesday) but the label on x-axis is Mon Dec30. 201...

by New Member in

Looking for way to explain why subsearches are so slow

I've seen it suggested before and definitely have witnessed myself that for searches involving any significant amount...

by Path Finder in

change x axis value

hi i plot a graph in the dashboard, the x axis is series from 1 to 2001 i want to replace 1-2001 to 500-3000 (yes, th...

by Path Finder in

Prevent Horizontal Overflow in TableView

Hello, I am using the Splunk Web Framework TableView Component on a custom dashboard. I have enabled the "wrap" pr...

by Path Finder in

validate access to knowledge object

Good afternoon I am trying to perform an audit of the environmental lookups and I need to know if there is any que...

by Path Finder in

How to search and isolate any multifields that equal true

Hi all, I am racking my brains on this one. The business has built field names containing years and volumes in t...

by New Member in

How to only keep the rows related with process

Hello, in the below data I have a lot of processes and the ParentProcesses of them. I would like to keep only the ro...

by Loves-to-Learn in

Lookup vs join with inputlookup

We were testing performance and for some reason a join with an inputlookup is faster than a direct lookup. Sample que...

by Path Finder in

How to export the key and values in a CSV format

cf_app_id: *****************88 cf_app_name: ***********888 cf_ignored_app: false cf_org_id: ***************8888888888...

by New Member in

Splunk Query provided wrong results

Hello, Splunk query provided in correct responses. I have A query which filters the data on a specific day and pr...

by New Member in

Why is conditional stats count not working with basic example?

The following query is pulled directly from the Splunk documentation and for whatever reason always returns 0, even w...

by Builder in

lookup table question

Hello everyone. Question: I'm periodically given a .csv file provided to me from a team in my company.I need to...

by Path Finder in

Field extraction for Log File Entries with Pipe delimiters

Hi, I have a log file I am monitoring. Log file entries have pipe delimited field entries as below: LE Variatio...

by Builder in

How to calculate percentage based on 2 different searches?

Greetings to the pro's, I have 2 panels, one brings me the Total Active Hosts and the other brings me the Total Ho...

by Engager in

Lookup file data in a search string

Hi , I have following search string , where Username field is extracted using rex command . Now I want to use a l...

by Path Finder in

Compare Lines in a Single Field

Hello All, Is there a way in a Splunk search to iterate through a multiline field and do stats on each value/each...

by New Member in

Get Updates on the Splunk Community!

Splunk Search

Discussions

DB Connect - another "index 1 is out of range" - how to fix it?

How do I do sparklines based on lookup table data

Why Isn't My String Value (a multivalue field) Being Converted to a Number?

How can I get the occurrence of a field in events as a percentage, when the field names are unknown (dynamic per event)?

GeoLite IPLocation discrepancy

permissions are not granted for Office 365 Management Activity API and permissions are not granted for ThreatIntelligence Read

delta command doesn't return accurate results if i have multiple delta in the search

rex command help...

How can I list all the scheduled searches?

How to change the timechart x-axis label

Looking for way to explain why subsearches are so slow

change x axis value

Prevent Horizontal Overflow in TableView

validate access to knowledge object

How to search and isolate any multifields that equal true

How to only keep the rows related with process

Lookup vs join with inputlookup

How to export the key and values in a CSV format

Splunk Query provided wrong results

Why is conditional stats count not working with basic example?

lookup table question

Field extraction for Log File Entries with Pipe delimiters

How to calculate percentage based on 2 different searches?

Lookup file data in a search string

Compare Lines in a Single Field

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

Cloud Platform & Enterprise: Classic Dashboard Export Feature Deprecation

Using splunk-sdk in user-defined functions in Spar...

Verification of SAML assertion using IDP's cert fa...

ジョブを消しても復活する現象について

splunk threat intelligence taxii data

Splunk DB connect add-on InfluxDB 2.6