Splunk Search

Discussions

Thread Info

How to change the timechart x-axis label

I did a timechart and span= 1w, my time range is from Jan1. 2020(Wednesday) but the label on x-axis is Mon Dec30. 201...

by New Member in

Looking for way to explain why subsearches are so slow

I've seen it suggested before and definitely have witnessed myself that for searches involving any significant amount...

by Path Finder in

change x axis value

hi i plot a graph in the dashboard, the x axis is series from 1 to 2001 i want to replace 1-2001 to 500-3000 (yes, th...

by Path Finder in

Prevent Horizontal Overflow in TableView

Hello, I am using the Splunk Web Framework TableView Component on a custom dashboard. I have enabled the "wrap" pr...

by Path Finder in

validate access to knowledge object

Good afternoon I am trying to perform an audit of the environmental lookups and I need to know if there is any que...

by Path Finder in

How to search and isolate any multifields that equal true

Hi all, I am racking my brains on this one. The business has built field names containing years and volumes in t...

by New Member in

How to only keep the rows related with process

Hello, in the below data I have a lot of processes and the ParentProcesses of them. I would like to keep only the ro...

by Loves-to-Learn in

Lookup vs join with inputlookup

We were testing performance and for some reason a join with an inputlookup is faster than a direct lookup. Sample que...

by Path Finder in

How to export the key and values in a CSV format

cf_app_id: *****************88 cf_app_name: ***********888 cf_ignored_app: false cf_org_id: ***************8888888888...

by New Member in

Splunk Query provided wrong results

Hello, Splunk query provided in correct responses. I have A query which filters the data on a specific day and pr...

by New Member in

Why is conditional stats count not working with basic example?

The following query is pulled directly from the Splunk documentation and for whatever reason always returns 0, even w...

by Builder in

lookup table question

Hello everyone. Question: I'm periodically given a .csv file provided to me from a team in my company.I need to...

by Path Finder in

Field extraction for Log File Entries with Pipe delimiters

Hi, I have a log file I am monitoring. Log file entries have pipe delimited field entries as below: LE Variatio...

by Builder in

How to calculate percentage based on 2 different searches?

Greetings to the pro's, I have 2 panels, one brings me the Total Active Hosts and the other brings me the Total Ho...

by Engager in

Lookup file data in a search string

Hi , I have following search string , where Username field is extracted using rex command . Now I want to use a l...

by Path Finder in

Compare Lines in a Single Field

Hello All, Is there a way in a Splunk search to iterate through a multiline field and do stats on each value/each...

by New Member in

How to extract values from my sample log?

Hi can you help us to extract values from log like ACTION, URI and response_time i used extract kvdelim=":" pairde...

by Communicator in

Line chart group by month

Hi, I am sorry I am very new to the splunk and I am struggling with the results I want to get. I have a query that pr...

by New Member in

wanna show the of the job as it is untill its changes its status

Hi Team I have following details One of autosys job is running for 20 hours with the status recording in the lo...

by Explorer in

Displaying unwanted user names on the output

Below is my code and I want to display only "Druv" Failed logins. But, I see the user name 'None' , 'Karla' and other...

by Explorer in

Compare two different tables from different sources and get the matching and non matching

Hi All, Hope you all are doing good. I have to check 2 table from different sources and get a new table where i...

by Explorer in

INGEST_EVAL field returning no results

Hello i have this configuration in transforms.conf: [adjust_flight_fields] INGEST_EVAL = flight_id=Designator.Flig...

by Communicator in

reverse wildcard lookup from event field in index

Hello Everyone I am trying to see if i can pass an event field over to a lookup attached with a wildcard (reverse...

by Explorer in

Eval Time_Diff

I am having trouble getting a result to appear for the below query. I am trying to produce a column showing time_diff...

by New Member in

To what degree does chaining (or nesting) automatic lookups actually work?

Example: Say I have two lookups A and B. Let's say they're both file-based lookups (even though I don't think it act...

by SplunkTrust in

Get Updates on the Splunk Community!

Splunk Search

Discussions

How to change the timechart x-axis label

Looking for way to explain why subsearches are so slow

change x axis value

Prevent Horizontal Overflow in TableView

validate access to knowledge object

How to search and isolate any multifields that equal true

How to only keep the rows related with process

Lookup vs join with inputlookup

How to export the key and values in a CSV format

Splunk Query provided wrong results

Why is conditional stats count not working with basic example?

lookup table question

Field extraction for Log File Entries with Pipe delimiters

How to calculate percentage based on 2 different searches?

Lookup file data in a search string

Compare Lines in a Single Field

How to extract values from my sample log?

Line chart group by month

wanna show the of the job as it is untill its changes its status

Displaying unwanted user names on the output

Compare two different tables from different sources and get the matching and non matching

INGEST_EVAL field returning no results

reverse wildcard lookup from event field in index

Eval Time_Diff

To what degree does chaining (or nesting) automatic lookups actually work?

Observe and Secure All Apps with Splunk

Splunk Decoded: Business Transactions vs Business IQ

Fastest way to demo Observability

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions