Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Splunk Search
Splunk Search
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 |  Hi all - I am trying to create what I would think is a relatively simple conditional statement in Splunk. Use Case: I... by Memphis Explorer in Splunk Search 06-20-2024 0 4 | 0 | 4 | |
| | I want to exact a string 'GUID" from the log right after "customers". This regex expression works in https://regex101... by jrowland1230 Explorer in Splunk Search 06-20-2024 0 4 | 0 | 4 | |
| |    this is the log data i want a report like this: my current query is :index="webmethods_prd" source="/apps/WebMethods... by avikc100 Path Finder in Splunk Search 06-20-2024 0 2 | 0 | 2 | |
| | Hi community, can anyone help me figure out the log which Get incorrect data after Update(both get and update will lo... by EricMonkeyKing Explorer in Splunk Search 06-20-2024 0 2 | 0 | 2 | |
| | My application is a backend web service. All events in a request contain the same value for a "req_id" field.I have a... by illuminatedaxis Engager in Splunk Search 06-19-2024 0 2 | 0 | 2 | |
| | How to find difference of the time in days and hours respectively between Event time of the data and current time?For... by akgmail Explorer in Splunk Search 06-19-2024 0 5 | 0 | 5 | |
| | Lets say we have the following data set: Fruit_ID Fruit_1 Fruit_2 1 Apple NULL 2 Apple NULL 3 Apple NULL 4 Oran... by RonWonkers Path Finder in Splunk Search 06-19-2024 0 4 | 0 | 4 | |
| | Hi All,Need some help with SPL query to compare the data from same host on 2 different dates and give me a status as ... by KulvinderSingh Path Finder in Splunk Search 06-19-2024 0 1 | 0 | 1 | |
| | Coming from SQL, I want to do stuff like GROUP BY and HAVING ...The data is available with a transaction identifier.G... by cjoelly Loves-to-Learn in Splunk Search 06-18-2024 0 3 | 0 | 3 | |
| | | dedup _raw | where NOT MsgId=="AUT22673" OR MsgId=="AUT23574" OR MsgId=="AUT20915" OR MsgId=="AUT22886" What am I... by jsven7 Communicator in Splunk Search 06-18-2024 1 9 | 1 | 9 | |
| | I need to filter a part of a log using regex, I have the following loglog: {dx.trace_id=xxxxx, dx.span_id=yyyyy, dx.t... by jose_sepulveda Loves-to-Learn in Splunk Search 06-18-2024 0 6 | 0 | 6 | |
 | Thank you everyone for taking the time to ready this. I am new in Splunk and interested in learning more. I have a pr... by sgtwolf1 Explorer in Splunk Search 06-18-2024 0 1 | 0 | 1 | |
| | Hello, my current search is index=winsec source=WinEventLog:Security EventCode=6272 | eval date_hour = strftime(_ti... by Cmiddleton-oppd Explorer in Splunk Search 06-18-2024 0 4 | 0 | 4 | |
| | I asked in a previous thread for help to get response time based on time differential between two events connected by... by Silah Path Finder in Splunk Search 06-18-2024 0 2 | 0 | 2 | |
 | Hi,I have a search as below. I want to find count of recipients by action where how many users received the email vs ... by Woodpecker Path Finder in Splunk Search 06-18-2024 0 1 | 0 | 1 | |
| | Hello team ,I am trying to create macro and than use in my splunk dashboard . The purpose is to get time of entered i... by abhinav_go Explorer in Splunk Search 06-18-2024 0 3 | 0 | 3 | |
| | I've seen the documentation which says "by default subsearches return a maximum of 10,000 results and have a maximum ... by quadrant8 New Member in Splunk Search 06-18-2024 0 1 | 0 | 1 | |
| | Hi Team I have this requirement .Could you please help me on it .Here is my question I wanted to get result for Pa... by Anushuba New Member in Splunk Search 06-18-2024 0 1 | 0 | 1 | |
| | Hello Team,I need assistance with joining 2 SPL queries to get the desired output. Refer the below log snippet:As per... by shashankk Communicator in Splunk Search 06-17-2024 0 4 | 0 | 4 | |
| | How i update the test_MID_IP.csv with the output IP, so that next time it runs with updated listindex=abc IP!="10.*"... by RahulMisra1 Explorer in Splunk Search 06-17-2024 0 3 | 0 | 3 | |
 | Hi there,I am trying to get some data from MS Defender into a Splunk query. My original KQL query in azure contains |... by heskez Engager in Splunk Search 06-17-2024 0 1 | 0 | 1 | |
| | Hello, I have a lookup table where a list of MAC addresses are listed with the associated Vendors; basically an iden... by leykmekoo Explorer in Splunk Search 06-17-2024 0 6 | 0 | 6 | |
| | My logs output two consecutive lines in the case of a connection timeout: ... CONNECTION-x.x.x.x:y: connect() timeou... by Sphere991 New Member in Splunk Search 06-17-2024 0 1 | 0 | 1 | |
| |  Hello,How can I get all the pod names with a query where the value will be in between 1.5 - 2.5. I can share a sample... by Ron1999 New Member in Splunk Search 06-17-2024 0 1 | 0 | 1 | |
| |  In the indexer, the search for data returns a timeline and details.The timeline is always green: This is fine for que... by Marmar Observer in Splunk Search 06-16-2024 0 5 | 0 | 5 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Become An Expert
Top Labels
-
administration
3 -
alert action
3 -
alert condition
2 -
Analytics Workspace
2 -
authentication
1 -
chart
946 -
Classic dashboard
1 -
configuration
2 -
correlation search
1 -
count
1,007 -
Dashboard Studio
3 -
data
3 -
data model
1 -
development
6 -
distributed search
1 -
drilldown
1 -
email
1 -
eval
2,616 -
field extraction
2,022 -
fields
2,064 -
host
1 -
index
4 -
indexer
2 -
inputs.conf
1 -
intermediate forwarder
1 -
introduction
5 -
join
1,060 -
JSON
2 -
Linux
2 -
login
1 -
lookup
1,566 -
metadata
310 -
monitoring console
2 -
other
183 -
panel
2 -
PDF
1 -
Python
1 -
regex
1,499 -
report acceleration
2 -
rex
1,250 -
SAML
1 -
saved search
5 -
scheduled search
4 -
scripted input
1 -
search
2 -
search head
3 -
search job inspector
685 -
search peer
1 -
simple XML
1 -
source
1 -
sourcetype
4 -
Splunk Web Framework
1 -
splunk-assist
1 -
splunkd
1 -
stats
3,565 -
subsearch
1,732 -
summary indexing
4 -
table
1,755 -
time
1 -
timechart
1,158 -
transaction
453 -
transforms.conf
1 -
troubleshooting
8 -
tstats
569 -
universal forwarder
5 -
using Splunk Cloud
2 -
using Splunk Enterprise
13 -
Windows
3
- « Previous
- Next »
Get Updates on the Splunk Community!
Deep Dive: Accelerate threat investigation with Splunk’s AI Assistant in Security
AI is one of the biggest topics in the market today, and for security teams, its value goes far beyond the ...
Announcing Modern Navigation: A New Era of Splunk User Experience
We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...
Detection Engineering Office Hours: Real-World Troubleshooting & Q&A
[REGISTER HERE] This thread is for the Community Office Hours session on Detection Engineering Office Hours: ...
Unanswered Topics
