Splunk Search

Discussions

Thread Info

URGENT REQUEST: how to pull specific values from given query?

sourcetype=abc "responseStatus=500" "abc.xyz.logging.yyyy.zzzzz" "cccccccccccccc88888883333hhhh" | rex field=_raw "\"...

by Path Finder in

How to extract a word from raw data in Splunk using rex

SVSCPLEX,S0W1,S0W1.DAL-EBIS.IHOST.COM,SYSLOG,zOS-SYSLOG-Console,SYSLOG,-0400,NE,001C,19283 01.21.46.880 -0500,S0W1 ,J...

by Explorer in

How to format a website/service downtime duration calculation results

Hi all, I have the below dataset for a website. Time,title, response code 01/10/2019 08:22 ABC_PORTAL 200 01/10/2...

by Builder in

How to send a single email to multiple email id mentioned in different rows of the table

Hi All I have following table as outcome of my query :- Name lastname Emailid A D abc@gm.com, xyz@redif.com B E...

by Path Finder in

Compare two lookup tables

Hello all... I have to compare two lookup table files in splunk. One is a list of hosts that should Be logging, and t...

by Builder in

Return value based on another field using a muilti-value field

Here is my data in the table: Index Field1 Field2 1 0 A,B,C 1 -5 D,E,F 1 -10 G,H,I I have a complex query that ...

by New Member in

How to compare fields value with old fields value

I am trying to make a search that will compare the fields value with the old fields value to determine if there is an...

by New Member in

Can't MAP a host field with IN clausole in a map searching

As in object, it's a strange behaviour, i can't use an IN clausole with host field in a map search. Here's my sear...

by Builder in

Upgraded from 7.2.6 to 7.3.2, "upload lookup" shows 404 error

we recently upgrade our fairly large deployment of Splunk from version 7.2.6 to 7.3.2, and our users are unable to op...

by Splunk Employee in

What are the basics for using the Splunk search interface?

I'm new to Splunk. What are some basics I need to know about the features in the search user interface?

by Splunk Employee in

Get Saved search name details

How do I get a list of saved searches name, the user who ran it, the last time it ran and the query it ran, and who c...

by New Member in

What is Splunk Dev, and how do we use it to develop and share our own apps?

We have some use cases that we'd like to develop into Splunk apps. How do we use Splunk Dev to develop our own apps a...

by Splunk Employee in

Preview generating custom command result

Hi I want to add a generating custom command that will query one of our DBs. So I have followed the tutorials and ...

by New Member in

Show max ,minimum and average values from a pool of host machines on a chart

I have the follow search which shows the call count being made to a number of hosts every 15mins "cs_dataowner_id=...

by New Member in

Match field values of two fields

Hi, If I have a table 'X' and 'Y' , I want to be able to compare if any individual comma separated value in Y is a...

by New Member in

How to convert julian date to dd/mm/Y

SVSCPLEX,S0W1,S0W1.DAL-EBIS.IHOST.COM,SYSLOG,zOS-SYSLOG-Console,SYSLOG,-0400,NE,001C,19283 01.21.46.880 -0500,S0W1 ,J...

by Explorer in

two values in linechart tooltip

So I have a chart that display the average response time over time. To give more context to my chart. I also want to ...

by Path Finder in

How can I add another field being shown inside the tooltip when hovered inside an area chart?

Need to find a way to code either in XML or JavaScript to add a field from a search inside the tooltip when hovered. ...

by Path Finder in

Why is Sparkline not working properly?

Hi all, I need help with the sparkline in my spl search because it is not displaying values on the statistics tabl...

by Engager in

How to identify external IP addresses

I am attempting to identify external IPs that are accessing our servers more than a given number of times each day in...

by New Member in

How can I assign a field value to a variable using eval?

I want to assign a specific field value to a variable I want to do something like this: |eval output = ('Fieldnam...

by Communicator in

How to customize the time range picker to only show "Date Range" as an option?

How do I disable some options in the time range picker? For example: Show only DATE RANGE

by Path Finder in

How to join or search fields from two different indexes with a common field

Hi, I have two indexes basically like this: indexA has field1, field2, field3 indexB has field4, field5, field6 field...

by Contributor in

How to change color depending on value using javascript with a twist, table column names are not fixed?

Hello all, I have below javascript code that I use to change the color of my table cell: require([ 'under...

by Path Finder in

using geo_countries and geo_us_states in same search

I want to create a chloropleth map of vendors in the US, highlighted by state. but Canada is also a vendor I want to ...

by Engager in

Get Updates on the Splunk Community!

Splunk Search

Discussions

URGENT REQUEST: how to pull specific values from given query?

How to extract a word from raw data in Splunk using rex

How to format a website/service downtime duration calculation results

How to send a single email to multiple email id mentioned in different rows of the table

Compare two lookup tables

Return value based on another field using a muilti-value field

How to compare fields value with old fields value

Can't MAP a host field with IN clausole in a map searching

Upgraded from 7.2.6 to 7.3.2, "upload lookup" shows 404 error

What are the basics for using the Splunk search interface?

Get Saved search name details

What is Splunk Dev, and how do we use it to develop and share our own apps?

Preview generating custom command result

Show max ,minimum and average values from a pool of host machines on a chart

Match field values of two fields

How to convert julian date to dd/mm/Y

two values in linechart tooltip

How can I add another field being shown inside the tooltip when hovered inside an area chart?

Why is Sparkline not working properly?

How to identify external IP addresses

How can I assign a field value to a variable using eval?

How to customize the time range picker to only show "Date Range" as an option?

How to join or search fields from two different indexes with a common field

How to change color depending on value using javascript with a twist, table column names are not fixed?

using geo_countries and geo_us_states in same search

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions