Splunk Search

Ask a Question

Discussions

Thread Info

How to use Splunk ODBC driver to import an excel report to splunk?

Hi All, I want to import a scheduled excel report generated from one prod system to splunk. When I manually import...

by Explorer in

help for doing a pie chart from 2 subsearch

hi I have the search below `test` [| inputlookup host.csv | table host | rename host as USERNAME...

by Motivator in

Good design ?

so I have 1000 pages in my application .. I want to check which pages are performing poorly ... a trend .. I am t...

by Contributor in

extracting value from complex JSON

Hi, need help on how to extract dat from this JSON. i have used spath to extract a part of my JSON to get this data s...

by Loves-to-Learn in

Return only those events who exist in consecutive time bins

So I'm working on a search that returns standard network stuff and using a bin to bucket the data by a day. Something...

by Path Finder in

Drilldown Search Removing Math Operators

I am using the new Drilldown feature in Splunk Enterprise 6.6 to drilldown to a search. In the Drilldown Editor di...

by Path Finder in

Splunk query not giving me results

HI All, Could any one help me in this on urgent basis: My query is malfunctioning : index=auto_prod_okta eventTyp...

by Path Finder in

Joining two queries using Append and results are different

Hello Experts Actually I am trying to join the results of two queries and show in dashboard. There are 3 indexe...

by Explorer in

How to generate timely fake event and compare with real event

Hello all, how do I create a timely dummy event (without using "|lookup" external file) to compare with the real gene...

by Path Finder in

What's the difference between NOT and != ?

It appears to us that NOT and != are different. It seems that != <val> implies that <val> is not empty. Is it right?

by Motivator in

How to pass earliest / latest parameters to a macro from a map section ?

Hello everyone, I'm stuck since many days trying to understand what is preventing Splunk from passing arguments to...

by New Member in

Advanced filtering on |inputlookup command

A large kv lookup table (>2M entries and growing) holds metadata and is processed on a regular schedule to solve some...

by Builder in

Lookup csv file not producing correct results

Hello, I have a lookup file called fs_src_mac_tg.csv has two columns: src_mac and exists src_mac = a list of mac addr...

by Explorer in

Timechart automatic high resize

Hi, I've got a timechart with different columns (depending on the search). If I don't get many columns, the high of ...

by New Member in

Dew Point Calculation

I am trying to produce or calculate the Dew Point in Celsius of data in two separate indexes. I believe the offcia...

by Explorer in

Regular expression in log message

I'm struggling now. Could you please help me? There are two hosts. they have same log data. the host name is di...

by Path Finder in

Join not working

index="event" | rex field=Macaddress mode=sed "s/(.{2})/\1-/g s/-$//" | rename Macaddress as "macAddress" | eval Se...

by Explorer in

Search to find the timestamp of each (Login, Logout, Expire) keyword from _raw and log file last updated time

Hi Guys, Can anyone please help me in the below search. I want the name of all logfiles with details of keywords f...

by Path Finder in

extract url and product.

mess.url= /ae-business/shop/question/answer/product/HHRM2M/B?furl=bd2b75a1e85553a64aa4df2c47c93e049ccfe0d07f5dc518f95...

by Contributor in

event count comparison with today vs yesterday vs last week vs prior week

Hi, I have two strings like "opend" and "exited" in the events. So i need to count how many opened and exited today a...

by Explorer in

Find average when using group by

Here is my query index="search_index" search processing_service | eval time_in_mins=('metric_value')/60 | stats...

by Path Finder in

Map command maxsearches unexpected behavior

I have the search below: index=stats_summary dest_ip=172.* | dedup src_ip dest_ip| map maxsearches=100 search="|...

by Explorer in

How to compare values from 2 different rows?

Good afternoon could someone help me with this query: I have the following values | users | Age | user1 | ...

by Path Finder in

How to compare values from 2 different rows?

Good afternoon could someone help me with this query: I have the following values | users | Age | user1 | ...

by Path Finder in

How do you combine info from multiple events but for one customer in one table.

How do you combine info from multiple events but for one customer in one table or dashboard? For example: Event1: Cus...

by New Member in

Get Updates on the Splunk Community!

Splunk Search

Discussions

How to use Splunk ODBC driver to import an excel report to splunk?

help for doing a pie chart from 2 subsearch

Good design ?

extracting value from complex JSON

Return only those events who exist in consecutive time bins

Drilldown Search Removing Math Operators

Splunk query not giving me results

Joining two queries using Append and results are different

How to generate timely fake event and compare with real event

What's the difference between NOT and != ?

How to pass earliest / latest parameters to a macro from a map section ?

Advanced filtering on |inputlookup command

Lookup csv file not producing correct results

Timechart automatic high resize

Dew Point Calculation

Regular expression in log message

Join not working

Search to find the timestamp of each (Login, Logout, Expire) keyword from _raw and log file last updated time

extract url and product.

event count comparison with today vs yesterday vs last week vs prior week

Find average when using group by

Map command maxsearches unexpected behavior

How to compare values from 2 different rows?

How to compare values from 2 different rows?

How do you combine info from multiple events but for one customer in one table.

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

What’s New in Splunk Observability – September 2025

Fun with Regular Expression - multiples of nine

In Splunk studio, is it possible to populate a tex...

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

Splunk Search

Are you a member of the Splunk Community?

Discussions