Splunk Search

Community Activity

	Percentage of devices using an IPv6 address versus an IPv4 address. I have devices using a specific v4 address range and a specific v6 address range. I'd like to get the percent of devi... by Gunner New Member in Splunk Search 07-28-2025 0 1	0	1
	Splunk query - lookup utilization Hello all, I am working on an Splunk query which suppose to filter some logs by utilizing data from lookup. Consider ... by KishoreSrini Explorer in Splunk Search 07-28-2025 0 5	0	5
	Giving access to Single Shared Summary index for multiple app teama Sorry for everyone that I am posting multiple posts for my issue. Just summarising everything here.. please help me w... by Karthikeya Communicator in Splunk Search 07-26-2025 0 4	0	4
	Restrict search command usage (rest in particular) I am looking to restrict the use of certain search commands for particular users / roles. In particular I would like ... by JacobPN Path Finder in Splunk Search 07-25-2025 0 7	0	7
	How to filter a list of timestamps less than _time I need to filter a list of timestamps which are less than _time.this works:\| makeresults count=1 \| eval timestamps = ... by weidertc Contributor in Splunk Search 07-25-2025 0 3	0	3
	Delete existing summary index and move its data to new summary index Before one week I created a summary index named waf_opco_yes_summary and it is working fine. Now they asked to change... by Karthikeya Communicator in Splunk Search 07-25-2025 0 10	0	10
	Eval multiple services in single query I am attempting to run a query that will find the status fo 3 services and list which ones are failed and which ones ... by cdevoe57 Path Finder in Splunk Search 07-24-2025 0 8	0	8
	How can I get the time difference between multiple events to know the time it took per process? I am trying to find the time taken by our processes. I wrote a basic query that fetch a start, end time, and the diff... by kuul13 Explorer in Splunk Search 07-24-2025 0 3	0	3
	How to improve readability with template formatted log messages in Splunk search? I have a dotnet application logging template formatted log messages with serilog library and since everything is in J... by kinicky Engager in Splunk Search 07-24-2025 0 2	0	2
	Creating a Hierarchical Search Hello!I have the following query with the provided fields to track consumption data for customers.action=load OR acti... by bp2025 Engager in Splunk Search 07-24-2025 0 1	0	1
	table view using spl {<!-- --> "abcdxyz" : {<!-- --> "transaction" : "abcdxyz", "sampleCount" : 60, "errorCount" : 13, "errorPct" : 21.666666... by yuvaraj_m91 Loves-to-Learn Lots in Splunk Search 07-24-2025 0 2	0	2
	How to default stats to zero when no rows returned? I have a query similar to the one below. index = "idx" source = "mysource" \|spath path=myField output=res\|stats cou... by schres1 Explorer in Splunk Search 07-23-2025 0 4	0	4
	Color cell from table conditionally on comparison between values Hi everyone,I'm working on a dashboard that's comparing two different applications. One of the tables has their perfo... by pedropiin Path Finder in Splunk Search 07-23-2025 0 4	0	4
	Skipped search - The maximum number of concurrent running jobs for this historical scheduled search on this cluster has Hi Team,I have been getting a skipped search notification in my CMC overview under Health from quite some time.It is ... by mchoudhary Explorer in Splunk Search 07-23-2025 0 1	0	1
	How to pass multiselect token values from main dashboard A to drilldown dashboard B Hi,I have a simple multi-select filter as below on my main dashboard.<input type="multiselect" token="projects" searc... by mbasharat Builder in Splunk Search 07-23-2025 0 10	0	10
	Remove string from field using REX I am trying to remove a field which has a suffix of sophos_event_input after the username. ExampleUsername_FieldJoe-... by Splunkie Explorer in Splunk Search 07-23-2025 0 3	0	3
	Joining records in a table I have an audit table with before and after records of changes made to a user table. So every time an update is made ... by DexterWard New Member in Splunk Search 07-23-2025 0 1	0	1
	spl2 module upload successful, and testing is also successful but it's nowhere to be found. Am I missing something? I have vscode running splunk extension and created a simple _default.spl2nb. I'm able to te... by kundeng Path Finder in Splunk Search 07-22-2025 0 2	0	2
	Splunk query to find a value outside of certain enum I want to search the "NONE" not in 3 allowed enum value. I need to ignore the "NONE" if it is in the allowed enum. Fo... by seetide New Member in Splunk Search 07-22-2025 0 6	0	6
	Remove string from field using REX or Replace I have a field, where all values are pre-fixed with "OPTIONS-IT\". I would like to remove this, but not sure on the b... by smcdonald20 Path Finder in Splunk Search 07-22-2025 0 6	0	6
	Create new fields using values from another field I have a field called key. key has multivalues that are also dynamic. I have another field called values, that is als... by bt149 Path Finder in Splunk Search 07-22-2025 0 5	0	5
	How to add division line on the scatter chart Hello everyone. I want to add line as division line on the scatter chart. I'd like to know which values are in speci... by jenny_life Path Finder in Splunk Search 07-21-2025 0 7	0	7
	Splunk user last login Time through LDAP I have a requirement where I want to see all users and their last login time, we are connected through Ldap so settin... by Nawab Communicator in Splunk Search 07-21-2025 0 3	0	3
	Is there a way to group the data by time and another field? I was able to write a query that group by api (msgsource) to show the response times, but I am trying to see if I can... by kuul13 Explorer in Splunk Search 07-20-2025 0 6	0	6
	input lookup Hi All,I have an input lookup file with 2 fields first filed contains some path and the second filed is an httpcode ... by tkrprakash Loves-to-Learn Lots in Splunk Search 07-17-2025 0 2	0	2