Splunk Search

Discussions

Thread Info

appbrowser error ssl after installation

Hello everybody, After the installation of Splunk, I can't to do a search on app. The error message is : Error conne...

by New Member in

Getting the counts by day but keeping the timestamp

Hi, Messing with dns logs im trying to get the domain that was only queried afew times per day. However i would also ...

by Explorer in

Splunk cloud - AWS - COncurrent searches

say, I have a splunk cloud,, Splunk as a service running in AWS with a daily index volume of 10 GB data per day. what...

by New Member in

Why i am getting Error in 'eval' command: The expression is malformed. An unexpected character is reached at '\"1\", \"icon-check\", \"icon-alert\")'.

Hi all , I am trying to configure alert for data replication in cluster manger. Using below query , getting "Error...

by Explorer in

How to filter the log using REGEX?

I have logs which contains 'LogonType=Owner' and some logs which contains 'InternalLogonType=Owner'. I want to send '...

by Communicator in

How to place splunk lookup table data output to a remote server?

Hi All, I had configured an alert with trigger action as Output results to lookup with replace option . Since the ...

by Path Finder in

splunk masking the entire event instead of regex matching

Hello, I am learning splunk. I have written a transforms to mask the email ID's however, the splunk is masking the...

by Explorer in

Encountered the following error while trying to update: Cannot edit report that is embedded.

How to change the execution schedule of a report which is already embeded. Also how to find if a report is embede...

by Path Finder in

Subsearch produced 144180 results, truncating to maxout 10000.

Hi All, I am running tstats command and matching with large lookup file but i am getting the "[subsearch]: Subsear...

by Explorer in

How to get ptime from below string

Hi , Below is my field "rtpmap:8 PCMA/8000,rtpmap:101 telephone-event/8000,ptime:20" I would like to get ptime fr...

by Explorer in

Splunk Query for Nessus vulnerabilities between firstSeen and lastSeen dates

I’m new to Splunk. I’m trying to come up with a search that would provide me with the number of Nessus vulnerability ...

by New Member in

How to associate dbxquery results with search results?

hi everyone,forgive me me for Chinese English first, I hope you can read my questions. |dbxquery connection="Conne...

by Contributor in

are they ways to make queries like this faster?

I have to run a query periodically like this. The query seems to run pretty slow. Are there ways to optimize such a q...

by Explorer in

Why is the search not showing all the expected results?

Hello, I have log file that contains the following rows (im showing only those who relevant to my question) <...

by Communicator in

Append 2 tables. Gets "Missing or malformed messages.conf stanza for SEARCHFACTORY:UNKNOWN_OP__index" error

I am trying to append to search results which displays the same column headers. However I am getting the error: Missi...

by Path Finder in

_audit search for regex's

Is it possible to build a search looking for regex variances? i.e. SSN regex, CC regex

by Engager in

Howto use _time to compare with field with time

Hello, I've a field with date/time in it. The field name is system_created_on=2019-04-26 09:38:24. I have a tim...

by Path Finder in

Location value in SPMetadata.xml

We are trying to configure SSO on Splunk Web, but when we download the SPMetadata.xml file, it mentions the location ...

by Engager in

How can we figure out the size of KVStores and Lookups?

In our enterprise sometimes kvstores and lookup files can get really large and we're looking for a way to monitor thi...

by Engager in

Cisco Network App and Search & Reporting App Time Difference

With no TZ configured, my Search & Reporting App is displaying the correct time (UTC-10:00 or 13:00 HST) but, my Cisc...

by New Member in

Unable to continue after using a regular expression to extract a new field.

This is day 2 working with splunk. I want to extract a portion of an xml printout in the logs. My regex works fine, b...

by Explorer in

transform command after timechart?

Is it possible to do an eval after using timechart? I want to modify the count values in column A by dividing those v...

by Engager in

pstack以外の代替手段について

フォワーダーの splunkd プロセスが異常に CPU を使用している問題で、Splunk サポートに調査を依頼するため、pstack サンプルを採集しょうとしましたが、どうも pstack は Ubuntu 環境ではうまく動作しな...

by Splunk Employee in

How to apply operator on a specific value in a table?

I'm trying to divide a specific value in a table by 10. What is the best way to do this? My search: (index=Wineven...

by Engager in

Splunk Datamodel tstats Error

Hi All, I have created a datamodel "Introspection_Usage" with global permission with the following dataset as give...

by Explorer in

Get Updates on the Splunk Community!

Splunk Search

Discussions

appbrowser error ssl after installation

Getting the counts by day but keeping the timestamp

Splunk cloud - AWS - COncurrent searches

Why i am getting Error in 'eval' command: The expression is malformed. An unexpected character is reached at '\"1\", \"icon-check\", \"icon-alert\")'.

How to filter the log using REGEX?

How to place splunk lookup table data output to a remote server?

splunk masking the entire event instead of regex matching

Encountered the following error while trying to update: Cannot edit report that is embedded.

Subsearch produced 144180 results, truncating to maxout 10000.

How to get ptime from below string

Splunk Query for Nessus vulnerabilities between firstSeen and lastSeen dates

How to associate dbxquery results with search results?

are they ways to make queries like this faster?

Why is the search not showing all the expected results?

Append 2 tables. Gets "Missing or malformed messages.conf stanza for SEARCHFACTORY:UNKNOWN_OP__index" error

_audit search for regex's

Howto use _time to compare with field with time

Location value in SPMetadata.xml

How can we figure out the size of KVStores and Lookups?

Cisco Network App and Search & Reporting App Time Difference

Unable to continue after using a regular expression to extract a new field.

transform command after timechart?

pstack以外の代替手段について

How to apply operator on a specific value in a table?

Splunk Datamodel tstats Error

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

What’s New in Splunk Observability – September 2025

Fun with Regular Expression - multiples of nine

In Splunk studio, is it possible to populate a tex...

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

Splunk Search

Are you a member of the Splunk Community?

Discussions