Splunk Search

Discussions

Thread Info

How do I sort my search events by week?

I am new to Splunk. I am having a problem sorting my search results by week. I tried using the following dates as my ...

by Explorer in

how can i reset splunk.com login password

how can i reset splunk.com login password, the email id in the account has a typo, so the reset password option is no...

by Contributor in

multiple field in geostats

HI, i am trying to display multiple fields like num1, num2, num 3 in map and trying to gets its lat and long from ...

by Path Finder in

Is it violating license agreement to bring in data from external system?

We index a lot of data in Splunk, but we also have a lot of other tools, we would like to use Splunk as single pane o...

by Path Finder in

Single query to an external REST API

I am working on an app that will have an interactive UI where you could input a hash value and afterwards the app wou...

by Engager in

Is there a Splunk command to find out configuration errors or typos?

Hi, I was wondering is there a Splunk command to find out configuration errors? For example, LINE_BrEAKER in props...

by Path Finder in

How do you compare the average memory performance of 2 servers?

Hi All, Please help me create a query that compares cpu and memory with threshold performance in 1 month ( 4 data ...

by New Member in

Can you help me create a regex that would extract a host from a path?

How can I extract hostname from the path for host_regex in data input on directory monitoring? I need only host na...

by Builder in

How do I write a regex for different field extractions according to event value?

I have events like the ones below. I want to make a different field extraction according to the value of field MODEL....

by Explorer in

How can i retrieve the values of a correlation matrix from Splunk web into a text file (name of the fields)?

hello , can anyone tell how can i retrieve the values of a correlation matrix from Splunk web into a text file (na...

by New Member in

How can I display our search results as a percent in a single value panel?

Hi my basesearch... index = lc source= X |stats count by status ...gets me the amount status by status: Sta...

by Path Finder in

How do I search data for the time & date that it was generated by the system?

I have big data in an Index, but I am looking for the specific data of time & date of system generated. I have a t...

by Communicator in

How can I optimize a search that times out?

This search is looking back one month over a large dataset. I would like it to be accelerated, and run once a month o...

by Path Finder in

Can you help me with the following timechart query?

index=X sourcetype=X source=X | timechart first(percentage_allocation) as percentage_allocation by devicename I ...

by Path Finder in

How can I display/hide some specific values in a dashboard?

Hello everyone, I have a dashboard where some stacked volumes(7) are represented and also I added the total of the...

by Explorer in

From the following log data, how do I create a table that includes the average response time?

My log Data is in this format: response="{"status":"success","Registries":[{"create":"2018-08-28","last":null,"Sto...

by New Member in

How do you use regex on 2 fields and combine them into one field for an xyseries?

Hi all, I have a simple regex to extract 2 fields — name1 and name2. And I would need to combine it like this: nam...

by Path Finder in

Can you help me create a search which would return the following table for a Splunk dashboard?

Hi, I want to know if it is possible to do the following table in Splunk dashboard. Thanks.

by New Member in

How to get the top 10 max values for each field value?

Trying to analyze some windows perfmon data. The data looks like this: counter -> name of performance metric (ie. % P...

by Communicator in

iplocation command not returning lat/lon fields (with allfields=true)

As in subject, I run the following command: MY_SEARCH | iplocation allfields=true clientip | table lat lon ...

by Explorer in

Get Updates on the Splunk Community!

Splunk Search

Discussions

How do I sort my search events by week?

how can i reset splunk.com login password

multiple field in geostats

Is it violating license agreement to bring in data from external system?

Single query to an external REST API

Is there a Splunk command to find out configuration errors or typos?

How do you compare the average memory performance of 2 servers?

Can you help me create a regex that would extract a host from a path?

How do I write a regex for different field extractions according to event value?

How can i retrieve the values of a correlation matrix from Splunk web into a text file (name of the fields)?

How can I display our search results as a percent in a single value panel?

How do I search data for the time & date that it was generated by the system?

How can I optimize a search that times out?

Can you help me with the following timechart query?

How can I display/hide some specific values in a dashboard?

From the following log data, how do I create a table that includes the average response time?

How do you use regex on 2 fields and combine them into one field for an xyseries?

Can you help me create a search which would return the following table for a Splunk dashboard?

How to get the top 10 max values for each field value?

iplocation command not returning lat/lon fields (with allfields=true)

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

Observability Highlights | January 2023 Newsletter

query to find data which does not exist in index1 ...

How to achieve Crowdsec json logs fields extractio...

Need help on Dashboard related issue?

Why does Walklex return spaces before some of the ...

Why won't Walklex timespan follow time specificati...