Splunk Search

Start a Conversation

Discussions

Start a Conversation

Thread Info

How to sort a table based on two columns in order of priority?

Hello dear Splunkers, I have a table showing the amount of downloaded data per website by user on my network. I...

by Super Champion in

Increase subsearch results limits when using join

Hi All, I have data coming in from different indexes and am joining them on the common field. Data is huge, so whe...

by Builder in

How to display host types in Y axis and X axis chart?

I have different host types (like SC, RC and etc) and its different version(18.1, 19, 19.1 and etc). I am trying to d...

by Explorer in

Create new rows from multi-value fields

So basically what we need is a new row with the new data. A new row for each value pair of Software and Version. ...

by Path Finder in

How do show two recent scan result.

How do i filter table , just show last 2 days . And compare Fixed Event by host. Thanks for your help.

by New Member in

How to add result of search to all rows in lookup?

I have a search from where i get a result i ndex=abc sourcetype=file|table Name --- Result XYZ Now my lookup i...

by Communicator in

How to create search to return rows in table based on count?

I have a splunk query that forms table like this Time Type Msg 10/1/2019 0:00 1 xyz 10/2/2019 0:00 2 x...

by Path Finder in

Custom Search Commands: how to process positional args in command class?

i.e. we have some custom command generatetext @Configuration() class GenerateTextCommand(GeneratingCommand): ...

by Explorer in

When performing a search splunk web freezes the browser tab and facing performance issue when searching ?

Hi All, One of the user is facing an performance issue while performing the searches and also the splunk web freez...

by Motivator in

How do I optimize the performance of my dashboard with over 30 panels using post process searches?

I have a dashboard that has over 30 panels - they all have the same basic search query so I decided to use the new se...

by Path Finder in

SPL that will call a script and use indexed data as input

The requirement is to do forecasting on indexed data. A python script will be developed and use in Splunk to use the ...

by Communicator in

Using Lookup tables to exclude timerange from search

I am collecting statistics from an application and am trying to find a way to exclude search results from statistics ...

by Builder in

How to implement a "root cause hint"

Hi, We are new to splunk, so we are facing some difficulty to understand how to implement a kind of “poor man“ ro...

by New Member in

'where propertyname In (propertyvalue1, propertyvalue2, etc...)' int vs string values

Hello, I am having difficulty using the 'where property in (x,y,z,...)' type search filter in Splunk. Specifically, w...

by Explorer in

Why is there an error of "Too many subsearches" when ingesting logs from haproxies running broken out by each API call?

Hi All, Any help is greatly appreciated as I am of course in a bit of a time crunch. We are currently using splunk...

by New Member in

Check field against two lookup tables

I have two lookup tables that may contain the hostname of an IP address | lookup cmdb_ci_server_lookup ip_address ...

by Path Finder in

fix the number of class in classification result(confusion matrix) in Machine learning toolkit

Hi, for classification result(confusion matrix) in Machine learning toolkit are there any code used to fix the...

by New Member in

How to chart with indexed time fields?

I have a date field in this format Y-M-D. I want to chart everything that is two years older than that field. Not sur...

by New Member in

Compare one field from the search with a field in the lookup table, and list if there is a difference

Hey everyone, I have a list that contains usernames and Countries. The name of the list is user1.csv and its adde...

by Path Finder in

Regex ignore adding underscore if there is a dash

Hey everyone. So what I need to do is complete the filename in one of my fields in an event. Example is this: atta...

by New Member in

Get Updates on the Splunk Community!

Splunk Search

Discussions

How to sort a table based on two columns in order of priority?

Increase subsearch results limits when using join

How to display host types in Y axis and X axis chart?

Create new rows from multi-value fields

How do show two recent scan result.

How to add result of search to all rows in lookup?

How to create search to return rows in table based on count?

Custom Search Commands: how to process positional args in command class?

When performing a search splunk web freezes the browser tab and facing performance issue when searching ?

How do I optimize the performance of my dashboard with over 30 panels using post process searches?

SPL that will call a script and use indexed data as input

Using Lookup tables to exclude timerange from search

How to implement a "root cause hint"

'where propertyname In (propertyvalue1, propertyvalue2, etc...)' int vs string values

Why is there an error of "Too many subsearches" when ingesting logs from haproxies running broken out by each API call?

Check field against two lookup tables

fix the number of class in classification result(confusion matrix) in Machine learning toolkit

How to chart with indexed time fields?

Compare one field from the search with a field in the lookup table, and list if there is a difference

Regex ignore adding underscore if there is a dash

.conf23 | Get Your Cybersecurity Defense Analyst Certification in Vegas

Streamline Data Ingestion With Deployment Server Essentials

Remediate Threats Faster and Simplify Investigations With Splunk Enterprise Security ...

AD servers with indexing delays when evt_resolve_a...

Using comparison function within mstats

splunk search statement using keyword from input b...

Ex Cisco - run a report for all DFS users who logg...

Splunk query to list all the queries that time out