Splunk Search

Discussions

Thread Info

Can you help me determine the best way to stream through events for a specific type of event?

I have data that looks like this. 2018-12-13 18:48:05.411 +0000 Tag="Door_Locked" Value="1" 2018-12-13 19:42:41.88...

by Splunk Employee in

Quotes around first word in inputlookup value

I am using an input lookup to exclude results from a search (e.g. index=main NOT [| inputlookup test_lookup.csv | fie...

by Explorer in

Why is the field format not working on our timechart search?

I'm trying to plot the duration open for some of my data. I initially converted the open and close times to UNIX data...

by Engager in

How come I can't get mvdedup and mvexpand commands to work properly?

I have a query where I'm using mvexpand and mvdedup commands to extract some records and calculate related values. Bu...

by Path Finder in

Exists any app to do the Translation of text values from any language to the english language in Splunk?

I would like to know if there is anybody know of any kind of application that does text translation to the English la...

by New Member in

"rf" & "f" search job parameter is showing default fields also

I am trying to get the summary of the fields using search/jobs api from python program. When using the curl comman...

by New Member in

How do I move results retrieved by the "delta" command one row up?

Is it possible to move the results of "delta" one row up? I calculate time difference with "delta" and would like ...

by Path Finder in

Splunk DB Connect SQL query with variables

Hi, I am trying to make a Data Lab Input for Splunk DB Connect using the followng query: declare @cntr_value_1 num...

by Engager in

Can you help me with some problems with matching rex?

Hey, so I've been through all the posts here, and on Google, I can find for this, and I imagine it's a stupid mis...

by Explorer in

Timechart past 24 hours with a 30 day trendline comparison

I have a timechart where I am getting the average of user actions. What I would like to do is have this run for the p...

by Contributor in

How to use results of stats command in other stats commands?

Hello, I need some assistance on the following scenario. Let's say I have a fields "Country" "cities" "command"...

by Path Finder in

what does dedup_splitvals argument for stats command do?

I have a stats command in my correlation search spl which has an argument dedup_splitvals=t not sure what this argume...

by Explorer in

Setting up custom condition for alert

Hello, I have the following search: host="x.x.x.x" OR host="x.x.x.x" Message_Type="Authen failed" PCI | eval So...

by Explorer in

How do you return a conditional count and grand-total in a query?

Hi all, Novice here. I have two separate queries that are doing a simple calculation each, but I would like to com...

by Explorer in

We have planing to add azure application logs(Audit cloud logs) to splunk environment .

in our environment we have 4 servers (A,B,C D) A >>Act as a(indexer ,search head ,license master ,Forwarder manage...

by Path Finder in

Can you help me convert the following field to epoch time?

I'm stuck trying to figure out the conversion on this time format field from Active Directory data. Hoping someone ca...

by Communicator in

Can I use a geospatial lookup to add state data to my data model?

Using Splunk 6.6, I tried for the first time to create a Data Model. My Root Event Dataset consists of events which h...

by Explorer in

Timechart group by 2 fields

Hello, I am trying to find a solution to paint a timechart grouped by 2 fields. I have a stats table like: ...

by Explorer in

Maintaining data integrity for exports from splunk

Hi everyone, I know that Splunk is capable of maintaining its own data integrity via hashing the events. However, ...

by Engager in

Can you help me with a regex field extraction?

Hi guys, I got some the strange events as follows: timestamp: xxxx controlType: xxxx criticality: false object:...

by Contributor in

Does the timeline have any zoom limitations in the search bar?

Hi Splunker, This is just my curiosity. I have a lot of logs that are 99,999 in 1 millisec. I have tried zo...

by Path Finder in

How do you display days in chronological order not alphabetically?

Hi, I am using the below search to display the average transactions by day over a couple weeks. I need the days to...

by New Member in

|stats count(sum) as a grouped TIMECHART

Hello ...query | bucket span=1month _time | eval date=strftime(_time, "%Y/%m/%d ") |stats count sum(2017_totals...

by New Member in

How do you run a script on a column search result?

Hi, I want to run a script on all values in a column like that: index="myindex" mysearch_filters | table id | s...

by New Member in

i would like to get the total bandwidth used by a particular subnet in my network

i would like to get the total bandwidth used by a particular subnet in my network, please help, i am new in splunk,

by New Member in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Can you help me determine the best way to stream through events for a specific type of event?

Quotes around first word in inputlookup value

Why is the field format not working on our timechart search?

How come I can't get mvdedup and mvexpand commands to work properly?

Exists any app to do the Translation of text values from any language to the english language in Splunk?

"rf" & "f" search job parameter is showing default fields also

How do I move results retrieved by the "delta" command one row up?

Splunk DB Connect SQL query with variables

Can you help me with some problems with matching rex?

Timechart past 24 hours with a 30 day trendline comparison

How to use results of stats command in other stats commands?

what does dedup_splitvals argument for stats command do?

Setting up custom condition for alert

How do you return a conditional count and grand-total in a query?

We have planing to add azure application logs(Audit cloud logs) to splunk environment .

Can you help me convert the following field to epoch time?

Can I use a geospatial lookup to add state data to my data model?

Timechart group by 2 fields

Maintaining data integrity for exports from splunk

Can you help me with a regex field extraction?

Does the timeline have any zoom limitations in the search bar?

How do you display days in chronological order not alphabetically?

|stats count(sum) as a grouped TIMECHART

How do you run a script on a column search result?

i would like to get the total bandwidth used by a particular subnet in my network

Data Persistence in the OpenTelemetry Collector

Introducing Splunk 10.0: Smarter, Faster, and More Powerful Than Ever

Community Content Calendar, September edition

In Splunk studio, is it possible to populate a tex...

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

Splunk Search

Are you a member of the Splunk Community?

Discussions