Splunk Search

Ask a Question

Discussions

Thread Info

Graph the difference between the totals of 2 search calculations

Dear SPLUNKos I need to create a time chart as per the belowRun one “grand total” searchRun second search which is...

by New Member in

Not getting results to lookup command

Hi,Need your assistance belowWe have created new csv lookup and we are using the below query but we are getting all ...

by Path Finder in

New install- why doesn't search work?

I have installed my first splunk enterprise on a linux server and installed forwarders on windows workstations using ...

by Loves-to-Learn Lots in

Need to create a pie chart out of a table

Hi All, I have got logs like below: Log1: </tr> <tr> <td >Apple</td> <td >59</td> <td >7</td> Log2: </tr>...

by Contributor in

how to pass the time range to input text fields for search data, when i select the time range through input=time

if select 24 hours in time filter, is there any automatic way to pass the 24hrs time rage to start date and end date?...

by Loves-to-Learn in

How to get sum of all columns into a new column?

Hi I need to do a sum of all columns into new column EVNT COL1 COL2 COL3 SUM 1 22 22 22 66 2 ...

by Explorer in

Passing lookup value to search

I have users.csv as a lookup file with almost 20K users. I'm writing a query for authentication events for a specifi...

by Engager in

Extract and/or add numbers from a string

I have string field: provTimes: a=10; b=15; c=10; it basically has semicolon separated sub-fields in the value. E...

by New Member in

Converting Splunk Curl API to Windows Powershell

I have a working script that allows me to retrieve the job ID of a search in Splunk. This is working in Windows usin...

by Path Finder in

Log alerts - Alert that tell when a log source stops sending logs to Splunk

I'm trying to build an alert that looks at the number of logs from the past three days and then compares it to the nu...

by Explorer in

regroup similar url without using tons of regex

Hi, Is there a way to regroup similar values without defining tons of regex. Let say I do a search that return url...

by New Member in

Get the 10 recent events for each host.

I am trying to write a search that will pull the 10 (or so) most recent events for each host. The tail and head comma...

by Explorer in

complex stats to trigger on count of events

I have this rule, I need it to trigger when results / count of events is greater than 4 but the "Trigger Condition" d...

by Explorer in

How to search all fields from a lookup CSV file in index event log

Hello Splunk members! I have a CSV Lookup file with 2 columns ClientNameHWDetSystem BD-K-027EY VMware I h...

by Explorer in

How to display specific timezone in table results instead of user preference timezone?

I spent a fair amount of time perusing Google and Splunk Answers but couldn't seem to find a solution that made sense...

by Communicator in

Need to convert only MB values to GB leaving GB values as it is.

Hi All, I have logs like below in splunk: Log1: Tue Feb 25 04:00:20 2024 EST 10G 59M 1% /apps Log2: Tue F...

by Contributor in

Issues with event parsing using prop configuration file

Hello, I have some issues with parsing events and a few sample events are given below: {"eventVer":"2.56", "userI...

by Motivator in

Trimming the value of a savedsearch parameter within the savedsearch

I have a saved "MySearch" that takes a parameter "INPUT_SessionId", something like this: index=foo| ... some stuff|...

by Engager in

How to add space on a text on a single value panel?

Hello,How to add space on a text on a single value? Thank you for your helpAdding spaces did not have any affect....

by Motivator in

How to exclude string keyword in same field while using transaction command?

Thanks in Advance. In my scenario i want to club the the result using correlationID .so i used transaction command ...

by Builder in

Sum of the field based on the other field values

Hi Team,how to Sum of the field based on the other field values.Row1 field values will be 0-9 and a-z.Sample one give...

by Path Finder in

SPL: Longest common substring

Hello everyone, I am looking for a SPL-solution to determine how long the longest common substring of two strings i...

by Path Finder in

Passing lookup file contents as individual search strings

Lookup file `tenants.csv` tenant, tenant1, tenant2, tenant3, tenant4, Desired query inde...

by Loves-to-Learn Everything in

Edit CSV file sent through sendemail command

Hi All,I am trying to send email using sendemail command with csv as an attachment . Email is getting sent successful...

by Communicator in

Splunk Alerts

I have a search that gives me the total number of hits to my website and the average number of hits over a 5 day peri...

by Loves-to-Learn in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Graph the difference between the totals of 2 search calculations

Not getting results to lookup command

New install- why doesn't search work?

Need to create a pie chart out of a table

how to pass the time range to input text fields for search data, when i select the time range through input=time

How to get sum of all columns into a new column?

Passing lookup value to search

Extract and/or add numbers from a string

Converting Splunk Curl API to Windows Powershell

Log alerts - Alert that tell when a log source stops sending logs to Splunk

regroup similar url without using tons of regex

Get the 10 recent events for each host.

complex stats to trigger on count of events

How to search all fields from a lookup CSV file in index event log

How to display specific timezone in table results instead of user preference timezone?

Need to convert only MB values to GB leaving GB values as it is.

Issues with event parsing using prop configuration file

Trimming the value of a savedsearch parameter within the savedsearch

How to add space on a text on a single value panel?

How to exclude string keyword in same field while using transaction command?

Sum of the field based on the other field values

SPL: Longest common substring

Passing lookup file contents as individual search strings

Edit CSV file sent through sendemail command

Splunk Alerts

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

Splunk Observability for AI

🔐 Trust at Every Hop: How mTLS in Splunk Enterprise 10.0 Makes Security Simpler

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions