Splunk Search

Ask a Question

Discussions

Thread Info

Can you help me write an if statement for the following condition?

Hi, I need to write an if statement for the following condition. I have two services in which status is shown by 0...

by Explorer in

How to configure to get alerts regarding software installation or uninstall from a server

by New Member in

Host Memory increase is not displayed by Splunk

Hi forum, We increased Memory on multiple VM Instances running splunk from 64GB to 128GB. On some instances change...

by Builder in

Alert Triggering through SMS

Hi Team, I am new to splunk ,i need to know is there any possibility to create Alerts through SMS for monitoring 2...

by New Member in

How do I get results for different days on the same table?

I'm using the following search and getting the following results. This search is done over 7 days. Is there a way I ...

by Path Finder in

Counting field over Four Date columns if the field has value in the four coloumns

Hello There I have Field which states the Case ID whether its ACTIVE , RESOLVED, PENDING or CLOSED I need to count ea...

by Path Finder in

How do you create a table from the following data?

Assuming these 3 docs, how can I create a table where I dedupe by account (I want the most recently ingested event) a...

by New Member in

How do I hide specific choices within Presets accordion while keeping/displaying others in timepicker?

I want to display a modified time-picker that shows only the following preset choices: Last 24 hours Last 3 days Last...

by Path Finder in

Slow Response DNS Lookup Thousands of IPs

I am running a DNS lookup on IP addresses using the following arrangement, but it is running very, very, very, slow b...

by Communicator in

How do you update a lookup table manually in a distributed search head environment?

I have a Search Head cluster setup. Within the search app, I have defined a number of lookups, which I would like to ...

by Splunk Employee in

How do you plot historical data and current log data together in a timechart?

Hi all, I have loaded the last 3 years of historical data from a CSV file to Splunk — so source is "XYZ.csv". On t...

by Explorer in

How to push out an indexer bundle after rebuilding a server?

Hi, I had to rebuild an indexer, and it's now up and running, but it doesn't have the most recent updates that we ...

by Champion in

How do I run the Splunk CLI command using the scripted input and the path file?

We have Windows servers blocked for executing batch scripts. So, how do I run the below Splunk CLI command schedu...

by Contributor in

token. how can I, configuring one token for filter search?

Hi I have this search in my dashboard and i want create a token filter for search the result of the field "sucursa...

by Engager in

How do I filter tenable scan results by lastSeen value?

I'm trying to filter my Tenable results to show only vulnerabilities seen within the last 7 days. Here is my current ...

by Explorer in

How do I combine search results from two different date time ranges into 1 table?

I am trying to combine results from two different time lines into a single table. The search query for 1 day as f...

by Path Finder in

How do you color code a cell?

I've read through a lot of articles, but I can't figure out how to make this work. My query is below. For ease of rea...

by New Member in

Can you help me visualize my input lookup file?

Hello There, I have a file CSV as shown in the attached screenshot. I want someone to help me to draw these dates ...

by Path Finder in

How do I reconstruct the path of a message across multiple events?

I have a log file from our ESB that has multiple events for each message. I want to join those back together so I can...

by Explorer in

How do you compare a previous average with the current actual count?

Hello, I am trying to write an SPL to do the below but hitting a road block. Can someone please help!! Date ...

by Explorer in

How do i display the latest event from two event IDs by computer name?

Hello, I am trying to complete a query that allows me to see both the latest failed and successful backups from e...

by Communicator in

What would be the best way to use index and source type for multiple projects?

Hi everyone, I am new to Splunk and i have a quite a few projects in my organization. I know that an index can hav...

by New Member in

Can you help me combine 2 queries into a timechart?

Hi all, I have the following data and I need some help to progress further. I have fields: _time uniqueId actio...

by New Member in

How do you use the value of the lookup filename as a field in the search result?

Here is the search and lookup, I need to capture the value, last_logon_lookup_20180928.csv We need the value in bo...

by Explorer in

Drilldown on results of a subsearch not working

Woodcock - As a new question to the previous one that you help resolve - do you have any idea why the drilldown isn't...

by Engager in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Can you help me write an if statement for the following condition?

How to configure to get alerts regarding software installation or uninstall from a server

Host Memory increase is not displayed by Splunk

Alert Triggering through SMS

How do I get results for different days on the same table?

Counting field over Four Date columns if the field has value in the four coloumns

How do you create a table from the following data?

How do I hide specific choices within Presets accordion while keeping/displaying others in timepicker?

Slow Response DNS Lookup Thousands of IPs

How do you update a lookup table manually in a distributed search head environment?

How do you plot historical data and current log data together in a timechart?

How to push out an indexer bundle after rebuilding a server?

How do I run the Splunk CLI command using the scripted input and the path file?

token. how can I, configuring one token for filter search?

How do I filter tenable scan results by lastSeen value?

How do I combine search results from two different date time ranges into 1 table?

How do you color code a cell?

Can you help me visualize my input lookup file?

How do I reconstruct the path of a message across multiple events?

How do you compare a previous average with the current actual count?

How do i display the latest event from two event IDs by computer name?

What would be the best way to use index and source type for multiple projects?

Can you help me combine 2 queries into a timechart?

How do you use the value of the lookup filename as a field in the search result?

Drilldown on results of a subsearch not working

Tech Talk Recap | Mastering Threat Hunting

Observability for AI Applications: Troubleshooting Latency

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

In Splunk studio, is it possible to populate a tex...

Help me with splunk query to monitor CPU and Memor...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

Splunk Search

Are you a member of the Splunk Community?

Discussions