Splunk Search

Discussions

Thread Info

How do you compare the last two recent events for different devices sending data to Splunk?

Hey, i have different devices that are sending temperature data to my Splunk instance. For alarming, I want to com...

by Path Finder in

How to group events and extract a field when grouped events contain a specific value?

We have some overnight jobs that run and log out to Splunk. On top of this, we have a dashboard which groups by the j...

by Engager in

Why are my events not in time order?

We just upgraded our Splunk server to version 7.0. I created a query that has a time range Between 05/19/2018 04:28:0...

by New Member in

Search returning duplicated/wrong results after upgrading to 7.1

For some reason, after upgrading Splunk to 7.1 some searches no longer return the results for certain days; instead o...

by Explorer in

Field name getting reflected in the same field value

While listing out the values of a field in a table, the name of the field is getting listed in the field values. does...

by Path Finder in

Filter consumed event types and/or collect start date?

Hi, Is it possible to configure this app to only collect logs from a particular start date as opposed to all histo...

by Explorer in

Create data table conditinally

My logs are below content : Export of US successfully transferred to FR Import successfully ended on US from expor...

by Contributor in

How do I rename a hostname in Splunk?

Hi, How do I rename hostname in Splunk? I am trying to enroll a particular syslog in Splunk. I want to rename a ho...

by Explorer in

Sorting the data values in a stacked timechart

How do I order the horizontal slices in a stacked timechart by value? The working search string looks like this: ...

by New Member in

How do you rename count of field values conditionally?

Hi, I have below data in below format using stats count command Date - FR GE SP UK NULL 16/11/18 - 0 1 1 1 1 17/11...

by Contributor in

How do I combine multiple rex commands into a single one?

Hello, I am working with some unstructured data so I'm using the rex command to get some fields out of it. I need thr...

by Motivator in

Can you help me build a regex that extracts an IP Address from a log message?

How do I extract an IP address from a log message using regex? All the four octets need to be pulled at a time, re...

by New Member in

How do you make a search that returns hosts that haven't checked in to an external source within a certain time frame?

Hello All, I am relatively new to Splunk and need some help on this search query. I have hosts that are required t...

by New Member in

Could I save the predicted value after using ML model?

As title, I am using Splunk Machine Learning Toolkit now. I'm confused about whether I could save the result of predi...

by Explorer in

How to search a query and a lookup file with common columns?

][1] So, I would like to run my query below(which would return IP Addresses) and match the results to the input fi...

by New Member in

How can I perform math calculations within my XML dashboard?

I would like to use a drilldown token created from clicking a bar on a timechart and add 1800 to the value and use it...

by New Member in

Return message based on what is NOT showing in Subsearch

I have a subsearch returning all files imported per client as the value "Client_File". It's value will look like ABC_...

by Path Finder in

Lookup command - multiple input fields

Hi, is it possible to use more than one input field within a lookup command? The lookuptable looks like this: ...

by Motivator in

Multiple sums in stats query

Hi! I'm attempting to take an existing query and update it to do the following: For the last 24 hours, sum and...

by New Member in

DB Connect Temporal Lookup - does it exist?

Hi. I am trying to figure out how to put together a time based lookup using the DBX conduit, connected to a radiu...

by New Member in

Get Updates on the Splunk Community!

Splunk Search

Discussions

How do you compare the last two recent events for different devices sending data to Splunk?

How to group events and extract a field when grouped events contain a specific value?

Why are my events not in time order?

Search returning duplicated/wrong results after upgrading to 7.1

Field name getting reflected in the same field value

Filter consumed event types and/or collect start date?

Create data table conditinally

How do I rename a hostname in Splunk?

Sorting the data values in a stacked timechart

How do you rename count of field values conditionally?

How do I combine multiple rex commands into a single one?

Can you help me build a regex that extracts an IP Address from a log message?

How do you make a search that returns hosts that haven't checked in to an external source within a certain time frame?

Could I save the predicted value after using ML model?

How to search a query and a lookup file with common columns?

How can I perform math calculations within my XML dashboard?

Return message based on what is NOT showing in Subsearch

Lookup command - multiple input fields

Multiple sums in stats query

DB Connect Temporal Lookup - does it exist?

SplunkTrust | Where Are They Now - Michael Uschmann

Admin Your Splunk Cloud, Your Way

Cloud Platform | Discontinuing support for TLS version 1.0 and 1.1

How to calculate subnet from list of IP addresses?

How to configure alert when a service is in failed...

how to identify '\n' in Splunk rex

How to combine results of inputlookup and a search...

Running queries not working at all