Splunk Search

Start a Conversation

Discussions

Start a Conversation

Thread Info

conditional rex in splunk

I have a field called Number and it has got a value like : | inputlookup Numbers.csv Number 102 2 45 204 345 1...

by Contributor in

How to make a table with 3 datas

Each day i execute my search This search give me the number of events with status OK or KO by enterprise nameEnte...

by Path Finder in

regex to extract multiple email addresses in splunk search

How to list out all the email addresses in a splunk search which displays the following results. Storing shipConfi...

by Builder in

Can we use wildcard characters in a lookup table?

Can I create a lookup table with wildcard character *? I have a lookup like input,output user*,USERNAME so ...

by Motivator in

How to create a subsearch which would generate a csv file and use this as input for another search string at same point in time.

Hi all, I would like to generate the csv file form one search and use that as lookup file for another query . ...

by Explorer in

Splunk Query On Selecting The Range Of Vales For dashboard

Hi Team, Would like to design the query for the below requirement where we wanted to capture 2 dash boards as belo...

by Explorer in

Events count changing on every search

HI, I am facing a weird situation. I am executing a query that will give last one day data on hourly basis. base s...

by Explorer in

Regex Query Help: Need to Write a regex query for my log

Below given is one section of an event. The event has multiple such sections. I want to write a regex search query so...

by Path Finder in

input lookup get values for the lookup only

Hi, I have a very Basic question. I have an index index1 and sourcetype=ST1 with fields fieldA, fieldB and fieldC....

by Communicator in

Need help in splunk regex

{"runDate":"2018-05-26T02:42:42 BRT","dataDate":"20180524","jobName":"autocompleteIndexerCounters","counterList":[{"c...

by Explorer in

How to get only the latest values of a Parameter for each server?

I have multiple Parameters and their values lister for each server. I am using the beloq command at last: chart li...

by Path Finder in

How to convert the values of multiple fields to number?

Hi All, Good day! I just want to ask for some help here.  I have multiple fields with the data I'm working ...

by Path Finder in

Subsearch Not Filtering Results

I am trying to pull a list of filtered IPs from one index and then use that list as a reference to see external traff...

by New Member in

Line chart does not display the value zero even after setting the code to use one decimal place

Hello, Seeking for any assistance on the issue I am encountering. Issue: Line chart does not display the value ...

by New Member in

How to separate rows as column?

I have trouble in manipulating the table Date contains (index, name, date). name ..... date ................ co...

by Engager in

Why is my search resulting in "Regex: UTF-8 error: isolated byte with 0x80 bit set error"

| tstats count(host) as count WHERE index=* earliest=-1d@d latest=@d by host|search [|inputlookup mylast|fields host...

by Explorer in

How to get value of a field corresponding to max value of another field

Hi, I have a table with the fields 'loadtime', 'application', and 'user'. First I want to compute the maximum value o...

by Path Finder in

Average on a value over time

Hi, I have this query (yes I know its ugly but it works  ) . What I need to do is present the current RSSI value ...

by Motivator in

Returning Non-Duplicates from a table

My data tells me if counts on a specific server are timing out, and we are trying to set up an alert for when this oc...

by Communicator in

Retrieve the Data from multiple searches

Hi, I have something like this - Search 1 - for media customers - Summary Index A - contains data from 20th May till ...

by Explorer in

Get Updates on the Splunk Community!

Splunk Search

Discussions

conditional rex in splunk

How to make a table with 3 datas

regex to extract multiple email addresses in splunk search

Can we use wildcard characters in a lookup table?

How to create a subsearch which would generate a csv file and use this as input for another search string at same point in time.

Splunk Query On Selecting The Range Of Vales For dashboard

Events count changing on every search

Regex Query Help: Need to Write a regex query for my log

input lookup get values for the lookup only

Need help in splunk regex

How to get only the latest values of a Parameter for each server?

How to convert the values of multiple fields to number?

Subsearch Not Filtering Results

Line chart does not display the value zero even after setting the code to use one decimal place

How to separate rows as column?

Why is my search resulting in "Regex: UTF-8 error: isolated byte with 0x80 bit set error"

How to get value of a field corresponding to max value of another field

Average on a value over time

Returning Non-Duplicates from a table

Retrieve the Data from multiple searches

New Splunk Observability innovations: Deeper visibility and smarter alerting to ...

Synthetic Monitoring: Not your Grandma’s Polyester! Tech Talk: DevOps Edition

Instrumenting Java Websocket Messaging

Parsing XML and props.conf

Windows Event Log of Account Creation Search?

How to convert large bytes to human readable units...

How to convert a large number to string with expre...

Need help on Dashboard related issue?