Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Splunk Search
Splunk Search
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Discussions
| Thread Info | |||||
|---|---|---|---|---|---|
|
Hi
I would like to have a way to find out whether hosts have stopped logging to our central log infrastructure or...
by
chris
Motivator
in
Splunk Search
03-17-2010
|
0
|
3
| ||
|
I am having trouble getting my head around the search required to graph multiple values from the same log event. It s...
by
Glenn
Builder
in
Splunk Search
03-18-2010
|
2
|
5
| ||
|
|
Our office has a specific TRANSACTION search we do frequently to track all events related to a particular user. The s...
by
Justin_Grant
Contributor
in
Splunk Search
03-15-2010
|
0
|
5
| ||
|
|
I'd like to provide a table where the event count for today and yesterday are displayed. For example, count by status...
by
hulahoop
Splunk Employee
in
Splunk Search
03-16-2010
|
0
|
2
| ||
|
|
I know that in general, regular expressions in Splunk use PCRE (or a modified PCRE for matching in props.conf source ...
by
gkanapathy
Splunk Employee
in
Splunk Search
03-03-2010
|
3
|
1
| ||
|
|
I would like to use a lookup into an external database to add fields to my events, but need some advice about perform...
by
Justin_Grant
Contributor
in
Splunk Search
03-13-2010
|
2
|
3
| ||
|
|
On the Search App > Status > Index activity dashboard, there is an Index health report showing the bucket spread over...
by
hulahoop
Splunk Employee
in
Splunk Search
03-13-2010
|
1
|
1
| ||
|
|
I'm trying to throw out search results from a couple of different ip ranges. Currently I'm working with 2, but I migh...
by
thepocketwade
Path Finder
in
Splunk Search
03-12-2010
|
3
|
4
| ||
|
|
It is a subtlety of the search language that keyword searches run against the raw event data only. To search metadata...
by
hulahoop
Splunk Employee
in
Splunk Search
03-09-2010
|
1
|
2
| ||
|
I'd like to limit certain users from running expensive searches by limiting the number of results that can be returne...
by
the_wolverine
Champion
in
Splunk Search
03-09-2010
|
2
|
1
| ||
|
|
How do I change the default granularity on a chart? It appears I'm hitting a limit somewhere and I'm not getting as m...
by
dskillman
Splunk Employee
in
Splunk Search
03-03-2010
|
5
|
2
| ||
|
|
While I browse my local drive in Explorer I would like to add and search some log files with Splunk without opening a...
by
Leo
Splunk Employee
in
Splunk Search
03-03-2010
|
1
|
1
| ||
|
|
There are some who are really good at regular expression, some okay, and the rest who downright are lost beyond a spl...
by
matt_1
Explorer
in
Splunk Search
02-25-2010
|
2
|
1
| ||
|
|
Does maxresults in limits.conf have an effect when piping results to the stats command? For example, if I run a searc...
by
kbecker
Communicator
in
Splunk Search
02-26-2010
|
2
|
1
| ||
|
|
I have millions of events being indexed by Splunk now and I suspect something is happening within my IT environment a...
by
maverick
Splunk Employee
in
Splunk Search
02-24-2010
|
1
|
1
| ||
|
|
Hi Splunkers,
I have a sample Perforce log file and I'm trying to extract the code contributors. Here is an exampl...
by
Nicholas_Key
Splunk Employee
in
Splunk Search
02-22-2010
|
2
|
2
| ||
|
|
How do i use the same search strings in splunks UI on the command line?
by
Chris_R_
Splunk Employee
in
Splunk Search
02-17-2010
|
0
|
4
| ||
|
|
There are plenty of ways to specify the exact time range or maximum range between two events in a search. But I need ...
by
Tisiphone
Engager
in
Splunk Search
02-18-2010
|
3
|
1
| ||
|
|
explain the significance of the connected flag in transaction
by
Ledion_Bitincka
Splunk Employee
in
Splunk Search
02-11-2010
|
2
|
1
| ||
|
|
Dan Goldburt asks: I'm consistently getting the following request from customers: "can I see where each event came fr...
by
Ledion_Bitincka
Splunk Employee
in
Splunk Search
02-11-2010
|
1
|
1
| ||
|
|
Such a helpful command, and yet doesn't work for me...
by
V_at_Splunk
Splunk Employee
in
Splunk Search
01-17-2010
|
1
|
3
| ||
|
|
When I run this search -
source="*conn.log" | rex field=_raw "\.IP = '(?<connectionIp>[^']+)" | fields host, conne...
by
Mick
Splunk Employee
in
Splunk Search
02-05-2010
|
4
|
1
| ||
|
|
We are attempting to create a report that compares message traffic for the past two complete weeks.
We have this ...
by
Mick
Splunk Employee
in
Splunk Search
02-04-2010
|
0
|
2
| ||
|
|
Any recommended best practices for managing eventtypes and their corresponding tags?
I've found the Splunk Common ...
by
Yancy
Path Finder
in
Splunk Search
02-02-2010
|
0
|
2
| ||
|
|
What is wrong with this regex?
(?P<AUTH_PIN_TYPE>[^ ]+)( [^ ]+){2}$
The interactive field extractor gives this...
by
dinh
Path Finder
in
Splunk Search
01-30-2010
|
0
|
5
|
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Get Expert Help at Community Office Hours
Join the #search-help Slack channel
Become An Expert
Top Labels
-
administration
3 -
alert action
3 -
alert condition
2 -
Analytics Workspace
2 -
authentication
1 -
chart
939 -
Classic dashboard
1 -
configuration
2 -
correlation search
1 -
count
994 -
Dashboard Studio
3 -
data
3 -
data model
1 -
development
6 -
distributed search
1 -
drilldown
1 -
email
1 -
eval
2,576 -
field extraction
1,988 -
fields
2,030 -
host
1 -
index
4 -
indexer
2 -
inputs.conf
1 -
intermediate forwarder
1 -
introduction
5 -
join
1,044 -
JSON
2 -
Linux
2 -
login
1 -
lookup
1,528 -
metadata
301 -
monitoring console
2 -
other
51 -
panel
2 -
PDF
1 -
Python
1 -
regex
1,482 -
report acceleration
2 -
rex
1,236 -
SAML
1 -
saved search
5 -
scheduled search
4 -
scripted input
1 -
search
1 -
search head
3 -
search job inspector
666 -
search peer
1 -
source
1 -
sourcetype
4 -
splunk-assist
1 -
splunkd
1 -
stats
3,509 -
subsearch
1,697 -
summary indexing
4 -
table
1,725 -
time
1 -
timechart
1,145 -
transaction
447 -
transforms.conf
1 -
troubleshooting
8 -
tstats
558 -
universal forwarder
5 -
using Splunk Cloud
2 -
using Splunk Enterprise
13 -
Windows
3
- « Previous
- Next »
Get Updates on the Splunk Community!
Splunk at Cisco Live 2025: Learning, Innovation, and a Little Bit of Mr. Brightside
Pack your bags (and maybe your dancing shoes)—Cisco Live is heading to San Diego, June 8–12, 2025, and Splunk ...
Splunk App Dev Community Updates – What’s New and What’s Next
Welcome to your go-to roundup of everything happening in the Splunk App Dev Community! Whether you're building ...
The Latest Cisco Integrations With Splunk Platform!
Join us for an exciting tech talk where we’ll explore the latest integrations in Cisco + Splunk! We’ve ...
