Oct 15, 2014 · Solved: What is the Splunk equivalent of an SQL IN clause. I want to run a query where some field has a value which is present in a list of values.

Jan 12, 2018 · I am new to splunk and was wondering if anyone has a document they don't mind sharing detailing "example search queries" as a starting point? any help would be appreciated. Thanks.

Jan 13, 2023 · Running 1 query for 1 example will become tedious if I have thousand of examples to go through. It is possible to get some help on creating query that help to run similar logic like the …

Jul 10, 2025 · Hi If you want to search back the last 24 hours then you can just replace the existing "-75m@m" with "-1440m@m", or "-1d" for the last 24 hours from now, or "-1d@m" which is the same …

Hi Splunkers, I need to know how to comment out a single line in an SPL query when working in search and reporting. Could someone please provide an example? Thanks,

Jul 4, 2013 · What is the difference between the NOT operator and the != operator? I have always used NOT up to this point, but am seeing some very strange behavior associated with it today* and != …

Jun 13, 2013 · Our company just started using Splunk, and after experimenting with some basic commands it certainly proves to be a powerful yet simple to use search processor. Since our team is …

Jun 2, 2021 · Solved: Hi Team i want to display the success and failure count for that i have only one field i.e b_failed="false" using this i could get

Apr 17, 2018 · What I am looking for is how to look at multiple sources and destinations in one query. In our enterprise environment, our servers are hosted offsite, and sometimes, I need to check the logs …

Apr 5, 2025 · Hi All, I have created one query and it is working fine in search. I am sharing part of code from dashboard. In first part of call if you see I have hardcoded by earliest and latest time . But i want …