| splunk [searches]
  • Categories
    Datamodels Enterprise Security General Splunk Linux Mac Miscellaneous Networking REST Windows ITSI Authentication Deployment Server Database Connect (DBX) Splunk Cloud Security Universal Forwarder Admin
  • Log In

  • Register

Welcome to Splunk Searches!

SplunkSearches.com is a collection of Splunk searches, Splunk SPL tips and tricks, and Splunk search optimization techniques.

Search Tip of the Week

Have you ever wondered how to send the results of one search into another search? By using the map command you can achieve exactly that. Example: sourcetype=syslog sudo | stats count by user host | map search="search index=ad_summary username=$user$ type_logon=ad_last_logon"
Previous Next
Latest Searches:

Indexes Created by Users

Size of KV Store Collections

Universal Forwarders with Expired Certificates

Check for Hosts Hitting Max File Descriptor (max_fd) Limit

Sourcetypes that are Being Truncated

Ingested Comments

Volume of Ingested Comments

License Usage by Sourcetype

Queued Searches

Splunk User Creations, Modifications, Deletions

Most Popular Searches:

List of all ITSI KPI Thresholds by Service

All network traffic

Current license usage

Duplicate Events by Index, Sourcetype

Duplicate Events in Splunk

Detecting Log4J jndi Vulnerabilities (CVE-2021-44228) (Log4Shell)

Historical Splunk Version Installed

Active correlation searches in Enterprise Security

Indexes that current user has access to

Daily license usage for last month

Splunk Searches

is in no way associated with Splunk, Inc. or any of its affiliates.