Day: November 4, 2022

Splunk Search Command Of The Week: dedup

Using the dedup Command

What is the Splunk dedup Command? The Splunk dedup command, short for “deduplication”, is an SPL command that eliminates duplicate values in fields, thereby reducing

Splunk Search Command Of The Week: spath

Using the spath Command

Your dilemma: You have XML or JSON data indexed in Splunk as standard event-type data. Sure, you’d prefer to have brought it in as an

Day: November 4, 2022

Using the dedup Command

Using the spath Command

Quick Links

From the Blog

A Beginner’s Guide to Regular Expressions in Splunk

Using the join Command