All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

error on drilldown for "max concurrent searches" check

mikelanghorst
Motivator
‎09-13-2011 01:36 PM

When I click the drilldown for the max concurrent searches I get the following error page:

SearchException: Error in 'eval' command: The expression is malformed. An unexpected character is reached at '[ search earliest=1 index=_internal sourcetype="splunkd" log_level="INFO" component="loader" detected | rex "(?i)Detected (?P[^ ]+)" | rename cores as search | fields - _* | stats first(search) as search by splunk_server | stats sum(search) as search ]'.

0 Karma
Reply

hartfoml
Motivator
‎09-23-2011 11:00 AM

Try this search

index=_internal sourcetype="splunkd" log_level="INFO" component="Metrics" group="search_concurrency" "system total"| timechart span=1m sum(active_hist_searches) sum(active_realtime_searches)

make it a line graph to see how your doing over time

0 Karma
Reply

bbingham
Builder
‎09-13-2011 02:30 PM

Since the copied text is a subsearch, can you check and see if the full search is listed on the jobs page? If it's not, can you post the full search from the audit.log ([$SPLUNK_HOME]/var/log/splunk/)

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey
Get Updates on the Splunk Community!

Tech Talk Recap | Mastering Threat Hunting

Mastering Threat HuntingDive into the world of threat hunting, exploring the key differences between ...

Observability for AI Applications: Troubleshooting Latency

If you’re working with proprietary company data, you’re probably going to have a locally hosted LLM or many ...

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

In the age of AI, every tool promises to make our lives easier. From summarizing content to writing code, ...