Thread Info | |||||
---|---|---|---|---|---|
Hi - I have a need of running a query to count unique values from a large set of data (>1 million) OVER A 30-Day PERI...
by
clincg
Path Finder
in
Knowledge Management
08-21-2010
|
1
|
6
| |||
Hi
I have some summary-indexed data over the last couple of months. I was wondering if its possible to add anothe...
by
sranga
Path Finder
in
Knowledge Management
08-23-2010
|
0
|
1
| |||
Can I customize the icons displayed when using iconify? I think it would be cool if I could map specific icon to an e...
by
jamesdon
Path Finder
in
Knowledge Management
08-20-2010
|
0
|
1
| |||
I need help figuring out how to store visitor session info into a summary index.
First, what I want to be able to ...
by
stjack99
Explorer
in
Knowledge Management
08-11-2010
|
1
|
1
| |||
You can you backfill to fill in missing pieces, but what happens when splunk or syslog run behind and events run part...
by
bmorgan
Explorer
in
Knowledge Management
08-17-2010
|
2
|
1
| |||
I am trying to configure a GET workflow action that decodes a session Id. The problem is that you have to pass the co...
by
sgtquezada
New Member
in
Knowledge Management
08-17-2010
|
0
|
1
| |||
Hi,
I use summary indexing alot in my custom app. Recently I created a second app and added a summary index. The s...
by
serialmonkey
Path Finder
in
Knowledge Management
08-02-2010
|
1
|
13
| |||
Hi - does anyone know how to remove old summary index data? I have a few summary indexes saved in the system that was...
by
clincg
Path Finder
in
Knowledge Management
08-03-2010
|
4
|
5
| |||
My scheduled search:
[Summary Logins Per Second]
action.summary_index = 1
action.summary_index._name = lgn-stats
c...
by
twinspop
Influencer
in
Knowledge Management
08-02-2010
|
0
|
2
| |||
Why does the Splunk server show up as the only host indexing? We're running 3.x and our free lic is shot because it l...
by
fgsit
New Member
in
Knowledge Management
07-22-2010
|
0
|
2
| |||
I recently update my Ubuntu 64bit system and splunk refuses to start.
sudo apt-get dist-upgrade
uname -a *Linux...
by
Marinus
Communicator
in
Knowledge Management
07-14-2010
|
0
|
1
| |||
I’m building a report that finds the number of unique users in our activity log each day:
sourcetype="accountTrans...
by
cbscribe
Explorer
in
Knowledge Management
06-22-2010
|
1
|
4
| |||
If i do a search within the unix app such as this: tag="access" i get plenty of results. If i perform the same search...
by
Genti
Splunk Employee
in
Knowledge Management
06-17-2010
|
1
|
3
| |||
Hi I have a search which is returning the tags in the display, the tags work as I report on these tags in all of our ...
by
Josh
Path Finder
in
Knowledge Management
06-14-2010
|
2
|
2
| |||
Anyone know if edi_tags was removed? I'm seeing the following warning message in the logs:
AuthorizationManag...
by
Lowell
Super Champion
in
Knowledge Management
06-03-2010
|
0
|
3
| |||
Since upgrading to splunk 4.1, all of my summary indexing saved searches now include following term stuck on the end ...
by
Lowell
Super Champion
in
Knowledge Management
05-14-2010
|
1
|
6
| |||
I am running a script that, simply put, inserts a record into Splunk for each person that is using space on our stora...
by
warden
New Member
in
Knowledge Management
05-28-2010
|
0
|
2
| |||
I've found that if I have a summarizing search using "stats" and I schedule it via the UI and use the "enable summary...
by
gkanapathy
Splunk Employee
in
Knowledge Management
05-28-2010
|
1
|
1
| |||
I've got a summary index query which currently matches only one (1) event in my existing data. I've run the fill_summ...
by
smisplunk
Path Finder
in
Knowledge Management
05-15-2010
|
0
|
3
| |||
I'm writing an app that I know will index loads of data and then do some calculations on changes from day to day. To ...
by
erydberg
Splunk Employee
in
Knowledge Management
05-18-2010
|
2
|
2
| |||
I'm having an issue with my summary index. I have a search which results in 48000+ events. I saved the search and ena...
by
Dan
Splunk Employee
in
Knowledge Management
04-28-2010
|
1
|
1
| |||
I just updated my indexer to 4.1 this morning and found the following in the migration log:
Cannot automatica...
by
muebel
SplunkTrust
in
Knowledge Management
04-19-2010
|
2
|
3
| |||
I have an instance that I've set up to only run summary searches. Essentially, its a search head but no users connect...
by
the_wolverine
Champion
in
Knowledge Management
04-09-2010
|
0
|
1
| |||
A query to count tag=pci entries by eventtype (and happens to be part of the application):
tag=pci | stats count b...
by
Nate_Schmoll
Engager
in
Knowledge Management
02-15-2010
|
4
|
5
| |||
I just installed splunk and indexed a log file with data that is from earlier this year, The summary dashboard shows ...
by
benstraw
Splunk Employee
in
Knowledge Management
01-14-2010
|
1
|
1
|