Knowledge Management

Community Activity

Summary Index Producing Doubled Results I've recently created a saved search to store items into a summary index. It's scheduled to run every 5 minutes and ... by jchensor Communicator in Knowledge Management 06-10-2013 0 12	0	12
If a file is ignored due to IgnoreOlderThan, is there any way to configure Splunk to read it if I need it later? If I specify a value for ignoreOlderThan for an input in my inputs.conf and tailingprocessor thinks the file is older... by Flynt Splunk Employee in Knowledge Management 05-31-2013 1 2	1	2
Configure Splunk to collect data around a spesific occurrence Hi, Is it possible to configure Splunk so that if an error trace occurs, it will start collecting info traces around... by avitallange Explorer in Knowledge Management 05-30-2013 0 4	0	4
summary stats functions call back changed in 5.0.* Before Splunk 5.0.0 , when I had results summarized with stats or timechart, the name of the function was converted u... by yannK Splunk Employee in Knowledge Management 05-24-2013 1 1	1	1
Permanent tag We will regularly move machines between environments (DEV/QA/PRD). We are currently using tags to assign a machine to... by timrcase Explorer in Knowledge Management 05-21-2013 0 4	0	4
What is the best way to check the sourcetype? If I have a file I wish splunk to consume what is the best way to identify it's sourcetype or closest match? Is data... by nathanlhopkins Path Finder in Knowledge Management 05-20-2013 0 5	0	5
Running collect queries takes long time to move from stash to index Hi We have a set of queries which are used to populate certain summary indexes. When we manually run the queries at ... by keerthana_k Communicator in Knowledge Management 05-15-2013 0 3	0	3
moving a summary index Hi, One of my customers has a summary index running on a POC that they want to move into my production system. The s... by a212830 Champion in Knowledge Management 05-14-2013 0 3	0	3
Using report-acceleartion/summary-indexing for searches on extracted KPIs Hi there! I am trying to extract certain values (KPIs) into a separated 'area' (now trying a summary index) to be ab... by bjoernjensen Contributor in Knowledge Management 05-12-2013 0 2	0	2
uberAgent to collect desktop activity Hi, I have installed splunk server for windows in my machine successfully, i wanted to run uberAgent to capture deskt... by sowmy New Member in Knowledge Management 05-07-2013 0 13	0	13
Is there a way to find out how each of the search commands work? Is there a way finding how each of the search commands works? I mean to see the code? For example, can I know how th... by fengl2 Explorer in Knowledge Management 04-27-2013 1 2	1	2
Apps for Auto Assign of Event Type Hi, I would like to ask if there is a splunk apps which can help you to auto assign splunk event type? Thanks in Adva... by Kai191 New Member in Knowledge Management 04-22-2013 0 1	0	1
eventtype definition in a search So I have a search that is searching for IP address information from 4 eventtypes. I am now trying to label these ev... by tmarlette Motivator in Knowledge Management 04-17-2013 0 3	0	3
Created search with tags but does not work for other users I have created several tags (on source), and use them in searches. The saved searches does not work for other users.... by vincenty Explorer in Knowledge Management 04-16-2013 1 2	1	2
info_search_time vs search_now? What is the difference between the info_search_time vs search_now fields in my summary data? by the_wolverine Champion in Knowledge Management 04-11-2013 0 1	0	1
version controlling my search definitions? I am trying to find where my search definitions are kept and if there is way that i can put them in version control (... by matt_arguin Explorer in Knowledge Management 04-09-2013 0 6	0	6
Macro with eval-based definition submacro to set earliest and latest Hello, i need a macro that acceppts a day and converts that into a format to it can be used in earliest and latest i... by JensT Communicator in Knowledge Management 03-27-2013 0 4	0	4
fileds command used in summary index not showin correct data ? Hi.. i have a main search which is given the count of id 's and writin to a summary index -summary my summary index... by rakesh_498115 Motivator in Knowledge Management 03-25-2013 0 3	0	3
Debugging a search ran from python script Hi! I have a complex search that uses macro, when running it in splunkweb it works fine, but when running it from th... by guilhem Contributor in Knowledge Management 03-25-2013 0 5	0	5
Transaction and summary indexing, average duration Hello everyone! I am currently trying to use summary indexing using the si- commands. It is working well for "simple... by guilhem Contributor in Knowledge Management 03-25-2013 0 4	0	4
Using tags to search other fields I'm trying to find a way to use tags to be used in search as such that the tag entries are cross-matched to the searc... by mcm10285 Communicator in Knowledge Management 03-22-2013 0 3	0	3
How to limit the import of logs on a windows tray with a specification of inputs to recover ? Hello, I am a new user Splunk. I recovered the logs security events log of Windows (the audit access to objects). Is ... by jcollin New Member in Knowledge Management 03-21-2013 0 2	0	2
Is there anything wrong with my saved Search? I have identified a saved search located in savedsearches.conf, the main search in macros.conf works fine and outputs... by Dark_Ichigo Builder in Knowledge Management 03-20-2013 0 2	0	2
How to determine the data volume associated to a group of hosts? I have data comming into the corporate indexers from several business units (BU). Given a list of hosts owned by eac... by olopez77 Explorer in Knowledge Management 03-20-2013 0 2	0	2
Splunk on a read only file system All, We have an application server which has a vendor requirement to operate in read only. We can install taking in... by daniel333 Builder in Knowledge Management 03-19-2013 0 1	0	1