Knowledge Management

Community Activity

Summary index creation Can you tell me the step by step procedure to create summary Index. That too I am not sure what search query to use t... by Splunk_U Path Finder in Knowledge Management 12-11-2012 0 3	0	3
New version of the Splunk DB Connect (formerly DBX) app is proprietary? Sorry to bother with that question, but dbx wasn't a proprietary app? I'm confused because I requested access to it i... by alvaromoraes Path Finder in Knowledge Management 12-07-2012 0 1	0	1
successful summary search but no data in the summary index An hourly scheduled summary search finishes successfully: 12-05-2012 05:17:27.966 +0000 INFO SavedSplunker - saveds... by paranoid Explorer in Knowledge Management 12-05-2012 0 2	0	2
Cisco Firewall Datacube Summary Index Hello, I could not find much documentation about this so thats why I'm posting here. I wanted to find out more inform... by BP9906 Builder in Knowledge Management 12-05-2012 0 1	0	1
Run summary indexing after a file is loaded I am loading data to Splunk by monitoring a directory. I would like to run a summary indexing search immediately afte... by noambz Explorer in Knowledge Management 12-04-2012 0 1	0	1
how can i get certain no of events in splunk ?? Hi.. I need a splunk query to return specfic no of search results..say not like top 10 ... i need a search results f... by rakesh_498115 Motivator in Knowledge Management 11-30-2012 0 1	0	1
How can I tag Windows system accounts? I want to be able to tag Windows system accounts, but it doesn't seem to be working correctly in 5.0 and 5.0.1, insta... by ja_s New Member in Knowledge Management 11-29-2012 0 6	0	6
HiddenPostProcess limitations I had 5 summary indexes that I was able to compress into one. It turns out my final index takes about 1/4 of the spa... by fk319 Builder in Knowledge Management 11-29-2012 2 5	2	5
Report not displayed using summary index I am able to generate events using summary indexing. In the search app I type in index=_internal search_name="index u... by mike7860 Explorer in Knowledge Management 11-26-2012 0 1	0	1
Summary Index : Results not generated I saved and scheduled a search by the name index usage. I am trying to use summary indexing but cannot get the result... by mike7860 Explorer in Knowledge Management 11-26-2012 0 2	0	2
How do I test whether the summary index is working? I have scheduled a search an saved it in a summary index. How do I test whether the results that I had saved in summa... by mike7860 Explorer in Knowledge Management 11-26-2012 0 2	0	2
How to get a custom search script to work I am trying to get a custom search script to work following the instructions on this page: http://docs.splunk.com/Doc... by brettski Explorer in Knowledge Management 11-14-2012 0 6	0	6
Issue searching againts Summary Index Customer reports issue searching againts Summary Index. They add a summary index as following: index="foo-bar" host=... by dshakespeare_sp Splunk Employee in Knowledge Management 11-12-2012 0 1	0	1
Accelerated report: status = pending? Hi, I've created a couple of accelerated reports and, after building the summary for a while, they're marked as Pend... by alexiri Communicator in Knowledge Management 11-09-2012 4 2	4	2
Splunk 5.0 on the fly reports in excel During the Splunk Conf they showed an spread sheet that had reports and whenever it was opened it would go back and q... by epreston New Member in Knowledge Management 11-08-2012 0 1	0	1
Storing the results of this scheduled daily search in a summary index How to store the results of this scheduled daily search in a summary index so we can make a dashboard with trending c... by mike7860 Explorer in Knowledge Management 11-08-2012 0 1	0	1
What is the difference between peerNameList and searchProviders? What is the difference between peerNameList and searchProviders in the Job Inspector? I only see information on sear... by lspringer Path Finder in Knowledge Management 11-06-2012 0 1	0	1
How can I tell if a file has been recorded correctly by the tailing processor ? I have an Universal Forwarder reading files from a directory, but the Indexer has not received them yet. How can I t... by mzorzi Splunk Employee in Knowledge Management 11-06-2012 2 1	2	1
While calling macro with Argument, "Error in 'SearchParser'" Error is thrown I have Configured Macro with arguments, While calling the macroname with arguments , It is throwing error Error ... by jshanaiah Explorer in Knowledge Management 10-31-2012 0 3	0	3
Using Summary Index for deviation How can I accomplish the following: - Count average number of apache access_common entries span=15m and put it in ... by kunadkat Explorer in Knowledge Management 10-26-2012 0 1	0	1
Search Only Returning One Column Here is the search, putting results in a summary index. sourcetype="SmtpPrevent_operational" dtime=*s \| convert auto... by whod81 Explorer in Knowledge Management 10-23-2012 0 2	0	2
how to specify to log specific logs while installing forwader Can anybody tell me while installing forwarders we get an option of which data to be forwarded to Splunk Server(splun... by surajmishra New Member in Knowledge Management 10-22-2012 0 3	0	3
How to make transaction count correct in Summary Index I mean a situation and cannot figure out how to solve. I have a task to calculate accurate transaction count totals i... by dennisj Engager in Knowledge Management 10-21-2012 1 2	1	2
Issue with Macros Hello I have a very complex search which I want to break into 2 macros. I did create a macro but didn't mention any ... by theouhuios Motivator in Knowledge Management 10-19-2012 0 1	0	1
How can I backfill summary index data from the web? I would like to create a few summary indexes in order to run some searches more quickly -- starting with the search i... by therealdpk Path Finder in Knowledge Management 10-18-2012 0 11	0	11