Splunk Search

Community Activity

How can I generate a report of users and machine usage by machine name? I am looking at a log of users logging into machines. The two fields I am interested in are: Username and Machine nam... by jcftx7 New Member in Splunk Search 08-17-2017 0 1	0	1
Splunk on Raspberry Pi I am attempting a project and the use of Rasberry Pi's seems like the most effective solution right now. However, cri... by ben_clarke96 New Member in Splunk Search 08-17-2017 0 3	0	3
Sum of Unique Values in One Field of a Stats Table Greetings, I'm creating a stats table which shows Logon attempts to different workstations. I have a column that sh... by SplunkLunk Path Finder in Splunk Search 08-17-2017 0 6	0	6
Can I combine two searches and group by _time using a regex filter? Hello, I'm relatively new to Splunk, so please bear with me. What I am trying to accomplish is a time chart using ts... by sdtruesdale Engager in Splunk Search 08-17-2017 0 1	0	1
How can I display these fields from my unstructured data? There is an unstructured log-file and so the field extraction is not working to extract the exceptions that occur in ... by smirti New Member in Splunk Search 08-17-2017 0 1	0	1
Show a timechart of all hosts even if 0 values exist I'm attempting to write a query to show a timechart of the number of results for each host per minute, which is easy ... by Lgo Explorer in Splunk Search 08-17-2017 0 2	0	2
How can I add a Total for the count of events from different index or sourcetypes? I'm searching blocked events from the firewall and Palo Alto logs and would like to add a line to show the Total of t... by digital_alchemy Path Finder in Splunk Search 08-17-2017 1 2	1	2
Is there a way to append fields at the UF ? All, Is there a way for me to append data to an event at the UF level ? Or perhaps at index time ? I want to prepopu... by daniel333 Builder in Splunk Search 08-17-2017 0 1	0	1
How to index a text file in the xml format? /getClientProfileV1Request></SOAP-ENV:Body></SOAP-ENV:Envelope></soap-env:Body>-- HTTP Header values -<tp:headers xsi... by madhanbaskar Explorer in Splunk Search 08-17-2017 0 12	0	12
How can I find the time duration between two fields? Trying to find the time duration between 2 fields Field name : START_TS 2017-08-16 04:07:00.0 Field name : END_TS ... by locose Path Finder in Splunk Search 08-17-2017 2 7	2	7
duplicate in dates for stats when using predict I have this query to predict CPU usage, looking at real data for last 90 days and predicting ahead 60 days. index="l... by mjm295 Path Finder in Splunk Search 08-17-2017 0 7	0	7
Error during index name change for Digital Shadows SearchLight App Hi, I'm trying to modify the name of the index in the Data Inputs for your Digital Shadows SearchLight App. When I ... by markwymer Path Finder in Splunk Search 08-17-2017 0 1	0	1
Restrict access to views based on roles/users I have 100 views and 5 different users/roles. Each user can access 20 views and this is based on prefix of those 20 v... by manjunathmeti Champion in Splunk Search 08-17-2017 0 1	0	1
Evalute results based on like-fields from two different indexes? I have entries in IndexA that I want to find failures for. However, if IndexB has an entry with the same field and is... by jl19 Explorer in Splunk Search 08-16-2017 0 4	0	4
Chart results of a report on a line chart I've looked into Summary Indexing and I'm not sure that's what I'm looking for here. I have a scheduled report that... by GenericSplunkUs Path Finder in Splunk Search 08-16-2017 0 2	0	2
How to retrieve events from the most recent day in which there are events present? I have a small number of events (around 4 or 5) being generated each day Monday through Friday. I would like my searc... by tgittelmacher Engager in Splunk Search 08-16-2017 0 2	0	2
How can I join three fields with a common ID field? Hi, i want to join all three fields with common id field. please help me with search query \| table id servicename ... by sravankaripe Communicator in Splunk Search 08-16-2017 0 1	0	1
Compare Minute by Minute Timechart "Today" vs Summary Index Timechart Average I currently have a timechart running every minute each day to show a given field value as it increases through the da... by bcarr12 Path Finder in Splunk Search 08-16-2017 1 3	1	3
I want to extract information from this field within these specific parameters using a rex command Hi Splunker, I wanted to use a rex command until Splunk can find below parameter in logs: 1) ? 2) sag 3) If both o... by m7787579 New Member in Splunk Search 08-16-2017 0 2	0	2
How can I go through a search for different input values and store the results into summary index? I have the following combinations of name and code: Name Code AAA M BBB C ZZZ K …... by jagadeeshm Contributor in Splunk Search 08-16-2017 0 4	0	4
Need Assistance combining 2 searches from different indexes I am trying to piece together a search that shows all allowed connections that originate from our web proxies and pas... by cburgman Path Finder in Splunk Search 08-16-2017 0 3	0	3
'Encountered the following error while trying to update: Invalid FORMAT: nullQueue' error editing a transform via Splunk Web I've got this simple transform for dropping unwanted logs which works fine. I went to add something to it and got thi... by wrangler2x Motivator in Splunk Search 08-16-2017 0 1	0	1
How do you setup a pie chart for success / failures? Query details: index=my_app processcreditcheck tmLogging (failure OR success) Result needed: ][1] by sunnyt New Member in Splunk Search 08-16-2017 0 1	0	1
how to tweak streamstats function to get sum of differences from hand picked events rather than regular streamstats functions ? Streamstats can produce sum of differences like (fieldB- fieldA)+ (fieldC-fieldB)+(fieldD - fieldC) = a total of 30... by nittalasub Explorer in Splunk Search 08-16-2017 0 2	0	2
Apache Web Server Load Balance Monitoring I have multiple web servers behind a load balancer. I am looking for a search query that can provide me a traffic dis... by kamaldsh New Member in Splunk Search 08-16-2017 0 1	0	1