Splunk Search

Community Activity

Splunk has to segregate the Logs when we imported. Hi I need to segregate the logs which we imported splunk. Ex:- I want to extract the logs by using the word error a... by riyaz551 New Member in Splunk Search 07-26-2017 0 4	0	4
How to automatically remove extraneous characters from field value? Splunk is automatically (and correctly) extracting a user field/value in a particular set of logs, I'm looking for a ... by hcannon Path Finder in Splunk Search 07-26-2017 0 4	0	4
Plot the average of a field across all locations and have it as an overlay on a chart with the count of a field across a specific location I am trying to do a timechart on the number of rows on a particular location as shown below. Pivot Query \| search l... by ahallak2016 Explorer in Splunk Search 07-26-2017 0 4	0	4
How to generate a search to find the number of created accounts? Hi, I'm trying to run a search that alerts me when 40 accounts is created within 1 minute. I'm talking about linux u... by wvalente Explorer in Splunk Search 07-26-2017 0 2	0	2
Two index related inquiries I now have two index needs related inquiries, which indexB the B field is a subset of A field of indexA, how do I cha... by kulo Engager in Splunk Search 07-26-2017 0 13	0	13
Joining Two Sources Hi, i was using data from 2 different sources, and joining with join key word, my question is when i want to display... by raghu0463 Explorer in Splunk Search 07-26-2017 0 2	0	2
How to extract fields from json and apply stats to plot a bar graph? I have JSON formatted data in event as below: { "stats": [ {"name":"Facebook", "count":50}, {"name":"yahoo", "count"... by sohaibomar Explorer in Splunk Search 07-26-2017 0 1	0	1
what is best way to modify data before ingesting to Splunk Hi, I am injesting some data to splunk and in my data there is no unique field to sperate different rows. So I am th... by AKG1_old1 Builder in Splunk Search 07-26-2017 0 5	0	5
using lookups to rename field values I have a lookup file severity_lookup with two columns. One having 1,2,3,4 and other having p1,p2,p3,p4. I need to cha... by architkhanna Path Finder in Splunk Search 07-26-2017 1 3	1	3
Event Breaks with FlexLM Licenses not ingesting consistently I'm individually bringing in FlexLM files into Splunk, but alas, some of them are not parsing correctly. Some are fin... by sirkgm14vg Explorer in Splunk Search 07-26-2017 1 5	1	5
Adding 'host' field to a set diff command My set diff query compares the values of one field from two different hosts and outputs a list of the field values th... by leonienicks Engager in Splunk Search 07-26-2017 0 4	0	4
How do i display only events that aren't "backed out"? I have a table of fields with items that are either a Credit or Debit There can be multiples of the same item. Also... by gregbo Communicator in Splunk Search 07-26-2017 0 4	0	4
how do you concatenate the avg(value) for perfmon process coming from two servers Very new to Splunk and need some guidance. I believe there must be a way to index the servers to differentiate them... by misnomerga New Member in Splunk Search 07-26-2017 0 4	0	4
Filter results AFTER transaction function I have data that requires I use "transaction" to form events. I would like to filter the resulting data by a field (... by timmy13 Communicator in Splunk Search 07-26-2017 3 5	3	5
How can I count/sum single values of ONE field Hello together, I am new at Splunk and need help for the following issue. I have the field KitchenStuff with 5 value... by TNRRVN93 New Member in Splunk Search 07-26-2017 0 4	0	4
Extraction using regular expressions I want to extract a character string using a regular expression. I am considering extracting the field (message ID) ... by honobe Explorer in Splunk Search 07-26-2017 0 6	0	6
how to extract date from filename and add it with time from event in the same file We have log files with names like: " my-file-log1.2017-07-25.name.log" The events in the log are like this: 060047.3... by bkumarm Contributor in Splunk Search 07-26-2017 2 5	2	5
Creating a new field from a default field MessageText= [2017-07-25T16:29:01.694+10:00]...XXXXXXXXXXXXXXXXXXXXXXXXXX at com.ofss.fc.app.Interaction.analyzeAndT... by olbinado11 New Member in Splunk Search 07-26-2017 0 5	0	5
How to reverse results of dedup in the same command ? Im having an issue when trying to dedup some values. Here are the logs of servers states im having in Splunk, from th... by welcominh New Member in Splunk Search 07-26-2017 0 2	0	2
Search for events from ip addresses in the file Hello, This seems to be like a very easy thing to do which I can't figure out. I have a csv file with ip addresses. ... by isitnikov Engager in Splunk Search 07-25-2017 0 10	0	10
How to search a lookup csv file for list of matched events and count ? Hi, I have few queries related to lookup in Splunk. My lookup file - list-of-master-ids.csv content of csv file ... by jayakanthprasad New Member in Splunk Search 07-25-2017 0 5	0	5
Performing calculations on multi values to show on timechart Hi All, need some insight and help. I have a MQ like objects, information regarding which is forwarded into splunk a... by nishantmishra21 Engager in Splunk Search 07-25-2017 0 4	0	4
How do I delete a data field from Splunk entirely? I would like to delete a data field entirely from Splunk. Would I use the same way as described below? The data field... by katzr Path Finder in Splunk Search 07-25-2017 0 2	0	2
how to count loglines without corresponding second loglines? I generate logline when starting processing 1 object and another logline when ready. How to find logline1 without a ... by avanaschen New Member in Splunk Search 07-25-2017 0 4	0	4
Display in table each unique value and additional field? Hi all, I am a very new splunk user and would like to conduct produce a table with of each unique ID and the corresp... by splunk_95 Explorer in Splunk Search 07-25-2017 0 5	0	5