Splunk Search

Community Activity

Speeding up searches that use wildcards. Hey, I'm trying to speed up my search and reduce its load. I'm searching through our Event Logs for Admin activity... by GenericSplunkUs Path Finder in Splunk Search 07-13-2017 0 5	0	5
Fillnull until specific time? Is there a way to get fillnull to work over all entries up until a certain time? Right now, I'm evaluating a field ... by cmzhu Explorer in Splunk Search 07-13-2017 0 6	0	6
why I'm getting 404 page errors for apps in the splunk search head. I installed some apps but they are all keep saying 404 page errors how can I resolve this permanently. Please help me... by skuma30 New Member in Splunk Search 07-13-2017 0 1	0	1
how to set the values for the concurrent search job limit for a role Can i please know how to calculate the values for " user-level concurrent search job limit" ,"user level concurrent ... by vadlamudi Explorer in Splunk Search 07-13-2017 0 2	0	2
How to search Windows DNS logs for FQDN? Splunk has our Windows DNS lookups as image(7)site(3)com. How do I search for image.site.com? by CarolinasFan New Member in Splunk Search 07-13-2017 0 6	0	6
Are there any problems with renaming a SplunkBase App? I've seen a few answers on renaming an app, however I don't want to change the id or folder structure, I just want to... by xm_dreich Explorer in Splunk Search 07-13-2017 1 4	1	4
How to extract the severity value from the events with different formats? For example - I have the below different types of events under same index, all i need from this is the INFO, DEBUG, E... by shanmugavelv New Member in Splunk Search 07-13-2017 0 1	0	1
How to identify a scheduled savedsearch failed or successed? Hi. I used the following query to find out if a savedsearch failed or successed from the schedule: index="_internal... by splunkrocks2014 Communicator in Splunk Search 07-13-2017 0 2	0	2
Count as 1 if two rows have two identical field but in the opposite order Hello! I extract everyday from db a list of events that have the following fields: NODO_A NODO_Z DELTA TIMESTAMP... by ngerosa Path Finder in Splunk Search 07-13-2017 0 4	0	4
Stats Values and Count Hi, I wonder if someone could help me please. I'm trying to 'join' two queries using the 'stats values' for efficien... by IRHM73 Motivator in Splunk Search 07-13-2017 0 5	0	5
Datamodel search permissions The following search : \| tstats summariesonly=t count from datamodel=Network_Traffic Results in no results, even whe... by mmoermans Path Finder in Splunk Search 07-13-2017 0 1	0	1
how can i get from time and to time of my machine value is zero? I have one machine it displays values zero and one . if its value is zero for one hour i want that from time and to ... by ajayabburi508 Path Finder in Splunk Search 07-13-2017 0 1	0	1
I have this dashboard which only displays 10 rows and one page in the result. How do i get it to give me option to go to the next page. FX : Client Log Snapshot <param name="name">user</param><param name="label">Janus Username</param> <param name="defa... by nehal_shah Explorer in Splunk Search 07-13-2017 0 1	0	1
LINE BREAKER REGEX Hello, i need to identify i new line in my log file when line starts with MSG or ERR in order to get the message of e... by patriziadepaola Explorer in Splunk Search 07-13-2017 0 1	0	1
How do you create a transaction with multiple startswith and endswith string pairs? We have data from multiple sources and are capturing the first ten digits of a alphanumeric string as observed in the... by lyonsjm21 Engager in Splunk Search 07-13-2017 0 3	0	3
How to change search query dynamically based on input Hi All, I have 2 queries for each dataservice, Query 1 index=db_connect source = "db2_*.log" earliest=-1d\|dedup T... by sangs8788 Communicator in Splunk Search 07-13-2017 0 7	0	7
How can i use splunk to query windows registry I have a .NET web site that is deployed on windows server(2003,2008,2012). My Application contains 6 MSIs which will ... by manjunath6681 New Member in Splunk Search 07-13-2017 0 5	0	5
How to generate a search that will sort an error according to its frequency? Hi All, I have an unidentified number of devices generating a Buffer error alarm any 125 seconds. To find the error... by dariux New Member in Splunk Search 07-13-2017 0 9	0	9
I have 90 days data and i want to display in column chart. i am getting all the data but x axis label is missing. how to fix it X axis label is missing. if i reduce the no of data i am getting label. how to accommodate all data with x axis label by DataOrg Builder in Splunk Search 07-13-2017 0 11	0	11
Regex: I want to match a string and then extract the next lines until matching another string HI I have the following in all my events: ERROR=40392 "This error ... blah...blah.... ... ... .. ... ... .. ... by edrivera3 Builder in Splunk Search 07-12-2017 1 4	1	4
How to rewrite query to sum both fields based on another field Hi All, Here is a query which returns me DATA size and Index size based on domain. index=db_connect sourcetype=db_m... by sangs8788 Communicator in Splunk Search 07-12-2017 0 4	0	4
How to capture multiple lines using rex command Hi All, I am having difficulties capturing Multiple lines of logs from splunk using rex command. 03:25:17.296: SIP... by sumagarw New Member in Splunk Search 07-12-2017 0 5	0	5
Is there a limitation on search strings lengh used on the search bar in splunk UI. I have a dash-board panel that works for any user but when clicking the loop to open in search, the search query gets... by max_ruas Explorer in Splunk Search 07-12-2017 1 2	1	2
remove orphaned scheduled search in Splunk 6.5.3 hi we have Splunk connected to Active Directory and we cannot add local users so we cannot reassign orphaned searche... by asimagu Builder in Splunk Search 07-12-2017 0 2	0	2
How can I remove a events from a search table Hi Guys, Good Day! Just want to ask on how can I remove YYYYMMDD HH24:MI:SS") event on my search table. Here is my ... by vino06 New Member in Splunk Search 07-12-2017 0 2	0	2