Splunk Search

Community Activity

Why is the regex in inputs.conf not working for monitoring my log files? Hi I have the following file in multiple sub directories. I am trying to pick them up but the below is not working ... by robertlynch2020 Influencer in Splunk Search 04-07-2017 0 13	0	13
How to generate a search that will filter data from a CSV file? hi guys I'm new to Splunk I have two csv files: A and B A has name, ages, height, weight B is the limitation factor... by laudai Path Finder in Splunk Search 04-07-2017 0 2	0	2
How do i create this kind of relationship of two indexes For example ID field1. ID field2 1 A. 1 X 2 B. 2. Y 1. E. 1. Z... by DiegoAlba Explorer in Splunk Search 04-07-2017 0 3	0	3
Radial gauge with precise numbers I can obtain a gauge with the needle pointing to the total events with method=GET and the total being the sum of the ... by juanpavergara Engager in Splunk Search 04-07-2017 0 1	0	1
how to know the current retention policy Hi, Is there anyway to know the current retention policy we have in splunk environment for all the indexes ? by kteng2024 Path Finder in Splunk Search 04-07-2017 0 2	0	2
how to separate the value into two different fields using like function For example i have the field , description field like KM - PROD - MSSQL 2008 VA ... by umsundar2015 Path Finder in Splunk Search 04-06-2017 0 10	0	10
How to extract AppId from whole text Extracting AppID(s) from whole text and group by AppId and host txid:944::appId:3::test: txid:944::appId:3::tes2: ... by jw44250 New Member in Splunk Search 04-06-2017 0 4	0	4
Display Matches Between Query and Lookup File Hi, I wonder whether someone may be able to help me please. I'm using the following query to successfully return a l... by IRHM73 Motivator in Splunk Search 04-06-2017 0 3	0	3
Count seconds with no events by host I'm trying to capture the amount of time a particular host is idle. I can do that in a timechart easily enough but I... by jercra Explorer in Splunk Search 04-06-2017 0 4	0	4
More Elegant way to do a Lookup? I am trying to find a better way of doing the following search: <Search_all_proxies> [\|inputlookup list_of_naughty_u... by stakor Path Finder in Splunk Search 04-06-2017 0 8	0	8
Silent hit of limit Dear splunk employees, Can you please implement an improvement to splunk notifications: if any configuration limitat... by iKate Builder in Splunk Search 04-06-2017 3 4	3	4
Finding the host for which the REST thread limit reached Hi, I could see the following warning : " Can't handle request max thread limit for REST HTTP server" Is there any... by kteng2024 Path Finder in Splunk Search 04-06-2017 0 4	0	4
How to use mvfilter to get list of data that contain less and only less than the specific data? Hi all, I have a question related to my other question. https://answers.splunk.com/answers/518074/how-to-get-a-coun... by limalbert Path Finder in Splunk Search 04-06-2017 0 3	0	3
How do I extract the event time? I tried this but didn't work. \| return _time=strftime(_time,"%Y-%m-%d %H:%M:%S") by amccallon New Member in Splunk Search 04-06-2017 0 6	0	6
Comparing variables in a table I want to create a search that runs through a variable that contains many mac addresses that correspond to a specific... by JoshuaJohn Contributor in Splunk Search 04-06-2017 0 6	0	6
How can I include queried text string in a table output? Greetings, I'm search my Linux hosts for when the local firewall starts/stops. So I'm using the query: index= host... by SplunkLunk Path Finder in Splunk Search 04-06-2017 0 3	0	3
How to backup KV Store for specific lookups? We have several Lookups defined and i would like to backup kvstore for specific Lookups (For instance i need to backu... by jayakumar89 Explorer in Splunk Search 04-06-2017 1 3	1	3
Comparing field values(time) with Real Time and display the result Hi, One of the field value in splunk is 12/28/2016 15:13:10, i just wanted to compare with realtime and display the ... by nnimbe Path Finder in Splunk Search 04-06-2017 0 2	0	2
Save value of a field of one event and compare it with all other found events Hello, I have a list of three events, each of them has the same ID in the field ID. One event containing a field tha... by ckunath Communicator in Splunk Search 04-06-2017 0 3	0	3
How to get concurrent transactions for multiple hosts? Hello, I'm having trouble getting concurrent events by host. I can get concurrent key transactions for a single hos... by drmed Explorer in Splunk Search 04-06-2017 0 4	0	4
not getting expected results from using multiple sourcetypes Hi, I am reposting this question because when I posted first time i didnt use the code button (101 010). sorry for... by Laya123 Communicator in Splunk Search 04-06-2017 0 7	0	7
Searching issues in comparing data Hi Splunker beginner here. I'm having an issue in forming the search syntax for comparing the biggest amount of clie... by user290317 Explorer in Splunk Search 04-06-2017 0 3	0	3
Search on data model object, weird behavior Hi guys, i'm fairly new to Splunk and have a problem regarding searches on data models. So what i did is, i created ... by MemoreX42 Explorer in Splunk Search 04-06-2017 3 2	3	2
extract selected data from given field I've error messages in the filed name "ErrorMessage"; i want to extract only error code using regex expression. Pls s... by x05311 Explorer in Splunk Search 04-05-2017 0 1	0	1
How to use rex to extract only the date field? hi everyone my log is: 2017-03-07T14:21:17.061-0600,,0,,,,,1,0,0,0, 1753-01-01 00:00:00.0000000,0,1753-01-01 00... by fertlaloc New Member in Splunk Search 04-05-2017 0 1	0	1