Splunk Search

Community Activity

How to generate a table that lists all Java exceptions? I want to List all exceptions (java, spring, hibernate, etc) such as sql, unchecked, checkException plus any framewor... by jw44250 New Member in Splunk Search 01-09-2017 0 12	0	12
How to combine a lookup table with a search with multiple entries? I'm trying to combine a lookup table: Team , Player A , Malone , Stockton B , Jordan... by jturner900 Explorer in Splunk Search 01-09-2017 0 1	0	1
Using the 'where' clause as a Custom Alert Trigger condition? I am attempting to set up an Alert which will trigger when average response times for various products over the week ... by alexandermunce Communicator in Splunk Search 01-09-2017 0 15	0	15
How do I search the license usage by sourcetype for a particular app? Hi, I have one app which doesn't have indexes in it. The dashboards under it are running via either source, sourcety... by sunnyparmar Communicator in Splunk Search 01-09-2017 0 3	0	3
Find recursive hierarchy in events without transaction Hello, I have events that contain fields ID and parentID. By using those fields I would like to find all the events w... by szk New Member in Splunk Search 01-09-2017 0 1	0	1
Basic Search with Sourcetype Filter Issue Hi all, I'm not sure whether this is a bug or a 'holiday hangover'! I used props.conf and transform.conf to re-sour... by markwymer Path Finder in Splunk Search 01-09-2017 0 5	0	5
Cannot find remote data using timechart Here is my test environment, I got two VMs, PC1 and PC2, and PC1 works as a server end and PC2 as a client end. I try... by huangyingleo New Member in Splunk Search 01-08-2017 0 13	0	13
Creating a bar chart with multiple fields I am trying to create a bar chart displaying the amount of active users the past 1 hour, 24 hour, and 1 week. How w... by andrwbn Engager in Splunk Search 01-08-2017 0 3	0	3
Comparing performance data from last week to today, using lookup table?? I have a report that returns method Avg(timing) perc90(timing) that I would like to create as a baseline each week. ... by danoconnl Explorer in Splunk Search 01-08-2017 0 4	0	4
Count total number of male or female in given country Gender . About Right . Oveight . underweight country f . 560 ... by jw44250 New Member in Splunk Search 01-08-2017 0 1	0	1
how to get DNS resolution for public source IP ? Hi All, I have written a search which shows which all countries are trying to access our servers from outside. It wo... by seetharamanPr New Member in Splunk Search 01-07-2017 0 3	0	3
Image Overlay with Icons based on value Hello Splunkers. I know that I can have some single values over an image, as follows: (example from Dashboards for S... by guimilare Communicator in Splunk Search 01-07-2017 1 14	1	14
Chart Font -- Increase Font Size I know that the css files can be modified to change the appearance of various Splunk views, but I cannot locate which... by vragosta Path Finder in Splunk Search 01-07-2017 4 1	4	1
Why is the streamstats command not returning all events when used with a "by" clause on a large dataset? I'm using streamstats to pair up events by username so that timestamps, IP's, latitudes, and longitudes can be analyz... by kcnolan13 Communicator in Splunk Search 01-06-2017 2 6	2	6
How to create a visualization for different event structures? Have events that have 10+ variables in each. I want to be able to show correlations for one seed value and 1 to 10+ ... by donaldwayne1975 Path Finder in Splunk Search 01-06-2017 0 1	0	1
Is there a way to add Sparklines within my timechart search? Is there a way to implement sparklines into the following query in the last column here? table Name SystemRole OS Si... by jhayIV Engager in Splunk Search 01-06-2017 0 3	0	3
how to sort rows result in descending order Happy New Year!!! my splunk query --> search command \| timechart sum(quantity) as total span=1week by user limit=5 \|... by mmouse88 Path Finder in Splunk Search 01-06-2017 1 7	1	7
Has anyone ran into Indexer CPU spiking when changes to lookup files occur? I've been troubleshooting an issue for some time now that is proving pretty difficult to resolve. My goal is to chan... by briancronrath Contributor in Splunk Search 01-06-2017 0 1	0	1
How to edit my search to use left "join" against mvexpanded stats values() data? Hi folks, I have log data which looks something like this (essentially, it's a historical log of client events): 20... by chrisfankhauser Explorer in Splunk Search 01-06-2017 0 6	0	6
How can I top results from a search when using list(field) Heres my current search: index=akamai src_ip!=xxx.xx.xx.xx AND src_ip!=xxx.xx.xx.xx \| lookup whitelistip.csv src_ip ... by tkwaller Builder in Splunk Search 01-06-2017 0 6	0	6
External lookup - Splunk UI can't see all binaries in the folder I have two python scripts for external lookup. Both of them use two different binaries under location /home/xxx/bin64... by nquba Explorer in Splunk Search 01-06-2017 2 5	2	5
Why do I receive error "system wide historical concurrent searches quota has been reached"? we have 10 indexers with 16 CPU cores each. Our replication is 4 base_searches=6 and max_searches_per_cpu =1. I am... by ankithreddy777 Contributor in Splunk Search 01-06-2017 0 6	0	6
How can we join two sourcetypes together that have a common field? How can we join fields of two source types, when one field is the same in both source types? by Hema_Nithya Explorer in Splunk Search 01-06-2017 0 8	0	8
How to edit my search so the eval function to work in a timechart? I am looking to find the errorpercentage of ERROR_CODES vs the number of "ACTIVITY="logins" per division (we have 4 o... by mtrochym Observer in Splunk Search 01-06-2017 0 2	0	2
How to extract fields in Splunk Hi , Can anyone let me know how to extract fields in Splunk ? I have one sourcetype file that contains data of Atta... by sanyam New Member in Splunk Search 01-06-2017 0 2	0	2