Splunk Search

Community Activity

What are manifest files used for in Splunk home directory? splunk-6.1.4-233537-darwin-64-manifest These files only list out the directory of Splunk. When upgrading from versio... by ben_leung Builder in Splunk Search 10-04-2016 0 3	0	3
Search Advanced Nested query many line Hello, I have lot of line with expression like this : code=1 executionTime=n ident=XXX and lot of line with expre... by mclane1 Path Finder in Splunk Search 10-03-2016 0 5	0	5
Is there a way to list all the available REST endpoints via search query ? When I search for : \| rest /services/server it lists below endpoints available for server: https://127.0.0.1:8089... by splunker12er Motivator in Splunk Search 10-03-2016 1 4	1	4
Why does Splunk auto fillnull my timechart? Did this change occur recently? Why would timechart auto fillnull my field in a timechart? Example: index=main \| ti... by the_wolverine Champion in Splunk Search 10-03-2016 0 7	0	7
How to include additional field from inputlookup in results? Currently i am populating my summary index with a list of malware listed ips with index=blah OR index=blah2 OR index... by sonicZ Contributor in Splunk Search 10-03-2016 2 5	2	5
stats count by date earliest=10/1/2016:00:00:00 latest=10/2/2016:23:59:59 sourcetype=iis \| stats count by date date count 2016-10-01 ... by nk-1 Path Finder in Splunk Search 10-03-2016 1 4	1	4
How to create a table when my logs have the same field names but different values? I have the following separate event logs in Splunk: "10/3/2016 11:30:24 AM","42646.7711166204","mail-server-01","mai... by balleste Engager in Splunk Search 10-03-2016 0 3	0	3
How to use the timechart command to find percentage differences between months by severity? I am trying to run a report that runs percentages differences from month to month for each of the severities. I have ... by cbrownlee New Member in Splunk Search 10-03-2016 0 3	0	3
how to calculate the average of my search result for past 7 days. Also how can i make my result to display in timechart for 7 days? I have a search as follows field_id="X" \| eval b=len(_raw) \| stats sum(b) as b \| eval mb=round(b/1024/1024,2) \| eva... by pavanae Builder in Splunk Search 10-03-2016 1 4	1	4
DoD CAC enable for Splunk Web Splunk Support, As a DoD entity we are required to have Web applications, including Splunk, to be DoD CAC enabled fo... by gjackson3 Engager in Splunk Search 10-03-2016 3 10	3	10
How would I count by a most recent event value? The value that I need to count can be in multiple events. I just want to count it one time, but it will need to be th... by splunkingjh Engager in Splunk Search 10-03-2016 0 4	0	4
Any way to use _time with a bubble or scatter chart? I need to show changes of a numeric state over time, of multiple series. Several state changes may happen very quickl... by vbumgarner Contributor in Splunk Search 10-03-2016 3 10	3	10
Search and display surrounding context Hi, I am able to perform a search of some logs, but I would like to see the context surrounding a specific event. ... by d3vino Engager in Splunk Search 10-03-2016 4 5	4	5
Why does the subsearch example in the Splunk Search Tutorial seems to repeat itself? I'm stepping through the main Splunk Search Tutorial. I'm at the "subsearch" section: https://docs.splunk.com/Docume... by davidmichaelkar New Member in Splunk Search 10-03-2016 0 2	0	2
inputlook up query I have an xls input lookup, I'm trying to find members in inputlook in my source type. Thanks eg file - with attrib... by msachdeva3 Explorer in Splunk Search 10-03-2016 0 1	0	1
How do I prevent my chart results from being truncated? Hello all, I've seen a few similar discussions, but neither solution works for me - sorry for raising this again. I... by akazarov Path Finder in Splunk Search 10-03-2016 1 3	1	3
Timechart: How to sum up all earlier values? Hi, I want to create a timechart that shows the sum of all ealier values from another timechart. As an example, I ha... by f_d Engager in Splunk Search 10-03-2016 0 2	0	2
How to search for and extract Email IDs with dot trend patterns? I would like to know whether there is any possibility of extracting or getting the Email IDs with dot trend patterns.... by kamaleshwar Explorer in Splunk Search 10-02-2016 0 14	0	14
how to calculate the results of a particular search in terms of MB or GB? I have a search string "xyz" now how can i calculate how much amount of date got generated with that particular searc... by pavanae Builder in Splunk Search 10-02-2016 0 1	0	1
Create search time custom fields It seems that it is best to create fields at search time as opposed to index time.!?!? I need to make a field named s... by brent_weaver Builder in Splunk Search 10-02-2016 0 1	0	1
Port scan search I am searching for a method to take the ip address port records from traffic coming from the internet onto our networ... by landen99 Motivator in Splunk Search 10-02-2016 0 5	0	5
How can I show lookups in the Stacked bar graph ? Hello, I have 6 lookups, I have to show the stacked bar graph of three types a,b,c with showing active and inactive ... by kiran331 Builder in Splunk Search 10-02-2016 0 3	0	3
How to develop a timechart by host with eval command? Hi, I have the below search to find the SLA of my application by host in the specific time span. But I don't know wh... by kualo Explorer in Splunk Search 10-01-2016 0 3	0	3
Need help with Dedup while extracting fields Base String is ----------------- OfferRedeemedRequest [partnerID=1234, partnerName=MCenter, messagePriority=9, userI... by arunsubram Explorer in Splunk Search 10-01-2016 0 1	0	1
Searching "%" with in a search string My logfile contains a rows like - ...........&pic=pic%231.pdf&description=....... ...........&pic=pic.pdf&descriptio... by runiyal Path Finder in Splunk Search 10-01-2016 0 5	0	5