Splunk Search

Community Activity

Clean dispatch folder automatically in Splunk 6 Please let me know, if their is provision to clean up dispatch folder ( job already completed) automatically. Can we... by shiny Engager in Splunk Search 09-06-2016 3 4	3	4
grouping search results by hostname We need to group hosts by naming convention in search results so for example hostnames: x80* = env1 y20* = prod L* = ... by smudge797 Path Finder in Splunk Search 09-06-2016 0 8	0	8
Using lookup file to update field value Hi Everyone, My requirement is, using client ip's need to display Country with geomap. Here my concern is my ip's pri... by guruwells Explorer in Splunk Search 09-06-2016 0 1	0	1
Creating a REST endpoint to allow csv lookup files to be uploaded/updated? I would like to create a REST endpoint that will allow me to to automate the uploading and updating of a csv lookup f... by Aaron_Fogarty Path Finder in Splunk Search 09-06-2016 0 26	0	26
Counting how many people are in office at exact time Hello, I am new to Splunk, just finished beginner tutorial and my boss gave me task to count, how many employees ar... by kaukenas New Member in Splunk Search 09-05-2016 0 2	0	2
Set earliest and latest time using a variable Hi! I'm trying to set the earliest and latest for a sub-search using a variable from the main search. The code below... by zamberetta New Member in Splunk Search 09-05-2016 0 1	0	1
Group events that occur continuously and contain a common name I would like to group continuous events that occur in order over time, and have a common name. For example: _time ... by ollie920049 Path Finder in Splunk Search 09-05-2016 0 2	0	2
how we can identify peoples region in Splunk ? Hello Team, We have use case where we need to map/identify people's region in Splunk and create dashboard. Can we ... by nikhilagrawal Path Finder in Splunk Search 09-05-2016 0 6	0	6
How to count events with specified id, if there are three events successively Hello I would like to make a search for a SLA who does the following: (id 700 is ok, 702 is nok) Count number of ev... by tgdvopab Path Finder in Splunk Search 09-05-2016 0 3	0	3
split multi value fields my dear friends, I'm running the below search string that give me the following result: index=qualys IP="" DNS="" cv... by aliroumani Explorer in Splunk Search 09-04-2016 0 2	0	2
Remove duplicate keywords (values) returned from field Hi All, I am splitting a Description field with "space" using Split command and generating list of keywords ( doing ... by pgadhari Builder in Splunk Search 09-04-2016 0 8	0	8
Add a new field at index time and rewrite values from another field Hi All, I am facing an issue with logs from juniper SRX and ES. I am pretty new to splunk, i am hoping the answer wo... by saadmalik83 New Member in Splunk Search 09-04-2016 0 1	0	1
compare results of two searches i have to searches : 1) index=symantec_sep sourcetype="symantec:ep:scan:file" \| dedup dest \|table dest \| sort dest 2... by aliroumani Explorer in Splunk Search 09-03-2016 1 7	1	7
stats count issue, mismatch with search query results Hello, i'm using a query to find all traffic hitting a singe firewall rule. it's something like this: host=fw_host_n... by delalegro Engager in Splunk Search 09-03-2016 0 3	0	3
How to edit my search to chart the count of how many sources were indexed in the last hour? I want to create a scheduled report that would count how many log files we’ve received in last hour. This is what I’v... by shahzadarif Path Finder in Splunk Search 09-03-2016 0 3	0	3
How to find the most matching result? Dear all Splunkers I'm a newbie for splunk and quite frustrated any method can do somekind of compare/find the most ... by CcCcCcCcCc1 New Member in Splunk Search 09-03-2016 0 2	0	2
Change TableElement option in Javascript Hi, I would like to create a "results per page" dropdown in a table I display in a dashboard. First I create a dropd... by MaryvonneMB Path Finder in Splunk Search 09-03-2016 0 1	0	1
Average Count doesn't show? Hi, I have this query earliest=-4d index=wls OR index=main "ServletRequestImpl.java:2768" OR "rest path:/rest spe... by dbcase Motivator in Splunk Search 09-02-2016 0 5	0	5
How to create a time chart on response times for multiple services? I want to display the response time of 2 different transactions (or 2 events). Let's say, first transaction/event is ... by abc_ New Member in Splunk Search 09-02-2016 0 4	0	4
How do I run a search dynamically when specific inputs are received by splunk? Hello fellow splunkers, A few static files are generated within my environment, and when they do they are collected ... by JWBailey Communicator in Splunk Search 09-02-2016 1 2	1	2
Where are the tsidx files generated by tscollect command written to? I can't seem to find information in the documentation as to where I can locate the generated tsidx files from my tsco... by the_wolverine Champion in Splunk Search 09-02-2016 0 7	0	7
Why does searching "index=cisco_ios sourcetype=cisco:ios" return results, but "sourcetype=cisco:ios" does not? Hi I'm not able to search only with sourcetype=cisco:ios, When I do index=cisco_ios sourcetype=cisco:ios, it's worki... by kiran331 Builder in Splunk Search 09-02-2016 0 1	0	1
Simple math and string concatenation Hi I have this dashboard: <form> <label>Prova_selettore_dinamico Clona v1</label> <fieldset submitButton="false"... by andreafebbo Communicator in Splunk Search 09-02-2016 1 12	1	12
fetch between 2000 to 3000 events in query Hi, In splunk query 'head' command is used to get the first 'particular' number of events. I want to get the events ... by pasokkum Path Finder in Splunk Search 09-02-2016 1 4	1	4
Splunk query to list the events without date ? Also it would be great if anyone can lgive a search query to list out the top 10 hosts with those events? Thanks in ... by pavanae Builder in Splunk Search 09-02-2016 0 2	0	2