Splunk Search

Community Activity

Unable to find Dynatrace headers in Splunk I have Dynatrace monitoring all of the instances of my application. I send Loadrunner requests which append a Dynatra... by zkn9ce6 New Member in Splunk Search 07-18-2016 0 1	0	1
how can i modify multivalued field? hi, how can i change the content of multivalued field using regex. i have a multivalued field and i try to modify th... by sfatnass Contributor in Splunk Search 07-18-2016 0 2	0	2
csv files can't ignore headers Dear all, Actually working on csv files on Splunk (v6.2.3), i have such troubles to index them correctly, contains... by mmekroud Explorer in Splunk Search 07-18-2016 0 2	0	2
How do I search who is exporting aggregate data from my log files? I am fairly new to Splunk and hoping someone could help with this. I have Index log files loaded onto Splunk, so to b... by ATMO1 New Member in Splunk Search 07-18-2016 0 11	0	11
Find and filter out entries from log I want to process log file which contains numeric entries like eg 232231XX 232313XX 332133XX 411111XX 522222XX 734... by tp92222 Explorer in Splunk Search 07-18-2016 0 6	0	6
Can you split a multi [n] value json attribute in to seperate rows? I have the following json {"timestamp":"2016-07-14T10:26+01:00","venture":"abc","totalRooms":3,"rooms":[{"key":"ROOM... by nickhuge New Member in Splunk Search 07-18-2016 0 3	0	3
convert timerange to epoch values Hello! I want to use my timerange as a filter in a search on a dashboard, like this: ..... \| where mydate < $tim... by 0range Communicator in Splunk Search 07-18-2016 1 6	1	6
inner search for multiple results I have this type of events: event1 activity1 data1 date1 event2 activity1 data2 date2 event3 activity1 data3 date3 ... by marcus_doron New Member in Splunk Search 07-18-2016 0 5	0	5
Retaining Colors in PDF report Hi, We have a dashboard with couple of charts. The dashboard is developed using simple XML. We have set colors for t... by strive Influencer in Splunk Search 07-17-2016 4 1	4	1
Splunk for Exchange: Not indexing message tracking logs Splunk for Exchange v2.1.0 on Splunk v5.0.2 main search head and indexers. Running splunk universal forwarder v5.0.2... by SheridanCollege Explorer in Splunk Search 07-17-2016 0 2	0	2
Are wildcards with tstats on accelerated data models not possible? I'm running a search that is something like this: \| tstats values from datamodel=foo When the datamodel is not acc... by Goophy Explorer in Splunk Search 07-17-2016 1 13	1	13
How to display mean of last 30 days count by time from Midnight to next midnight over chart I need to display mean of last 30 days request received count over a chart at the interval of 5 minutes. Chart X-axis... by ID_SplunkUser Path Finder in Splunk Search 07-17-2016 0 2	0	2
Find the second lowest. I am trying to add a new field to my data that lists the second lowest number in a data set. So if I have New York... by DaniR86 Engager in Splunk Search 07-17-2016 0 3	0	3
Report for number of incidents closed per day Hi Eveyrone, How can I generate a report showing me number of incidents closed per day. by rashid47010 Communicator in Splunk Search 07-17-2016 0 3	0	3
How to append a field and it's value from lookup csv to a main search I have a search, main and subsearch. The subsearch uses a lookup table (a csv file). The csv file has 4 columns, co... by wtaylor149 Explorer in Splunk Search 07-16-2016 0 6	0	6
PAN data in indexes. How to tackle them to avoid non-compliance? We have Splunk system collecting data from various sources (network, OS, application logs etc). Unfortunately, some o... by koshyk Super Champion in Splunk Search 07-15-2016 0 4	0	4
Streamstats for multiple columns The following table is representing positions in uPos for different columns. Each number in a c_ column is representi... by mbschriek Explorer in Splunk Search 07-15-2016 0 2	0	2
List for a particuar field I am new to Splunk so any help would appreciated I have a table Host Software installed/Uninstalled 1 ... by taskall78 New Member in Splunk Search 07-15-2016 0 1	0	1
How to extract a text from a field Hi All I have a field which has urls in this pattern GET /echo/index?page=content&id=PRO19579&viewlocale=es_ES HTTP... by nirmalya2006 Path Finder in Splunk Search 07-15-2016 0 1	0	1
How to format an alert inline table to control what fields are displayed? I am testing an alert which sends out an email when members are added to an Active Directory group. It works fine, b... by bbeavise2g Explorer in Splunk Search 07-15-2016 0 8	0	8
How can I track time that a user is using VPN access outside the country? I have a need to track VPN access outside the country. I have an alert that triggers when someone accesses the VPN f... by digital_alchemy Path Finder in Splunk Search 07-15-2016 0 3	0	3
keping only most recent events for a fixed field Hello, I loaded vulnerability scans results into splunk and I am trying to visualize information consistently. The p... by wsw70 Communicator in Splunk Search 07-15-2016 0 5	0	5
How to normalize and display data using sparklines? So I'm planning to normalize latency data for a network. Search: index=_* OR index=* sourcetype="defaut log"\| rena... by rm4149 New Member in Splunk Search 07-15-2016 0 1	0	1
How to convert this string to a numeric value? I've created a new field, however, it's appearing as a string instead of a value. I've used the regular expression to... by abutler1 New Member in Splunk Search 07-15-2016 0 4	0	4
Using lookup values as input for query Hi all, so I built this query search index=sey_ips src_ip=10.0.0.1 dest_ip=10.0.0.2 \| eval time = _time \| sort - ... by pinVie Path Finder in Splunk Search 07-15-2016 1 4	1	4