Splunk Search

Community Activity

How can I make a new column and add values while streaming input and iterating through the results? I am making a python program where I am streaming in data and iterating through the results. I would like to make a n... by annalisefolsen Explorer in Splunk Search 06-24-2016 0 5	0	5
How to change Splunk> Logo after login in 6.3 Hi All, I got requirement to change the splunk> logo on left corner after login, I checked replacing the logo-mrspar... by kpavan Path Finder in Splunk Search 06-24-2016 1 3	1	3
props.conf を編集してフィールド抽出する方法について props.conf のEXTRACTを追加して、フィールドを定義したいのですが、どのように記述すればよいかわかりません。文法書、または、マニュアルなどがありましたら、教えていただきたく。例えば、 EXTRACT-AAA = ^\... by ff89489 New Member in Splunk Search 06-23-2016 0 3	0	3
Splunk dynamic count of lookups in CSV We have the following situation / problem: Some searches having some lookups on CSV files. Now we wont that we never ... by digitalX Explorer in Splunk Search 06-23-2016 0 7	0	7
How to apply this filter condition to my search result? Hi team, I am new to Splunk. Please guide me how to apply a filter condition in which I need to extract only count =... by srohith87 New Member in Splunk Search 06-23-2016 0 4	0	4
Create a new field/column on an event based on another field? I am new to Splunk and I am creating a dashboard with events. I would like to create a new field on the event which w... by hariivendiran Engager in Splunk Search 06-23-2016 0 2	0	2
How to search for errors that contain asterisks (*)? I have what I hope is a simple question. We have response logs from different payers. If they are having system issue... by cj039165 New Member in Splunk Search 06-23-2016 0 3	0	3
How to display iplocation info for all values in the IP address field belonging to a specific category in Splunk? So my search query gives me the IP addresses pertaining to a user field in the following manner: index=abc \| stats v... by umichguy Explorer in Splunk Search 06-23-2016 0 1	0	1
How to execute external script to manipulate file from search command hello, i have a testing python script as: test.py fo=open("c:/test.txt",'w') fo.write("hello") fo.close() a... by sieutruc Contributor in Splunk Search 06-23-2016 1 7	1	7
Keep most recent _time of multiple fields with non-NULL values I have user-generated data that I am trying to splunk to show whether or not an audit or check has been performed in ... by ErikaE Communicator in Splunk Search 06-23-2016 1 4	1	4
Group results by eval syntax Hi, i'm trying to group my results from these eval commands \| stats earliest(_time) as first_login latest(_time) as ... by zsizemore Path Finder in Splunk Search 06-23-2016 1 9	1	9
Help with a join I have a search that does work but takes forever because of the amount indexed by the ASA. I was thinking if it was ... by ccsfdave Builder in Splunk Search 06-23-2016 0 14	0	14
how to loop through data fields and store the result in a different data field? Hi, I am trying to find a solution to the below problem: HASH (Data field name) 001300A5323BF6C1812B686C1C896857D4C... by ashishlal82 Explorer in Splunk Search 06-23-2016 0 9	0	9
how to subtract vaule when making a chart I have a chart that shows total bytes sent on a computer. The chart seems to work, but it's hard to read. Since thi... by chadman Path Finder in Splunk Search 06-23-2016 0 13	0	13
Remove spaces in field values and run stats/timechart with new names I notice Splunk uses the first Word when using stats, so I need to rename the fields to single words or connected wor... by smhsplunk Communicator in Splunk Search 06-23-2016 0 3	0	3
How to search for events based on certain field and its exclusive values between two searches? Say I have two searches on data sets which contain four fields [field1, field2, field3, field4], e.g. [1,20,am,a] [1... by FallMonkey Explorer in Splunk Search 06-23-2016 0 8	0	8
SETUP.XML URL encoding lists values and updates correctly only if slash (/) exists, but fails to update with * or $ I'm using setup.xml for some script:// and monitor:// endpoints. I use %252F for /, %2A for *, %24 for $, and %20 fo... by avilandau Path Finder in Splunk Search 06-23-2016 0 1	0	1
Combine two rows from a search into one? Hello! I'm doing a search for some project information, specifically for a count of projects based on their Importan... by dzenn Explorer in Splunk Search 06-23-2016 1 5	1	5
Extract certain keyword from column There are two lines of info in a column but it appears that there's no whitespace or whatsoever in between those line... by timyong80 Explorer in Splunk Search 06-23-2016 0 1	0	1
Combine fields into new field without NULL From our data we end up with 2 different fields v7serial & v8serial. I want to be able to feed this into a single ser... by arrowecssupport Communicator in Splunk Search 06-23-2016 0 1	0	1
How to transform a table I have this table: _time,id,src,dst 9:00,x,A,B 9:01,x,B,C 9:02,y,C,B 9:03,z,B,C 9:04,y,B,A 9:05,z,C,D I wanna crea... by i111040d New Member in Splunk Search 06-23-2016 0 6	0	6
i want to combine two source types and print the result i have have two sourcetypes say sourcetype1 and sourcetype2 these two source type are in the same index sourcetype1 h... by lavanyaanne Path Finder in Splunk Search 06-23-2016 0 2	0	2
How can I bin over specified time periods in a timechart? Hi, I am trying to create a dashboard showing the amount of events split up in working and non-working hours joined ... by f_hartmann New Member in Splunk Search 06-23-2016 0 5	0	5
Using Lookup Table Hi, I am using a lookup table to populate 3 dropdown menus: Source, Service, and Method, where each selection of the... by alan20854 Path Finder in Splunk Search 06-23-2016 0 5	0	5
How to search Apache access_log data to find bandwidth usage as total number of bytes? I can pull the Apache access_log into Splunk, but I can't figure out now to write a search that will give the total n... by spunkyg Engager in Splunk Search 06-23-2016 0 4	0	4