Splunk Search

Start a Conversation

Discussions

Start a Conversation

Thread Info

matching issue with a regex in search

Hello, I'm having an issue with a regex i did. I want to create a new column with my regex where there's 2 values ...

by Communicator in

Search and grep for numbered events

Hi there! I'm looking at this previous question here: [http://splunk-base.splunk.com/answers/2602/can-splunk-fi...

by Builder in

field extractions are not working

my field extractions are not working tranforms.conf file is [tms_iisfields] FIELDS = "date","time","s-ip","cs-met...

by Builder in

lookup not found errors

i have yet to get lookups to work correctly in an app. The file is in the right place /opt/splunk/etc/apps/my...

by Path Finder in

Oracle Audit Trail Field Extraction

I am trying to extract the fields from an Oracle 10g Audit trail. Below is a sample of the raw log : Tue Feb 15 10...

by Contributor in

sed cmd to anonymize data

Hello, I have a source that contains events like these: "MONEY LEFT: 1.000,00" "MONEY LEFT: 000,00" "MONEY LEFT: 3...

by Communicator in

host_regex question for multiple matching fields

I am trying to set my host name equal to part of the file name with a regex (regular expression) and I am a regex nov...

by Explorer in

group values in search

Hello, I have data in the form of a date,server,events triplet. The fields are correctly extracted and assigned. ...

by Communicator in

Index a file once, regex to match first IP address only

I am attempting to Index a file once from my Splunk server. The file contains a copy of syslog data. The lines loo...

by Contributor in

splunk trending...

I'm trying to integrate information from this link http://splunk-base.splunk.com/answers/13482/plotting-trendlines-in...

by Contributor in

How to eval results of two searches?

Using Splunk 4.2.3 build 105575 I have a search which I use to compare the current status of a system (1 hr window...

by Explorer in

Why isnt everyone else seeing log scale on dashboard?

Hello All, I recently deployed a new dashboard to look at response times and the count of the requests. We found that...

by Path Finder in

search command "bucket" time sorting

Hi search command "bucket" time sorting? My search commmand * | bucket time span=1d | eval time=strftime(ti...

by Path Finder in

Splunk CLI Incompatibility with "Table" Search Command?

Hello and thanks in advance for reading this question. I'm currently trying to generate a simple report of unique ...

by Communicator in

giving meaning to numbers

I have a set of data from a friend who is doing some statistical work and he want me to use splunk to give meaning to...

by Communicator in

Any intellisense enhancements / plug-ins?

Hi all - are there any intellisense plug-ins that enhance the existing Splunk search bar? A few examples of enhanceme...

by Explorer in

regex forwarder

I am new to regex - so...... I want to filter out all events that contain the word sendmail My messages look li...

by Contributor in

Convert Splunk default time to human readable format

I have the following saved search which emails result daily to show indexing volume: index=internal host=prodlog toda...

by Communicator in

Inconsistency between Splunk api vs GUI search results.

Inconsistency between Splunk api vs GUI search results. I am using the Rest API. When I use a search language string...

by Explorer in

Using variable in same search

Hi. I am going to set up the same search - for a lot of different hosts.(20) The result of the search is displayed...

by Communicator in

Splunk Search

Discussions

matching issue with a regex in search

Search and grep for numbered events

field extractions are not working

lookup not found errors

Oracle Audit Trail Field Extraction

sed cmd to anonymize data

host_regex question for multiple matching fields

group values in search

Index a file once, regex to match first IP address only

splunk trending...

How to eval results of two searches?

Why isnt everyone else seeing log scale on dashboard?

search command "bucket" time sorting

Splunk CLI Incompatibility with "Table" Search Command?

giving meaning to numbers

Any intellisense enhancements / plug-ins?

regex forwarder

Convert Splunk default time to human readable format

Inconsistency between Splunk api vs GUI search results.

Using variable in same search

Automatic Lookup local=true

Error - In handler 'savedsearch': Expecting differ...

Windows Servers - High CPU usuage of process that ...

ldapfilter does not return all attributes

Observing 30 mins dip in my Splunk Graph