Splunk Search

Community Activity

How to write the regex to extract added, removed, and changed files/directories and list them? How can i extract the added, removed, and changed file/directory and list them to a field respectively using regular ... by gantonio New Member in Splunk Search 06-02-2016 0 1	0	1
rex extraction for field value with space hi, would someone be so kind and help me to build a rex expression? i want to extract all "Audit ID" from this sample... by nikkkc Path Finder in Splunk Search 06-02-2016 0 6	0	6
Get hour count average over days I got data of each transaction with a customer_id in it If I want to know the daily average of count per hour, what ... by alextanght Engager in Splunk Search 06-02-2016 2 3	2	3
Is it possible to have a KV Store time-based lookup? Hi, I have a kvstore defined based on a collection collections.conf [app2] transforms.conf [business_id2] colle... by TiagoMatos Path Finder in Splunk Search 06-02-2016 1 2	1	2
How to extract fields from multiple file source names? Hi everybody, I'm trying to extract fields from multiple source names. It worked for one filename, but I have a lot ... by sfatnass Contributor in Splunk Search 06-02-2016 0 7	0	7
How do I only extract one instance of a certain field that appears in multiple logs of different formats? If I have log files with multiple logs in them of different formats, and I only want to receive one instance of the L... by akhilchhugani New Member in Splunk Search 06-01-2016 0 1	0	1
unable to see all the events in visualisation Hi We are running this search [host=uswebserver12 \|timechart span=5m avg(PercentProcessorTime) as CPU_Usage] and ge... by roopeshetty Path Finder in Splunk Search 06-01-2016 0 7	0	7
How to a DNS lookup on the top 20 IP results returned from a search? Hi All, I have a search that gives me the top 20 IP's visiting my website. I also, have a working dnslookup versi... by bkosick Engager in Splunk Search 06-01-2016 0 2	0	2
How to edit my search to pair values using "stats values()"? Hello, I'm trying to pair values using stats values(), and I'm having some trouble. I'm searching for blocked users... by janderson19 Path Finder in Splunk Search 06-01-2016 0 3	0	3
How to edit my search to find late projects (where the due date is yesterday or earlier)? Hello! I'm trying to do a search for our projects (we use Microsoft Project Online and have Splunk pull the data fro... by dzenn Explorer in Splunk Search 06-01-2016 0 2	0	2
Searching the fish bucket Indexing server.log and boot.log files using the following stanzas for both: [monitor:///opt/directory/logs/servernam... by mvangamf New Member in Splunk Search 06-01-2016 0 2	0	2
renaming field names from string+number to only the number Hi all. I have a dataset with fields like: Field_1 Field_2 Field_3 Field_4 Field_5 Name Address I need to remove t... by changux Builder in Splunk Search 06-01-2016 0 16	0	16
How do I extract these lines from my sample multiline event without patterns into a single field? Hi, I'm trying to extract some lines from a multiline event, for example: 2016-05-17T19:40:37,022 INFO [00000033] ... by gutter New Member in Splunk Search 06-01-2016 0 2	0	2
Find a time average? I am trying to determine the mean or average time when a event occurs. I would like to find an average of the last c... by omgwut56k Path Finder in Splunk Search 06-01-2016 0 10	0	10
How can I set a specific drilldown on a line chart based on the value of a field? My issue is that I have a line chart that shows the CPU usage from both linux and windows servers. If the user click... by dandaily Explorer in Splunk Search 06-01-2016 0 4	0	4
How to return results from Search1 which are not present in Search2? I have two searches that will return common fields Event & UUID. I have to get the results from the first search whic... by cvreddy New Member in Splunk Search 06-01-2016 0 2	0	2
How to edit my search to check for a valid order of events against a lookup? Hi there, i have a series of events wich contain time and location information and want to check if they are in a v... by swe Path Finder in Splunk Search 06-01-2016 0 2	0	2
How to search the sum of bytes by IP? I am trying to find the total bytes usage by user/ip - I have in the index the various clientip and the bytes usage... by arkonner Path Finder in Splunk Search 06-01-2016 0 1	0	1
Extract field from a complex multi-lines event from log file Hi pros, I am new with Splunk and trying to analyze a complex log file from a financial application. I want to figure... by langlv Engager in Splunk Search 05-31-2016 0 3	0	3
How to match two values from a lookup table and a search I have a lookup table with a list of usernames that have logged in to a website last year in 2015, and I'm trying to ... by WyldeRhoads Engager in Splunk Search 05-31-2016 0 7	0	7
Consolidated search solution across AWS and an internal data center We are in the process of extending our solution out into AWS from an internal data center, and want to index all logs... by mellocello2003 New Member in Splunk Search 05-31-2016 0 1	0	1
single value chart (as a progress bar) Using the example search: testId=1 \| stats count(sessionIDs) that returns a single value, I'd like to present it i... by ra01 Path Finder in Splunk Search 05-31-2016 0 2	0	2
How to edit my search to detect a significant change in events frequency over a sliding window? Based on an event log we would like to find event type which frequency changed by 50% or more over a 5 min window. U... by pm771 Communicator in Splunk Search 05-31-2016 0 2	0	2
getting all the value's of the culum in a table in a variable Hi i'm trying to to make a custom dashboard. This is wat i got so far. The dashboard is in html it is an image of the... by yonick Engager in Splunk Search 05-31-2016 0 2	0	2
how to get Transactions per second based on average values for each instance How to get Transactions per second from the following table(table 1). I also have a table which gets me the per secon... by jkalra Explorer in Splunk Search 05-31-2016 0 11	0	11