Splunk Search

Community Activity

Errors increasing on search where "lookup table does not exist" for multiple sources but lookups have status of disabled When running ad-hoc searches, I am getting errors that are increasing. My last search produced "20 errors occurred w... by srunyon New Member in Splunk Search 03-30-2016 0 13	0	13
How to make a sequential lookup? I have created a CSV from Linux's usb.ids (http://www.linux-usb.org/usb.ids ) that has vendor_id,product_id,VendorDes... by Arcite Explorer in Splunk Search 03-30-2016 0 1	0	1
list time when the logs are indexed by Splunk Hey guys, I'm a splunk newbie and I'm trying to list all the time a specific index tries to access the log file. So ... by flzftw Explorer in Splunk Search 03-29-2016 0 2	0	2
How to pass string fields to search commands to use in parameters I am always looking for ways to DRY up my Splunk searches. Here is a pattern I find myself repeating index=<your b... by neiljpeterson Communicator in Splunk Search 03-29-2016 0 1	0	1
Why am I unable to extract all fields from a CSV log in Splunk 6.2.5? I'm trying to extract fields from a basic .csv log with no luck. Here is the file how it looks in Splunk 6.2.5.. ... by dcascione Explorer in Splunk Search 03-29-2016 0 8	0	8
Strptime statement not extracting date/time I've been trying to import the data into splunk and have been unable to get the time/date to work. Included is a scre... by svercelli Path Finder in Splunk Search 03-29-2016 0 14	0	14
why does my custom search command not take quoted string values for args? just checking if this is true.. given a custom command i write with a single argument: ... \| mycommand arg1="this is... by awurster Contributor in Splunk Search 03-29-2016 2 9	2	9
How to split event lines into multiple fields using regex? HI, I am trying to write a regex to split these event lines into multiple fields. Can some one please help me how t... by vamseepotluri New Member in Splunk Search 03-29-2016 0 7	0	7
How do I write a search to compare data by period using my sample data? category area period date count cats A1 20161 15-01-2016 120500 cats A1 20162 ... by anshumandas New Member in Splunk Search 03-29-2016 0 3	0	3
How to create a workflow action that triggers a custom search for a particular event for further analysis? Hi, I am trying to do the following, but haven't been able to figure out how. For a particular event, I want to t... by crypt0 New Member in Splunk Search 03-29-2016 0 3	0	3
Search for number of calls by particular callers Whenever someone calls my rest service, the event gets logged into the logs like so: callerId:1324 How do I create... by sankarms Explorer in Splunk Search 03-29-2016 0 2	0	2
How to use extract kvdelim and pairdelim to parse all key value pairs in my sample data? We have log entries similar to below and while I can write a regex expression to parse out all the kv pairs separated... by reswob4 Builder in Splunk Search 03-29-2016 1 3	1	3
How do I edit my search to return a certain field value in my table of results? Hi, I'm trying to return some results with the AppID that is being searched. My current search does everything I wa... by phspec Explorer in Splunk Search 03-29-2016 0 10	0	10
Is there a way to eval 'job.resultCount' in a postprocess search? We recently upgraded to 6.3 and I have been toying with using eval and search event handlers. In one of my dashboards... by tasqn New Member in Splunk Search 03-29-2016 0 2	0	2
Compare monthly group average against user daily results We have dashboards that show the average of user work for the last month this could be for any of the various departm... by mikev Path Finder in Splunk Search 03-29-2016 0 3	0	3
DB Connect 1.1.7 download location The DB Connect 1 page only has v1.2.2 available for download (indicates to use 1.1.7 for Java 6 but no link); I have ... by sfellin Engager in Splunk Search 03-29-2016 0 1	0	1
Alert for events over a certain amount and over a certain percentage change I am trying to create an alert which will notify me when the percentage change in the delta/difference of events exce... by jwalzerpitt Influencer in Splunk Search 03-29-2016 0 3	0	3
Tranpose Column and Row Headings Hi, I wonder whether someone may be able to help me please. I'm trying to compare the apps set up in my four environ... by IRHM73 Motivator in Splunk Search 03-29-2016 0 6	0	6
how do the stats p* commands work in summary rollups? Hello, I have some data for which I calculate hourly avg/max/stdev into a summary index, then calculate daily summar... by cphair Builder in Splunk Search 03-29-2016 0 2	0	2
totals for a transaction I have a system with customers interacting with a catalogue, stepping through the menus, searching etc. I can chunk ... by David_Hodgson Engager in Splunk Search 03-29-2016 0 6	0	6
splunk search for users logging onto servers Hi, I have deployed splunk to log data of users who are logging onto servers (unix and windows). I want to create a... by chetanchauhan New Member in Splunk Search 03-29-2016 0 5	0	5
Subsearch not returning any results though matches exists. Hi, I am trying to run below query and the scenario is here. This is not returning any results though match exists. C... by sk_subhani New Member in Splunk Search 03-29-2016 0 2	0	2
Subsearch using loadjob not working I try the following search: \| loadjob savedsearch="admin:app1:app1_view1" \| fields hostname This returns "hostname... by jamesvz84 Communicator in Splunk Search 03-29-2016 0 2	0	2
Easy way to convert bits into bytes and kb one of the values in my log is sent and received I believe it's bytes. I would like to display those as Kb and Mb. Us... by jalfrey Communicator in Splunk Search 03-28-2016 1 6	1	6
How to do calculate log time between search result and next row ? Hi All, I am studying splunk recently and need help about some question, thanks. When I want to search one key word a... by blueyuan New Member in Splunk Search 03-28-2016 0 2	0	2