Splunk Search

Community Activity

output transaction events Im using this search for monitoring security events: source="WinEventLog:Security" EventCode=4624 OR EventCode=4634 ... by smudge797 Path Finder in Splunk Search 03-16-2016 0 6	0	6
Average Daily Unique category by Weekday for a period of 1 month I am creating a search that counts the daily unique category from a proxy log. I want to show the average number of ... by deepanram211219 New Member in Splunk Search 03-16-2016 0 3	0	3
Stats Distint Count Hi, I wonder whether someone may be able to help me please. I'm using the query below to extract a piece of data. i... by IRHM73 Motivator in Splunk Search 03-16-2016 0 3	0	3
Why is the configuration not applied immediately when a knowledge object is created? Hi forum, I'm currently fighting with an installation of a Searchhead. When a Knowledge Object is created the config... by schose Builder in Splunk Search 03-16-2016 0 4	0	4
How to write a search using my sample data to find how long a user has been using my application? Hello Everyone, Need help in writing a Splunk search that can help me measure the stats correctly. Please note the ... by splunkuser1982 New Member in Splunk Search 03-16-2016 0 1	0	1
Get result from past query result as a parameter I have two queries which are working fine independently but I want to join those two and get the result in one go. Ca... by prategup1 New Member in Splunk Search 03-16-2016 0 2	0	2
day of the week - average Hello I would like to get the average of a measure depending on the day of the week (monday, tuesday,...) and this ... by loyslegrand Path Finder in Splunk Search 03-16-2016 0 11	0	11
Add shared time picker option for dynamic options on other Dashboard inputs When using Splunk's dashboard editor, shared timepicker is not an available option for dynamic searches on other inpu... by scottclark360 Engager in Splunk Search 03-16-2016 3 2	3	2
Join Ip with a subnet I am trying to search from source A that contains IP and trying to lookup IP location from source B where source B co... by kjiwatrakan Explorer in Splunk Search 03-16-2016 1 8	1	8
Get Source Count value Hi, The following query below returns the output as shown below : Query: index="79390-np" sourcetype=np-cache-v2 s... by amoldesai Explorer in Splunk Search 03-16-2016 0 4	0	4
Regex pattern How do i use the regex pattern to get only 13348864 for memory-free ? forwarder.memory.memory-cached 367001600 1458... by bbhandari012 Explorer in Splunk Search 03-16-2016 0 2	0	2
Eval If Statement Hi, I wonder whether someone may be able to help me please. Although I've been using Splunk for a few months now, I'... by IRHM73 Motivator in Splunk Search 03-16-2016 2 2	2	2
compare the custom dates with the _time Hello, I have ticket data like below ID Open_date Close_date 1 01/01/2016 02/01/2016 2 01/01/2... by praveenkpatidar Explorer in Splunk Search 03-16-2016 0 4	0	4
How to start conditional logging from Universal forwarder on Splunk I have a server of which logs are indexed on splunk. The server is universal forwarder and sends a log file continuou... by ayushchoudhary Path Finder in Splunk Search 03-15-2016 0 2	0	2
Help in query to count the total of the same coloumn ? Hello Experts, How to calculate the count of the events based on the value of a particular field example: ... by vrmandadi Builder in Splunk Search 03-15-2016 0 6	0	6
button token to control search for a panel Hi i have a panel whose search i am trying to control from button which sets a token to true - $memory_chart$ i have... by vinay4444 Explorer in Splunk Search 03-15-2016 0 1	0	1
Can someone provide an example for Geom counts based on client IP? Hi all, I'm trying to generate counts/hits based on client ip and create a map visualization similar to the one fou... by spammenot66 Contributor in Splunk Search 03-15-2016 1 26	1	26
What is the preference order when using the REST API setpriority? This document details how to use the REST API to perform actions on a given sid: http://docs.splunk.com/Documentation... by szelenka New Member in Splunk Search 03-15-2016 0 1	0	1
Eval Question for Table Using the table below I have the following query table Server_Name,Server_TotalPhysicalMemory,Server_Cores,Server_Num... by jhayIV Engager in Splunk Search 03-15-2016 0 1	0	1
Regex - DNS formatting I am attempting to format my DNS data to a standard format. I'm thinking I can use REGEX / SED for the this formattin... by tmarlette Motivator in Splunk Search 03-15-2016 0 2	0	2
how to see 30 days before and 30 days after a date dynamic? how I do it? I want to see 30 days before and 30 days after a date. If I put "03/03/2016," the system will look for 3... by renanprado96 Path Finder in Splunk Search 03-15-2016 0 9	0	9
Tracking known malicious IP ranges We are blocking a list of different known malicious IP ranges on our checkpoint firewalls. We do receive the syslog i... by jshultz Explorer in Splunk Search 03-15-2016 0 3	0	3
Negative substring matching against simple string First, I am completely new to Splunk and the extent of my expertise with the query language is dumb wildcard matching... by nicklbailey New Member in Splunk Search 03-15-2016 0 1	0	1
Obtain difference of a field between 2 searches Hello Splunkers I just started to use splunk and you know how it is to learn something new, you punch the keyboard l... by benjillaz Explorer in Splunk Search 03-15-2016 0 7	0	7
Streamstats strange behaviour Hi I have the following problem. I have a set of events with field called "amount1". In this field I have a number w... by ArsenyKapralov Path Finder in Splunk Search 03-15-2016 1 1	1	1