Splunk Search

Community Activity

is it possible to execute some commands in index time i would like to know if it's possible is to execute some commands at index time . i mean commands such as ( mvzip \| ... by ahmedhassanean Explorer in Splunk Search 03-10-2016 0 1	0	1
Alternatives for subsearch needed (10k limit) Hello, I have a powershell Script that runs every day through my Filesystem and logs every Folder with all NTFS perm... by PPape Contributor in Splunk Search 03-10-2016 0 3	0	3
How to retrieve top 20 errors from all application logs All my application logs are 'indexed' as 'customer'_application. The below shows all my Events just fine index = *_a... by edwinmae Path Finder in Splunk Search 03-10-2016 0 5	0	5
Can someone please see my example and help me to combine the two panels using layoutpanel? Here is my current code below - <dashboard> <label>Dashboard Title</label> <description/> <row> <panel> ... by dlespron Path Finder in Splunk Search 03-10-2016 0 1	0	1
How to solve an unexpected behavior of appendcols [subsearch with “by source”] style search? Hi, I’m a new user of Splunk. From multi-site syslog-like data, I would like to get a table, each row is site-name(s... by tac24 New Member in Splunk Search 03-10-2016 0 2	0	2
How to correlate a lookup table with two columns with a query? I have a query that generates a lookup table (IP_and_Username.csv) which has two columns in it: src_ip and Username. ... by splunkfuinator New Member in Splunk Search 03-09-2016 0 2	0	2
Build a table with information from various sourcetype I have two different logsource, ProxyLogs: Contains "ipaddress" and "username" WebLogs: Conatains "IP_address" and w... by dineshp Explorer in Splunk Search 03-09-2016 0 4	0	4
Can I change the values of a specific column, given certain dates and certain values I havea a search that gives me the below: _time A B C D 1 2016-01-01 1 3 5 7 2 20... by HattrickNZ Motivator in Splunk Search 03-09-2016 0 3	0	3
visiting a dashboard + controlling panel/chart heights + XML When you visit a dashboard the panels/chart are all at a predefined size, but you now have the option to make the hei... by HattrickNZ Motivator in Splunk Search 03-09-2016 1 1	1	1
Calculating _internal log volume for a particular host Hello, I'm trying to determine how much traffic gb/mb/kb that a particular forwarder is sending in daily. I'm using t... by dky New Member in Splunk Search 03-09-2016 0 12	0	12
How to alert on a value crossing over a moving average of that value? Is there any way to do this in a single search? I know it can be done by having one search compute the moving averag... by responsys_cm Builder in Splunk Search 03-09-2016 0 4	0	4
How can I create extract the earliest and latest times for current search and create fields for them? I would like to display the original earliest and latest of a search as fields in my table results. My query below. ... by jedatt01 Builder in Splunk Search 03-09-2016 0 2	0	2
Unmatched parentheses error with replace The following search is complaining about an unmatched parenthesis. Since the parentheses are inside of quotes, shoul... by bruceclarke Contributor in Splunk Search 03-09-2016 0 2	0	2
Filtering on UF for Specific Events then Delete the Rest (6.3.2) Hello Splunkers, I've been working on filtering IIS events. What I need to keep is any event that contains auth.owa,... by markschoonover Explorer in Splunk Search 03-09-2016 1 5	1	5
Help with timecharts New to splunk so aplogies if this question is not worded correctly. Trying to generate a view (sparkline?) that compa... by cjohnson_vectra New Member in Splunk Search 03-09-2016 0 5	0	5
Multiple stats counts in string, need to divide one count by 2 This is my string .....\| eval actionSend=if(action="Send", 1, null) \| eval actionRecv=if(action="Receive", 1, null)... by tbrown110 New Member in Splunk Search 03-09-2016 0 3	0	3
Struggling with stacked bar chart to show time spent in different places Hi, We are trying to use Splunk to provide some nice diagrams showing execution time of critical sections in referen... by PanKokos Path Finder in Splunk Search 03-09-2016 0 2	0	2
help with distinct counting in same field Hi, I have a question for sifting through some ssl logs. Let's say you have something like this: "GET /subdomain/su... by hak1 New Member in Splunk Search 03-09-2016 0 6	0	6
Field mapping from number to names Say for instance I am searching for windows event codes and types and I have a list of the event code mapping to the... by michael_lee Path Finder in Splunk Search 03-09-2016 0 1	0	1
Connect Splunk to the Internet to retrieve apps Hello, I'm tying to add more apps to our Splunk Web GUI. Every time I click "Find More Apps" I get an error message ... by jrsanders Path Finder in Splunk Search 03-09-2016 0 8	0	8
How to group results by name Hello all, I have a search with these results compl count(Number) 0 ... by marina_rovira Contributor in Splunk Search 03-09-2016 0 2	0	2
Display phone number value without commas? Trying to display a phone number as a single value but it is getting formatted with commas: xx,xxx,xxx,xxx What jus... by simpkins1958 Contributor in Splunk Search 03-09-2016 0 6	0	6
Count Stats by Two Fields in One Search So I'm running a search that looks like this: (host="zakta01.inno-360.com" AND mwv-landscaping.inno-360.com AND "GET... by henryt1 Path Finder in Splunk Search 03-09-2016 2 14	2	14
How can I use tokens in a stats function? I want to use a dropdown to change the field that the stats command function uses in calcuation. my token is called m... by jedatt01 Builder in Splunk Search 03-09-2016 0 3	0	3
Combine two searches using Eval with Case statement. Combine two searches using Eval with Case statement. by abdimustafa12 New Member in Splunk Search 03-09-2016 0 3	0	3