Splunk Search

Community Activity

	Help grouping results best command to use I'm pretty new to Splunk and trying to wrap my head around how to pull data out of Splunk and display it. I have a s... by ronaldsc New Member in Splunk Search 01-26-2016 0 4	0	4
	How can I create a report giving a number of counts per categories per week ? I am struggling to create a report that would give number of counts per categories per week. Something that could be ... by stenou New Member in Splunk Search 01-26-2016 0 3	0	3
	Accessing fields from specific events in a transaction I have logs which contain a value, time_taken. I want to work out the latency of entire transactions by summing the t... by jpanderson Path Finder in Splunk Search 01-26-2016 0 6	0	6
	Why is my search not pulling all results from a log in JSON format? I need some help writing a search that can do the following things: The log file below needs to be interrogated and ... by janis_berzins Engager in Splunk Search 01-26-2016 0 2	0	2
	How to access Date Partitioned files in HDFS dynamically using virtual index Hi, I have hdfs folders as below. /bla/bla/bla/20160121 /bla/bla/bla/20160122 /bla/bla/bla/20160123 How to acces... by sdaruna Explorer in Splunk Search 01-25-2016 0 1	0	1
	Using eval for a search. Drilldown XML ignores my lookup link and just re-uses the original search query, but with it narrowed down to the cell selection? Sorry for the mouthful in the title. I'm using a drilldown in the XML for a component in a dashboard which worked fi... by spike021 Explorer in Splunk Search 01-25-2016 0 3	0	3
	useage of query result hello , i am new to splunk and i have a bit of a problem with using the results from the query, <condition match=" '... by ronenp New Member in Splunk Search 01-25-2016 0 4	0	4
	Field Extraction question - Capturing GUID I'm still quite new to Splunk so my wording may be a little off. I am running into an issue when trying to create a f... by rewritex Contributor in Splunk Search 01-25-2016 0 2	0	2
	Search for user day 1 retention I'm taking a shot at providing metrics on day 1 retention numbers of users in our system (Create a profile and the ne... by arnol229 Explorer in Splunk Search 01-25-2016 0 4	0	4
	How to create a data model from a subset of all transactions? Hi, I'm using splunk to provide some insights into our caching performance. Across the entire set, I can easily do i... by spotter New Member in Splunk Search 01-25-2016 0 2	0	2
	Finding time between two events. Using transaction I have grouped together events for same users. There are two types of event. 1. Send SMS to user. ... by lakromani Builder in Splunk Search 01-25-2016 0 5	0	5
	Lookups and .csv files A somewhat basic question as I have not done this often. I have many .cvs files I would like to get indexed in Splunk... by tkwaller Builder in Splunk Search 01-25-2016 0 2	0	2
	Using stats to select the earliest record to pipe into the map function I am trying to select the earliest record and then pipe that into the map function to perform an addition search usin... by Kanesol Explorer in Splunk Search 01-25-2016 0 4	0	4
	Add a column to search (stats) Hi there, I have a table with some columns. Splunk should show a new column with a dynamic value. When the value of... by rzpotschien New Member in Splunk Search 01-25-2016 0 1	0	1
	parse json events properly and new line I have json data coming in. Some times few jsons are coming together. ex: json \x00\x00\x00\x00\x00\x00\xA2\x00\x00... by ashoksamal63 New Member in Splunk Search 01-25-2016 0 1	0	1
	Using the transaction command to group events being logged to two indexes, how do I only include events that are found in both indexes? Hi all! I am using the transaction command to group events being logged to two indexes. I have a common identifier. ... by tenorway Path Finder in Splunk Search 01-25-2016 0 3	0	3
	How can I count both events that are tagged and those that aren't? I currently use the following to count the number of names that are tagged as cool: ... tag::cool \| stats dc("Name")... by Phil219 Path Finder in Splunk Search 01-23-2016 0 5	0	5
	How can I display a matched value from a list.csv ? For back ground please check the accepted answer for : Best way to check email logs for recipients that are on a list... by packet_hunter Contributor in Splunk Search 01-22-2016 0 6	0	6
	Chart Values Quesiton Is there a way to chart values(count) by more than two fields by hastrike New Member in Splunk Search 01-22-2016 0 2	0	2
	Remove multiple values from a multi-value field I would like to remove multiple values from a multi-value field. Example: field_multivalue = pink,fluffy,unicorns ... by landen99 Motivator in Splunk Search 01-22-2016 0 1	0	1
	How to search transactions across different hosts with with the same uuid? Hi all, I have a few sources that report a GUID/UUID across different hosts. (basically load balancers, intermediat... by kritho Explorer in Splunk Search 01-22-2016 0 4	0	4
	How to get count totals in the same query with \|stats list (subject) as subj list(recipient) as recp..... ???? Scenario: search email logs for all the recipients of a an email with a specific subject and get a total of number ... by packet_hunter Contributor in Splunk Search 01-22-2016 0 15	0	15
	multi field grouping Hi Team, we have a query to get response times from our logs and then do a range to group the Response Time index=*... by hindla New Member in Splunk Search 01-22-2016 0 1	0	1
	How to combine data from 2 source types? All, I have 2 source types , one being XML and other being a trace log file events. I have a requirement to combine ... by Mathanjey Explorer in Splunk Search 01-22-2016 0 2	0	2
	Is there a way to check if a field value is present in a transaction? The transaction command has the options startswith and endswith, but is there a "contains" of some sort that can be u... by jluo_splunk Splunk Employee in Splunk Search 01-22-2016 0 6	0	6