Splunk Search

Community Activity

Help! I need to know if Splunk is capable of the following; • Need to be able to view the health of the servers and applications running across all three datacentres in a single... by Charles_S New Member in Splunk Search 10-16-2015 0 1	0	1
How to write a search to count variations (different order and number) of transaction events? I need a search to count variations of event occurance. Lets say we have events: A,B,C,D,E which are combined into tr... by adamguzek Explorer in Splunk Search 10-16-2015 0 2	0	2
How to edit my search to get the sum of multiple results per transaction_Id? index=inctv starttime=10/07/2015:00:00:00 endtime=10/13/2015:00:00:00 (sourcetype="mysource" OperationName="MyImpl.... by pawnalmighty Engager in Splunk Search 10-16-2015 0 1	0	1
How to filter out syslog events from a group of hosts via regex? Hi We have a group of servers and looks like they have been reconfigured. Until we get hold of a sysadmin and fix th... by AKG Path Finder in Splunk Search 10-16-2015 0 8	0	8
Makemv example not working In trying to use makemv, which seems incredibly simple, I've been ingesting multiple iterations of a single event wit... by blurblebot Communicator in Splunk Search 10-16-2015 0 11	0	11
Nessus in Splunk - pull scans from Windows Server I'm running Splunk on a Linux box. Nessus is running on another Linux box, but I'm using the Nessus web GUI from a W... by johnwsrns New Member in Splunk Search 10-16-2015 0 2	0	2
stats usage to display output as follows I have a table like this .. Table 1 : Information to be searched **Company A \| Company B abc xyz lmn ... by rakesh_498115 Motivator in Splunk Search 10-16-2015 2 8	2	8
Why is Auto Refresh not working with Post Process Search in a dashboard panel? Hi All, We have a dashboard with 6 panels in which for one panel we have implemented a post process search. The issu... by Venkat_16 Contributor in Splunk Search 10-16-2015 0 2	0	2
Can a particular user or role ignore the limits.conf max_searches_per_cpu setting? Is there a way to bypass max_searches_per_cpu setting (in limits.conf) for a given user or role? I need to to this f... by marco_sulla Path Finder in Splunk Search 10-16-2015 0 3	0	3
How to extract particular data from a file and then define fields from it? Hi I have a flat file with the following data which is ingested in Splunk: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~... by Arminder_Bhalla New Member in Splunk Search 10-16-2015 0 2	0	2
Extracting field based on prior field extracted Hi all, So I have data that looks something like this where each event contains somewhat historical data, and it has... by raby1996 Path Finder in Splunk Search 10-15-2015 0 6	0	6
perfmon PercentProcessorTime incorrect maximum Splunk 6.1 running on Windows 2012 R1 perfmon remote machine Windows 2008 R1. Querying PercentProcessorTime from Per... by robertlabrie Path Finder in Splunk Search 10-15-2015 0 5	0	5
How do we chain up events based on parent-child events without recursion? Let's say I have something like this: time,ParentId,ChildId 12:05:10 PM, ,A1 12:05:11 PM, ,B1 12:05:... by tchen_splunk Splunk Employee in Splunk Search 10-15-2015 0 1	0	1
How to edit my search to sum up the count of hosts per group for each account? Hi All, I'm pretty new to Splunk so still learning my way around everything. Running a search like this results in ... by ks2211 Engager in Splunk Search 10-15-2015 0 4	0	4
What's wrong with my rangemap? Hi, I'm trying out some searches learned at .conf. This one is supposed to provide lag info for indexing delays. U... by a212830 Champion in Splunk Search 10-15-2015 0 7	0	7
How do I edit my "eval if match" syntax to evaluate complex combinations with precedence on the order of operation? Hello all, I have the following eval function which functions properly: \| eval my_count=if(match(lower(FieldName),... by jclemons7 Path Finder in Splunk Search 10-15-2015 0 1	0	1
Help with replacing values Hi, I have my output I was looking for, but was wondering if there was a cleaner way to do it. Basically I have a f... by jameskerivan Explorer in Splunk Search 10-15-2015 0 5	0	5
How to group search results based on values? I need to filter some search results. Today I have the following search: search index="test" series_name=* \| stats c... by Javo222 Path Finder in Splunk Search 10-15-2015 0 2	0	2
Looking to see if a string is present in another search I'm looking through DNS logs in one index. They are normal DNS logs, so they have the normal query containing the ho... by wweiland Contributor in Splunk Search 10-15-2015 0 11	0	11
Where can I find a reference for complex search examples? Does anyone have the PDF version of the book Building Splunk Solutions? I need to understand more on the complex searches that can be performed using Splunk. by splunkdevabhi Explorer in Splunk Search 10-15-2015 0 1	0	1
Total counts of one field based on distinct counts of another field This seems like it should be simple, but I'm new to Splunk and can't figure it out. I have one field dc(Name) that c... by jawebb Explorer in Splunk Search 10-15-2015 0 4	0	4
two's complement Hello I need to use the mathematical opération called "two's complement". In C programming language it is written lik... by clorne Communicator in Splunk Search 10-15-2015 0 6	0	6
Is it possible to use the Transpose command without accessing the Search app? Transpose is python custom command shipped with Search app. Transpose has global visibility , which means if you have... by nawneel Communicator in Splunk Search 10-15-2015 0 1	0	1
How to hide the default 'Search & Reporting' app in Splunk 6? Our team is using Splunk 6. We noticed that when we hide the 'search & Reporting' app for particular roles, it is giv... by Roopaul Explorer in Splunk Search 10-15-2015 0 5	0	5
How to search within each set of time ranges defined in another table, and then run a stats count for each? Table 1: START_TIME END_TIME ---------------------------------------- S1 E1 S2 ... by kelvin56887 Explorer in Splunk Search 10-15-2015 0 2	0	2