Splunk Search

Community Activity

	Problem with values/list in subsearch Hi guys, I want to make a table with list in it with Splunk and I really need some help! I got a IPS to analyse and t... by LuiesCui Communicator in Splunk Search 09-28-2015 0 9	0	9
	How to compare string values between two fields and only return results from the search that do not match? So I currently have Windows event log (security) files and am attempting to compare two strings that are pulled out v... by kharma New Member in Splunk Search 09-27-2015 0 3	0	3
	How to extract file tyes from .txt file Hi, I have a one text file which have some entries with the file types .pdf, .tif so now i want to make one hourly d... by sunnyparmar Communicator in Splunk Search 09-26-2015 0 8	0	8
	How do I display values over the last 24 hours? Greetings, I am trying to display the value of "002:emailsqu=33" over the last 24 hours and then graph it. The log c... by loggeruk Explorer in Splunk Search 09-25-2015 0 5	0	5
	Adding a row of Totals Hi all, currently I'm using a search Which gives me something like this for each group/event Group B... by raby1996 Path Finder in Splunk Search 09-25-2015 0 3	0	3
	Filter multivalue field based on regex generated by subsearch Hi, I have "impression" events for a mobile page that has many games on it, and they have 1 field called "game_ids" ... by giladirim Engager in Splunk Search 09-25-2015 0 1	0	1
	Sort order of subsearch results Ok, treat me nice, please... I am working on a dashboard which totals and reports data from two different date range... by bfnpmsz New Member in Splunk Search 09-25-2015 0 5	0	5
	Splunk mobile access server marked as legacy, alternative? Splunk mobile access server is marked as legacy in the documentation, what is the alternative? by marcusnilssonmr Path Finder in Splunk Search 09-25-2015 0 1	0	1
	Regex in search to filter not working I am currently trying to work on a search where are admins in my results. I want the search to show only regular user... by santorof Communicator in Splunk Search 09-25-2015 0 6	0	6
	Log file not picked up by splunk I'm trying to get our splunk server to index the local /var/log/audit/audit.log, but no matter what I do I don't see ... by tech8260 New Member in Splunk Search 09-25-2015 0 2	0	2
	What values should I use for replication and search factor in a Splunk multisite indexer cluster with one peer in site1 and two peers in site2? Hi! I'm trying to configure a multisite indexer cluster with two sites; site1 and site2. There are one peer in site1... by hettervik Builder in Splunk Search 09-25-2015 0 1	0	1
	Performing a MAP search in a given time window Hi, I'm trying to create a MAP search to see if Event B triggers within a certain time window of Event A being trigg... by sheamus69 Communicator in Splunk Search 09-25-2015 0 1	0	1
	How to copy figures across empty time buckets? I'm generating a timechart that is supposed to display a daily figure which is an accumulation of total logged in hou... by szal Explorer in Splunk Search 09-25-2015 0 6	0	6
	Adding a totals row to a table Hi all, So I have a search that i have saved as a report that looks like this when it completes Group Bun... by raby1996 Path Finder in Splunk Search 09-24-2015 0 1	0	1
	Can't unlink pid file "/Applications/Splunk/var/run/splunk/splunkd.pid": Permission denied Splunk Free Enterprose download. Trying to start Splunk - non-root user. To "Start and Show Plunk" I get the error: ... by TheJagoff Communicator in Splunk Search 09-24-2015 0 4	0	4
	Grouping by String and Sorting by Average Hi there! I have run the following search... index="prop_data" uri=/property//* \| stats avg(execution_time) by ur... by stanbridge New Member in Splunk Search 09-24-2015 0 4	0	4
	Join and chart events from 2 log files with common field value but not lables. I see a ton of these type questions, but none seem to pertain to what I am doing or I just dont understand them. I h... by Cuyose Builder in Splunk Search 09-24-2015 0 1	0	1
	How do I use regex to extract value in parenthesis preceded by parenthesis? I have the following log(s) from which I want to extract the value inside the parenthesis. The parenthesis field is p... by aramakrishnan New Member in Splunk Search 09-24-2015 0 5	0	5
	Rename columns I have the following search string index="commercial_performance" "Efficiency Variance *" OR "Intervention Variance ... by deanamite91 Explorer in Splunk Search 09-24-2015 0 4	0	4
	Map with custom image & _lat _lon Can I replace the maps app images with a static single image? I want to assign static _lat and _lon to a specific pla... by kapanig Explorer in Splunk Search 09-24-2015 0 2	0	2
	Geostats Truncating Data? It would appear that using ...\| geostats isn't working as it used to anymore. I originally had a search like the foll... by vliu2 Explorer in Splunk Search 09-24-2015 0 1	0	1
	Why does 'x.y'-1 return no value? I have an extremely simple search that inexplicably does not work. It returns blank values for latest(ewma): index=m... by j6white Path Finder in Splunk Search 09-24-2015 0 10	0	10
	Getting Count of specific value in json formatted log I have a json splunk log, and I need to get the count of the number of times the "message" field is equal to "Total r... by kahlerb Explorer in Splunk Search 09-24-2015 0 2	0	2
	Is there something similar to addtotals to sum by a field I'm trying to run a calculation that will average all values over a day, then add all values by a field (Building in ... by rrustong Explorer in Splunk Search 09-24-2015 0 3	0	3
	How to filter events by date fields in lookup table I have a lookup table that consists of the follow fields: Account_Name, Name, Start Date, Return Date. I want to sea... by kvandegrift New Member in Splunk Search 09-24-2015 0 2	0	2