Splunk Search

Splunk Search
Community Activity
agoktas
We have a search that comes back with the following raw log data in every few lines: getUnitofWorkThread-1 increme...
by agoktas Communicator in Splunk Search 10-01-2015
0 7
0
7
agoktas
This successfully colors results accordingly: index=myindex host=app01 source="C:\\Log1.txt" | rex "RecordsProcess...
by agoktas Communicator in Splunk Search 10-01-2015
0 2
0
2
markwymer
Hi all, I've found many answers to questions that are similar to my question, but not quite the same. Still, my apo...
by markwymer Path Finder in Splunk Search 10-01-2015
0 4
0
4
seksit
Hi everyone I'm new splunk, I'm try to extract fields called username, clientip. But some row of data start with ...
by seksit Explorer in Splunk Search 10-01-2015
0 5
0
5
rubeniturrieta
Hi to everyone It makes sense to have a Splunk Architecture, with machines with two addresses? For example: 1 Inde...
by rubeniturrieta Communicator in Splunk Search 10-01-2015
0 2
0
2
ivanlesk
Hi, I have first sourcetype=st1 with information about changes on users. I want to get a particular set of users (th...
by ivanlesk Engager in Splunk Search 10-01-2015
0 4
0
4
IRHM73
Hi, I wonder whether someone may be able to help me please. I'm using the search below to produce data in the follow...
by IRHM73 Motivator in Splunk Search 10-01-2015
0 3
0
3
aramakrishnan
I have a field called 'indication' which has values in the form of text - 123.1. I'm trying to set up an alert to det...
by aramakrishnan New Member in Splunk Search 10-01-2015
0 3
0
3
IRHM73
Hi, I wonder whether someone could help me please. I'm trying to put together a rex to extract the First Name from t...
by IRHM73 Motivator in Splunk Search 10-01-2015
0 10
0
10
echalex
Hi, I'm trying out the new HTTP Event Collector, but I'm having problems searching the data. Basically, the raw dat...
by echalex Builder in Splunk Search 10-01-2015
2 2
2
2
pavanae
Hi I have two different searches and two different results as follows Search 1: index="xyz" ".handleCommitOrder"...
by pavanae Builder in Splunk Search 09-30-2015
0 3
0
3
Justin
I am trying to perform a search of our network logs and it seems to be really bogging down our Splunk server. I am tr...
by Justin Path Finder in Splunk Search 09-30-2015
0 8
0
8
trem
I'd like to plot in a timechart the count of events over the last 30 days. In addition to this, I'd like another line...
by trem New Member in Splunk Search 09-30-2015
0 4
0
4
seksit
Hi everyone. I'm new for splunk. I'm learning splunk using splunk's documents in website. Now I'm learn to splunk s...
by seksit Explorer in Splunk Search 09-30-2015
0 1
0
1
jstockamp
I've got a saved search configured on a schedule and if I click on "view recent" I can see recent runs and if I clic...
by jstockamp Communicator in Splunk Search 09-30-2015
1 10
1
10
nimmos
Hello, I have a shop that sells different kind of products. Usually I have a search to show me the top 10 products s...
by nimmos Engager in Splunk Search 09-30-2015
0 2
0
2
maalvare
I need to extract value pairs from a field (string=integer) and then calculate the average of each of the strings. ...
by maalvare New Member in Splunk Search 09-30-2015
0 3
0
3
IRHM73
Hi, I wonder whether someone could help me please. I have a field called detail.cid-repsonse which looks like the ...
by IRHM73 Motivator in Splunk Search 09-30-2015
0 7
0
7
lakromani
We have a Hotspot server where we like to get the average time from when a user requests an SMS to the time the user ...
by lakromani Builder in Splunk Search 09-30-2015
0 2
0
2
sunnyparmar
I have logs here given below in which there are different companies like wienerberger_de, veolia-uk, XeroxFinland_fi,...
by sunnyparmar Communicator in Splunk Search 09-30-2015
0 3
0
3
rakesh_498115
Hi All, I was having a requirement to enable / disable table element drilldown. i mean if my SH is a Job server i wo...
by rakesh_498115 Motivator in Splunk Search 09-30-2015
0 3
0
3
hunyady
Hi, I have two indizes: dbtrace and dbmsg. The 1st "dbtrace" has trace recs of bags, the 2nd "dbmsg" stores the error...
by hunyady Explorer in Splunk Search 09-30-2015
1 4
1
4
nilsml
I am new to summary indexing, but I've tried to follow the documentation and create a scheduled search that saves the...
by nilsml Engager in Splunk Search 09-29-2015
1 2
1
2
skovalenko
I use kv_mode = auto in my props.conf and it works most of the time. The only time when it fails to extract is when t...
by skovalenko Explorer in Splunk Search 09-29-2015
0 2
0
2
MikeBertelsen
How can I determine which forwarder is impacting the indexer the most? I have an index taking up 53 gigs of space wit...
by MikeBertelsen Communicator in Splunk Search 09-29-2015
0 6
0
6
Get Updates on the Splunk Community!

Think Like an Architect: Introducing the Splunk Certified Cybersecurity Defense ...

In cybersecurity, defenders respond to threats. Architects design the systems that stop them.    As ...

Best Practices: Splunk auto adjust pipeline queue

When you enable autoAdjustQueue in Splunk, maxSize should be understood as the queue size Splunk starts with ...

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...