Splunk Search

Community Activity

Performing a MAP search in a given time window Hi, I'm trying to create a MAP search to see if Event B triggers within a certain time window of Event A being trigg... by sheamus69 Communicator in Splunk Search 09-25-2015 0 1	0	1
How to copy figures across empty time buckets? I'm generating a timechart that is supposed to display a daily figure which is an accumulation of total logged in hou... by szal Explorer in Splunk Search 09-25-2015 0 6	0	6
Adding a totals row to a table Hi all, So I have a search that i have saved as a report that looks like this when it completes Group Bun... by raby1996 Path Finder in Splunk Search 09-24-2015 0 1	0	1
Can't unlink pid file "/Applications/Splunk/var/run/splunk/splunkd.pid": Permission denied Splunk Free Enterprose download. Trying to start Splunk - non-root user. To "Start and Show Plunk" I get the error: ... by TheJagoff Communicator in Splunk Search 09-24-2015 0 4	0	4
Grouping by String and Sorting by Average Hi there! I have run the following search... index="prop_data" uri=/property//* \| stats avg(execution_time) by ur... by stanbridge New Member in Splunk Search 09-24-2015 0 4	0	4
Join and chart events from 2 log files with common field value but not lables. I see a ton of these type questions, but none seem to pertain to what I am doing or I just dont understand them. I h... by Cuyose Builder in Splunk Search 09-24-2015 0 1	0	1
How do I use regex to extract value in parenthesis preceded by parenthesis? I have the following log(s) from which I want to extract the value inside the parenthesis. The parenthesis field is p... by aramakrishnan New Member in Splunk Search 09-24-2015 0 5	0	5
Rename columns I have the following search string index="commercial_performance" "Efficiency Variance *" OR "Intervention Variance ... by deanamite91 Explorer in Splunk Search 09-24-2015 0 4	0	4
Map with custom image & _lat _lon Can I replace the maps app images with a static single image? I want to assign static _lat and _lon to a specific pla... by kapanig Explorer in Splunk Search 09-24-2015 0 2	0	2
Geostats Truncating Data? It would appear that using ...\| geostats isn't working as it used to anymore. I originally had a search like the foll... by vliu2 Explorer in Splunk Search 09-24-2015 0 1	0	1
Why does 'x.y'-1 return no value? I have an extremely simple search that inexplicably does not work. It returns blank values for latest(ewma): index=m... by j6white Path Finder in Splunk Search 09-24-2015 0 10	0	10
Getting Count of specific value in json formatted log I have a json splunk log, and I need to get the count of the number of times the "message" field is equal to "Total r... by kahlerb Explorer in Splunk Search 09-24-2015 0 2	0	2
Is there something similar to addtotals to sum by a field I'm trying to run a calculation that will average all values over a day, then add all values by a field (Building in ... by rrustong Explorer in Splunk Search 09-24-2015 0 3	0	3
How to filter events by date fields in lookup table I have a lookup table that consists of the follow fields: Account_Name, Name, Start Date, Return Date. I want to sea... by kvandegrift New Member in Splunk Search 09-24-2015 0 2	0	2
Put results in one row table Hello, I have got a question about a Query. This is the query: index=security-mijnssp "View rendered = /error.jspx"... by lgroot Explorer in Splunk Search 09-24-2015 0 1	0	1
Combine table rows Hi everyone, I've got a question about a query i have made: index=security-mijnssp "View rendered = /error.jspx" OR... by lgroot Explorer in Splunk Search 09-24-2015 0 1	0	1
Issue with conitnously monitoring a folder Hi Team I have a folder that consists of logs added every day i have given this folder as input to splunk to continu... by deepthi5 Path Finder in Splunk Search 09-24-2015 0 1	0	1
How to chart months on the X-axis in chronological order, not alphabetical? Hi, My database query returns the following columns monthNum,month,year,value 01, Jan, 2014, 20 01, Jan, 2015, 30 02... by hkosuru Explorer in Splunk Search 09-24-2015 0 4	0	4
I have an stats result that has a latest(_time) in the config and want to only include items where the latest is N minutes old index=product_iround_prod Level=INFO Message="Form Synchronizer complete" \| stats latest(_time) AS timestamp, latest(... by leonardr New Member in Splunk Search 09-24-2015 0 2	0	2
Why is my real-time post process dashboard showing different results from running the same search directly? Hi folks, I'm experiencing a strange behavior on one of my splunk real-time postprocess dashboards. The numbers show... by DennisMohn Path Finder in Splunk Search 09-24-2015 1 7	1	7
Extract not giving the exact result Hi, I have an extract with the name "remotesystemid" but when i am executing the below query it is giving values wit... by sunnyparmar Communicator in Splunk Search 09-23-2015 0 29	0	29
Grouping multiple times Basically I would like to run one stats command where i do some arithmetic and correlation based on one grouping, but... by raby1996 Path Finder in Splunk Search 09-23-2015 0 5	0	5
What does it mean? user=tommyjones is not allowed to run historical scheduled search, skipping savedsearch_id="tommyjones;…" I'm seeing this in the scheduler log and would like to know what it means and what causes it. This user can certainl... by the_wolverine Champion in Splunk Search 09-23-2015 0 2	0	2
how to search a number which is 13 digits or more using regex in splunk? Hi how can i find out a number which is 13 digits or more in a splunk search on index="xyz". Please let me know by pavanae Builder in Splunk Search 09-23-2015 0 9	0	9
How to graph and chart Oracle Error Code (ORA-nnnnn) from mutiple sources I have multiple logs from different sources (app server, database server,etc) where they can contain a error response... by mm977g Explorer in Splunk Search 09-23-2015 0 2	0	2