Splunk Search

Thread Info

I have a saved seach setup to check every minute for file changes. I have the start time set for [-1m] to search back...

by Splunk Employee in

I have a log which often has redundant events, where "redundant" is defined as 2+ events, on subsequent lines, where ...

by Contributor in

I need to understand how adding fields to raw data will increase our index size growth. We are in the process of addi...

by Splunk Employee in

I need to share all of the field extractions in my app with all of the other apps on the system. What is the most eff...

by Splunk Employee in

$SPLUNK_HOME/var/lib/splunk/defaultdb/db/Sources.data On a fresh install I see this file has something like this:...

by Splunk Employee in

[UPDATE: from the answer below, it sounds like what I'm looking for is not supported in the product today. I'm tackin...

by Contributor in

In SQL-speak, "how to specify the columns in SELECT clause"? Normally, Splunk does the equivalent of SELECT *, which ...

by Splunk Employee in

I wrote a search operator that takes actions external to splunk. It has to take an action to 'complete' its operation...

by Splunk Employee in

Because wc -l of the input doesn't match my event count, and I'm trying to troubleshoot.

by Splunk Employee in

Script is not working