Splunk Search

Community Activity

Using Eval for calculated Metrics Hi, I have the following search which returns the number of users logging onto a system for the previous month and g... by DanielFordWA Contributor in Splunk Search 06-10-2015 0 4	0	4
Very odd timestamp - how can I extract? Hi all - I need to "build" a timestamp from an event. The events are fixed format, meaning timestamp variables will a... by himynamesdave Contributor in Splunk Search 06-10-2015 0 5	0	5
How to expand macro arguments in eval subsearch Hi, I'm struggling with using subsearches in eval statements, but got most of it worked out. Now I want to put the s... by Sloefke Path Finder in Splunk Search 06-10-2015 0 8	0	8
how to retrive data from symantec end point protection Hi, Does any one know how to get data from symantec endpoint protection server, so the "Symantec Endpoint Protection... by johnbenayun New Member in Splunk Search 06-09-2015 0 4	0	4
job timeout error - what to do without increasing the receiveTimeout in distsearch.conf 06-08-2015 15:41:47.050 ERROR HttpClientRequest - HTTP client error: Read Timeout (while accessing https://ip.1:p... by splunk_zen Builder in Splunk Search 06-09-2015 0 1	0	1
The lookup table 'msdhcp_signature_lookup' does not exist. It is referenced by configuration 'DhcpSrvLog'. Getting this error when searching. The lookup table 'msdhcp_signature_lookup' does not exist. It is referenced by co... by daryl_fallin Engager in Splunk Search 06-09-2015 1 3	1	3
ip address in non usual format Hi all. I have a mcafee logging in a SQL database with a field: sourceip=739840322 How i can traslate this Ip to a ... by changux Builder in Splunk Search 06-09-2015 0 7	0	7
How to plot each events "OpValue" field against time by "process"? I have about six (6) seconds worth of data in a CSV file. Each CSV record has among other fields "process", "operatio... by mdwecht Path Finder in Splunk Search 06-09-2015 1 7	1	7
How to join two tables with default row if tables do not match? Hi, i have a table whose result is as below: parameter value result P1 V1 R1 P2 V2 R2 P3 ... by harshal_chakran Builder in Splunk Search 06-09-2015 1 2	1	2
How would I display a percentage of devices in an HA pair where neither has reported in a specific period? We have a dashboard set up where we display a percentage of appliances which are not sending logs to Splunk. We take... by john_dagostino Path Finder in Splunk Search 06-09-2015 0 2	0	2
How could I append the subsearch result with different fields Hi, I am trying to combine two searches into one table with different fields name. for example, I have error source ... by jpeng5068 New Member in Splunk Search 06-09-2015 0 2	0	2
How to create a graph using distinct values? I want to create a graph that shows values over time, but I cannot figure out how to graph distinct values. Right now... by carlsonbJTEKT Engager in Splunk Search 06-09-2015 0 2	0	2
Ghost results - why can't I pipe my results? I have a search that yields over 6000 events. However, when I try to do anything with those events, namely use them i... by kmcarrol Path Finder in Splunk Search 06-09-2015 0 4	0	4
Why two searches work separately, but subsearch leads to no results? Beginner here, I've been trying to practice subsearching, but I've come across a problem I couldn't figure out how t... by kkas Path Finder in Splunk Search 06-09-2015 1 2	1	2
How to list values for a multivalue field by both date and percentage? Okay, so I'm trying to create a funnel in Splunk. I have a multivalue field, I need to recalculate the values into pe... by Hartmannish Explorer in Splunk Search 06-09-2015 0 4	0	4
How to group calculated unique values by another field without using a subsearch? Hi folks, I have a problem. I've done a search displayed below and I'm filtering some types of products (produto). A... by vitorvmiguel Explorer in Splunk Search 06-09-2015 2 4	2	4
How to limit the character length of the date field? How do I limit the characters of a date field to be a certain length? I.e my date field looks as follows: 2012-01-10... by splunknewby Path Finder in Splunk Search 06-09-2015 0 1	0	1
Use variable from views.py on a Django search manager Hi all, Using Splunk 6.2.2. I want to use a single Django template for several different sources that follow the sa... by gustavomichels Path Finder in Splunk Search 06-09-2015 0 1	0	1
Field categorization Hi All, A quick question reagrding the symbols "#" and "a" (alpha I believe), on the left hand side of a filed name ... by KarunK Contributor in Splunk Search 06-09-2015 0 3	0	3
enumerating field names as a new field Dear all, I have in splunk events of this simple structure fileldX=value, like field1=..., field2=..., ... fieldN=.... by akazarov Path Finder in Splunk Search 06-09-2015 0 5	0	5
How to make the Search and Reporting app the default landing page for a user? I have an App landing page which is not working fine. I want to make the Search and Reporting app as the default page... by mehtas Explorer in Splunk Search 06-09-2015 1 1	1	1
Averages skewed by empty time buckets When creating a report of the max count/minute and average count/minute by host for a specific error there seems to ... by seanel Path Finder in Splunk Search 06-08-2015 3 11	3	11
how do I clac time out using eval in,out,name 05-06-2015 11:37:04,05-06-2015 11:37:04 ,uid2 05-06-2015 11:36:06,,uid2 how do I do this, If out time is... by SasiB137 Engager in Splunk Search 06-08-2015 0 3	0	3
Why does dedup not return any results? Below is an example of a log file I'm trying to analyse (thousands of entries). I wish to remove duplicate entries b... by Scan001 Explorer in Splunk Search 06-08-2015 0 8	0	8
Spunkd normal process count? Hi, What is the normal process count for splunkd? Am having two processes for splunkd both for my forwarder & serv... by standias Explorer in Splunk Search 06-08-2015 0 3	0	3