Splunk Search

Community Activity

Splunk DB Connect 1: How to join SQL queries from different servers? \| dbquery Server1 "SELECT value1, value2 FROM db1.table" \| join type=left value2 [\| dbquery Server2 "SELECT value... by stevenahl New Member in Splunk Search 05-30-2015 0 7	0	7
How to read data from a CSV file and put into DB Connect’s query? Hi, I want to pull data from a CSV file and put that all data in a SQL query. For e.g.- In CSV: 'ABC','DEF','GHI','J... by ritesh21aggarwa Engager in Splunk Search 05-30-2015 1 1	1	1
How to display Linux and Windows CPU perf in one timechart other than appendcols method? Currently I am using appendcols method, it seems work, but once the first search returns no result, the timechart wil... by rogner New Member in Splunk Search 05-30-2015 0 2	0	2
Comparison of logs? Pretty new to this - Is there a way to compare log results between two timeframes ? Consider the following scenario ... by maheshh New Member in Splunk Search 05-30-2015 0 1	0	1
Indexer performance hit, for searches with no results I have a search like the following: "index=index_A \| " If i distribute this to an indexer which does NOT have an in... by jdunlea_splunk Splunk Employee in Splunk Search 05-30-2015 0 1	0	1
Regex Conditional Group Capture with Name I'm trying to build 1 regex to capture multiple sets of data. Below is a sample: 1. 20110221124637\|21410\|SENT:0.646... by healthtrans Explorer in Splunk Search 05-30-2015 2 1	2	1
Searching a single line at a time My Search query: source="test source" "AggCd" AND "test2# " AND "TransTypeCd " AND (NOT ("test2# null")) \| rex "tes... by anirbanukil Explorer in Splunk Search 05-30-2015 0 3	0	3
extract multiple fields(number unknown) and sum it up i have several events which look like this one (this is one event, repeating with varios values after Txxxx,) DISKB... by Christian Path Finder in Splunk Search 05-30-2015 0 1	0	1
how to configure the section of a user on splunk ? hello I would like to configure splunk like so: When a user is inactive for 15 minutes, the session shoulds Origin Lo... by fdi01 Motivator in Splunk Search 05-30-2015 0 4	0	4
extract field value Hi, we have csv file in below format. PROJECT_NAME USER_NAME STATUS WEB_xxxx David PA... by iamniks Explorer in Splunk Search 05-29-2015 0 2	0	2
Alert when host sends different data in event Every day, a script runs on my Windows boxs that sends an event to Splunk. I'm looking for a search that will return ... by rtadams89 Contributor in Splunk Search 05-29-2015 0 4	0	4
timechart span starting at specified point I want to run a timechart 'overnight'... e.g. getting the minimum values of a field between midday and midday... 12-1... by vaijpc Communicator in Splunk Search 05-29-2015 0 1	0	1
Error Logs on Splunkd (Search Head) Hi, I'm having this error logs on my search heard splunkd. 01-15-2011 00:22:06.346 WARN NetUtils - Bad select for ... by mldaplin Engager in Splunk Search 05-29-2015 2 1	2	1
Index time field extraction from another field Hi, I have two fields. Let's say they are field1 and field2. I extract field2 from field1. I also remove some part o... by rahiparikh Explorer in Splunk Search 05-29-2015 0 1	0	1
How to join data from three sources without using join? I'm slowly digesting the posts that describe how to use stats to retrieve aligned data from multiple sources but I'm ... by kmcarrol Path Finder in Splunk Search 05-29-2015 0 6	0	6
field transformation not cpaturing anything I am trying the field tranformation feature. using the "Manager » Fields » Field transformations" UI I have defined t... by aviadr1 Explorer in Splunk Search 05-29-2015 0 1	0	1
How to extract key/value parameters and issue lookup? I have a log containing some commands like so: SWFCMD_DNLK_LOG: WHICHLOG = CMD_LOG_IMDCMD, TIMERANGESTRT = 0, TIMER... by vhwang New Member in Splunk Search 05-29-2015 0 1	0	1
combine two transaction results based on one value they share I have a transaction that includes a MAC address which doesn't change and an IP address which changes during the tran... by whistj Explorer in Splunk Search 05-29-2015 0 1	0	1
Dates cluttered in X-axis Hi, I've column chart which uses below query: index=test \| stats last(_time) AS time by customerid \| convert timefo... by freephoneid Path Finder in Splunk Search 05-29-2015 1 1	1	1
Convert Pie Chart to Timechart - Is it possible? Hi, I'm displaying Pie chart with below query. index=my_index sourcetype="my_log" keyword1 keyword2 "errorValue=" \|... by freephoneid Path Finder in Splunk Search 05-29-2015 0 1	0	1
Urgent !! Complex case statements in eval I have a field that captures the usage of every user. I want to write a case to get the usage of each user in that ho... by sushmitha_mj Communicator in Splunk Search 05-29-2015 0 13	0	13
Performing basic calculations, eval statement and wildcard I need some assistance in calculating latency values. I have many hosts, logging transformation latency in different ... by bcatwork Path Finder in Splunk Search 05-29-2015 0 4	0	4
What are recommendations for optimizing the performance of my current search? I have this search that is a very sparse search over 7 days and takes a long time to complete (more than ten hours) .... by hartfoml Motivator in Splunk Search 05-29-2015 0 2	0	2
Search app doesn't recognise the transformed search Hi, I tried to tansform unix app's data something like this -- [transforms.conf] [df] REGEX = ([^\s]+)\s+([^\s]+)\... by rahiparikh Explorer in Splunk Search 05-29-2015 0 6	0	6
Rounding Currency to Two Digits After Decimal I am attempting to round my currency figures to two decimal places whether or not the amount ends with zeros (e.g., $... by msettipane Splunk Employee in Splunk Search 05-29-2015 1 2	1	2