Splunk Search

Community Activity

how to restrict where condition.? Hi All. I have a scenario where, the where clause is used to filter and other side the same where clause should not ... by SanthoshSreshta Contributor in Splunk Search 05-19-2015 0 13	0	13
two where clause? Hi All. I want to calculate churned customers from two placements (churn=0 means churned,1 as unchurned) and placem... by SanthoshSreshta Contributor in Splunk Search 05-18-2015 0 2	0	2
show last week values Mon-Sun and NOT Sun-Sat using earliest and latest How do I use earliest and latest to show last week Mon - Sun inclusive. I have tried this earliest=-1w@w latest = @w... by HattrickNZ Motivator in Splunk Search 05-18-2015 0 2	0	2
Combine of two different queries for single output (Aruba with Splunk) Hi Team we have two queries as mentioned below: eventtype=cppm-fail-authentication cphost=* -->This gives me the lis... by ssplunkc New Member in Splunk Search 05-18-2015 0 1	0	1
Sort by DataStore Hello I have some data that I'd like to make a bar graph by each datastore. Can anyone help? Data below. {"dataStore... by lvandeyar New Member in Splunk Search 05-18-2015 0 1	0	1
Combine inputcsv and search to create a gauge I am trying to create a gauge where the green, yellow, red are dynamically adjusted using average and percentages for... by ccsfdave Builder in Splunk Search 05-18-2015 0 1	0	1
How to cut off the worldmap for geostats? Hi, is it possible to cut off the worldmap in the geostats visualization, so that scrolling left or right is not pos... by HeinzWaescher Motivator in Splunk Search 05-18-2015 0 2	0	2
where clause with a variable Hi. I need to get sum of total_revenue where churn=1. I am able to get the count of churn whose churn=1 and total co... by SanthoshSreshta Contributor in Splunk Search 05-18-2015 0 6	0	6
How do I create a token from a hidden search in SimpleXML I want to have a hidden search in my simple XML dashboard <search id="base"> <query>index=_internal \| stats count... by joxley Path Finder in Splunk Search 05-18-2015 0 1	0	1
Using the results of a query , and search it in a lookup table I have a query which looks at FTP attacks, and the resulting field is called "IP", now i want to search the results ... by Kishorebk New Member in Splunk Search 05-17-2015 0 2	0	2
I'm trying to count the number of times a particular mvfield value occurs. Event data set is as follows: {<!-- --> "actions":["CREATE","DELETE", "MODIFY"], "topic":"image", "event_time":"2015-05-14T00... by snandaku Engager in Splunk Search 05-16-2015 0 11	0	11
Is there a way to check a particular bit in a field that returns a hex value? I have a field that returns a hex value. The value returned can be anything from 0 to FF. We'll call this field CRA... by CYamaguchi Engager in Splunk Search 05-16-2015 1 1	1	1
Advanced search question, match logs entries against other entries by string, show diff? My log entries look like this: DATE: order=8 status=processed -many entries in between- DATE: order=8 status=complet... by darrel343 Engager in Splunk Search 05-15-2015 0 6	0	6
Fillnull not working with chart I'm trying to create a simple chart of the number of tickets for a specified subsystem. However the subsystem field ... by lyndac Contributor in Splunk Search 05-15-2015 1 7	1	7
Timechart Different Color Line I have 7 web service calls which have varying response times. I have a timechart (LINE) ranging from 00:00 to 24:00, ... by skoelpin SplunkTrust in Splunk Search 05-15-2015 0 20	0	20
Field aliasing in search results I have the following data in Splunk "2015/05/15 12:11" Service11=1 host=SystemA "2015/05/15 12:11" Service12=1 host=... by anupjishnu Path Finder in Splunk Search 05-15-2015 0 2	0	2
unable to launch splunk on local machine. I recently installed splunk on my local machine (Win 7 * 32 bit). Every time i launch it, it gets opened via google c... by shivanikatyal New Member in Splunk Search 05-15-2015 0 6	0	6
How do I get an hourly result table from a single monthly event? I have monthly events feeding into splunk. However I need each monthly event to be repeated for each hour of the mon... by sndegwa Explorer in Splunk Search 05-15-2015 0 2	0	2
Most efficent way to ignore last line when monitoring to avoid issues with external log buffering? I'm having an issue with a custom application log file (text, xml, single line) where the log buffering done by the c... by JSkier Communicator in Splunk Search 05-15-2015 0 2	0	2
Changing the sorting order of a chart I got a stacked bar chart from the following search: ... \| chart count by "field1" "field2" On the X-axis I have fiel... by szabados Communicator in Splunk Search 05-15-2015 0 1	0	1
How can I refer to the chosen timescale within my search? To work around another issue with reporting average counts by time (See here ) I would like to instead use the chosen... by seanel Path Finder in Splunk Search 05-15-2015 0 2	0	2
Getting incorrect values while using Eval and eventstats Hi, I had count of some condition and aggregated data. using both I stored them in some variable using eval. then th... by SanthoshSreshta Contributor in Splunk Search 05-15-2015 0 12	0	12
how to use calculated values in geostats to generate map chart Hi All, How to generate Geostats chart showing some aggregated data. columns in my CSV file named: test_csv 1. Chu... by SanthoshSreshta Contributor in Splunk Search 05-15-2015 0 17	0	17
Splunk DB Connect: How to connect custom Netezza database? I am trying to connect a Netezza DB to Splunk via DB Connect. Please see the database_type.conf below . [netezza... by theouhuios Motivator in Splunk Search 05-14-2015 1 2	1	2
Find users who have done an event A, but not done an event B I have a splunk log that has fields 'user_id' and 'event'. What I would like to do is to find the list of users who h... by anoopsankar Engager in Splunk Search 05-14-2015 0 2	0	2