Splunk Search

Community Activity

how to use calculated values in geostats to generate map chart Hi All, How to generate Geostats chart showing some aggregated data. columns in my CSV file named: test_csv 1. Chu... by SanthoshSreshta Contributor in Splunk Search 05-15-2015 0 17	0	17
Splunk DB Connect: How to connect custom Netezza database? I am trying to connect a Netezza DB to Splunk via DB Connect. Please see the database_type.conf below . [netezza... by theouhuios Motivator in Splunk Search 05-14-2015 1 2	1	2
Find users who have done an event A, but not done an event B I have a splunk log that has fields 'user_id' and 'event'. What I would like to do is to find the list of users who h... by anoopsankar Engager in Splunk Search 05-14-2015 0 2	0	2
group source types Hi I am getting the list of sourcetype and its usage in GB. index=_internal source=metrics.log \| eval GB=kb/(1024... by athorat Communicator in Splunk Search 05-14-2015 0 9	0	9
How to draw a line chart using the data from events Hi, May I know how to use the data from events and draw a line chart in splunk or splunk can not do it? My input dat... by sunfan1981 New Member in Splunk Search 05-14-2015 0 1	0	1
Transaction to Find Duration I have a simple web service with a request and response called DeliverySchedule. The request and response have a uniq... by skoelpin SplunkTrust in Splunk Search 05-14-2015 0 30	0	30
Invalid Earliest_time in Splunk dashboard I am trying to make a dashboard with a custom time by editing the XML and giving the time in tag. I have tried all p... by shaileshv02 Explorer in Splunk Search 05-14-2015 1 2	1	2
Invalid latest_time: latest_time must be after earliest_time Hi - I've just installed splunk-5.0-140868 for Solaris 10 SPARC. The setup was very easy and as soon as I logged in I... by julian924s Explorer in Splunk Search 05-14-2015 0 7	0	7
Search Help - Finding and comparing events within a single sourcetype I've got about 4-5 different use cases that all require the same type of search logic / correlation but are run again... by jeremyarcher Path Finder in Splunk Search 05-14-2015 0 2	0	2
group fields I have extracted a numeric field and I want to count the fields by grouping them based on the range . For eg: Field ... by visa87 Explorer in Splunk Search 05-14-2015 0 1	0	1
Is it safe to deploy apps with lookups using the deployment server? We're not sure whether it's safe to use the deployment server feature for all our apps, especially those with lookup ... by d044160 Explorer in Splunk Search 05-14-2015 0 2	0	2
How to sort timechart results I have timechart for maximum CPU usage. but I have to show 10 hosts having maximum CPU usage in Graph. I have used so... by tkadale Path Finder in Splunk Search 05-14-2015 2 3	2	3
Geostats not giving count Hi I am trying to plot count of faults by location on gmaps, Query i am using is as below : source="geo.csv" \| table ... by kavyatim Path Finder in Splunk Search 05-14-2015 0 2	0	2
Need to return a field in a search even if it doesn't exist Hi, I have a problem with a query which runs on an hourly basis as the fields that need to be returned can vary. The... by anthonycopus Path Finder in Splunk Search 05-14-2015 1 3	1	3
Joining to another sourcetype based on field from one log message and correlating to a different log message in the same log log a 5/14/2015 1pm [1150] <message><trnid>1001</trnid></message> 5/14/2015 1:01pm [1150]elapsed time = 1100 log b 5... by danoconnl Explorer in Splunk Search 05-14-2015 0 2	0	2
Adding sparklines to chart Hi, I have a chart that is a count of alerts by hostname and severity. I'd like to add a column that is a sparkline o... by cjenning Explorer in Splunk Search 05-14-2015 1 4	1	4
search not returning expected results Hi, I am using DBConnect to connect to a DB export from Qualys This export shows the results of a scan to determine... by crossap Path Finder in Splunk Search 05-14-2015 0 4	0	4
Line Chart Time Between Two Searched Fields Hi, This should be easy, but I'm getting confused making it work. I have the following: Time: 01:00 PM Event: START... by chrisboy68 Contributor in Splunk Search 05-14-2015 0 3	0	3
How to sort a report to give me top 20 MAX values? I have a report that showing me the top 20 of field called "sc_bytes" (By count), > > source="xap.csv" \| top limit... by sraguan Explorer in Splunk Search 05-14-2015 1 7	1	7
map command subsearch issue Hi, I have an issue with map command. The query is: index=myindex field=value \|stats count by host\| map maxsearches=... by francescafilini New Member in Splunk Search 05-14-2015 0 5	0	5
Splunk DB Connect: How to search the latest database dump ONLY? This might be an easy thing to do, but I haven't figured out a good way to do it. I have a database input that runs ... by ocallender Explorer in Splunk Search 05-13-2015 1 5	1	5
Lookup Country Name Hi All, I'm new to Splunk and have taken the Splunk Search/Reporting and Knowledge Objects courses - however this wa... by spIunk_user Engager in Splunk Search 05-13-2015 1 3	1	3
Regular expression Hi, Can someone help me in writing the regex for following string 20141128082428PAASSUB 00.?9CDPCI8I USER ACTION TI... by Navanitha Path Finder in Splunk Search 05-13-2015 0 11	0	11
How to display search results of a query in a table using subsearch Hi, 1.Basic Search Criteria index=Logs_idx Cricket HOST=India "Top 10 Overs Average" 2. Now I am creating a table o... by kamal_jagga Contributor in Splunk Search 05-13-2015 0 4	0	4
Eval eliminated value instead of using NOT in initial search I have a set of data from which I'd like to answer three questions in a single search: 1. Users who open a menu and ... by pepper_seattle Path Finder in Splunk Search 05-13-2015 0 2	0	2