Splunk Search

Community Activity

2 queries in a line chart Query one 1> index=prod sourcetype="STORM" "received message from MQ" ">EXIGEN_QUOTE<" \| timechart count ... by athorat3 New Member in Splunk Search 05-12-2015 0 1	0	1
How to add the custom app to Management App list? Hi, I've just joined Splunk world. I made my app. Then, how can I add my all to Management App list? I just want to s... by mijounglee New Member in Splunk Search 05-12-2015 0 8	0	8
..求中文文档..chinese document 小弟我英语不过关，求中文文档。 my english is pool .Need chinese document. 为毛搞个搜索要这么复杂这么多正则表达式，写的像编程一下的语句去搜索，搞怎么复杂干嘛，产品经理出来，保证不打死... by apolee New Member in Splunk Search 05-12-2015 0 1	0	1
Dashboard table styling? I want to adapt a script from the XML examples to a dashboard of mine. When I add the script="" stylesheet="" line do... by szabados Communicator in Splunk Search 05-12-2015 1 6	1	6
Rowcount comparisons on large numbers of database tables I'm working with a customer to run rowcount comparisons between two tables that are replicating data in one direction... by mcomfurf Path Finder in Splunk Search 05-12-2015 1 2	1	2
Log file not have any date field but splunk auto give different different date to event i need remove date in _time field? Hi I have log file which create every 1 hr so they not have date field but splunk Automatically provide different da... by nitesh218ss Communicator in Splunk Search 05-12-2015 0 15	0	15
Subtract two time in one event not work properly in milisecond hi try to subtract 2 time but some are subtract some show blank my time format is 07:33:41.556 I below i write 2... by nitesh218ss Communicator in Splunk Search 05-12-2015 0 18	0	18
Search for inactive users in my application I am using Splunk to monitor my application and would like to know what users have been inactive of the last X days. ... by will_paxata Explorer in Splunk Search 05-12-2015 0 4	0	4
Top 10 Values of the column Hi all, I am able to get top 10 values but with that I need to get others ( Those who are not in Top 10 ) in one val... by SanthoshSreshta Contributor in Splunk Search 05-12-2015 1 3	1	3
Add a new column,except "Time" "Event". I want to add a new column,just like host to default the search results display .You know the searchstring like "ind... by dovelsh12223621 Path Finder in Splunk Search 05-12-2015 1 3	1	3
Timechart with two graphs Hi! Is there any way to show the following search on a timechart with two graphs lines, one with the number of hits ... by epacke Path Finder in Splunk Search 05-12-2015 0 1	0	1
Scatter Plot of some data I'm new to Splunk and trying to create graphs on some information that I'm collecting. I have lots of jobs that run ... by wweiland Contributor in Splunk Search 05-12-2015 0 6	0	6
How to restrict searches that use wildcards in the index (ex: index=* index=test* index=*test)? For audit and performance reasons, I want to educate (force) my users to always explicitly provide the index(es) that... by lassel Communicator in Splunk Search 05-12-2015 1 8	1	8
Extract date / time from source path with custom datetime.xml I'm hoping someone can help out with something that's been baffling me re: using custom a datetime.xml to extract the... by emechler_splunk Splunk Employee in Splunk Search 05-11-2015 3 4	3	4
conditional distinct count Hello, Is there a way I can merge these two searches into a single conditional search? index="webs" (process_resour... by zahmadian Engager in Splunk Search 05-11-2015 0 3	0	3
formatting _time field into a YYYY-MM-DD field This search is ok ... \| stats max(fieldname1) as fn1 by _time but I want to control the format of the _time field ... by HattrickNZ Motivator in Splunk Search 05-11-2015 0 3	0	3
How do you obtain an attribute present in numerous sourcetypes? I want to find any IP addr present in numerous sourcetypes. That is, the IP Addr MUST be present in ALL sourcetypes: ... by leotoa New Member in Splunk Search 05-11-2015 0 7	0	7
Setting table headers? I have a transposed table, and I want to change the header. Because of being transposed, it looks like this now: <hea... by szabados Communicator in Splunk Search 05-11-2015 0 1	0	1
Top 10 values and other to be Grouped in "OTHERS"..?? Hi All, I am bit new to this Splunk I am able to get top 10 values but not able to group other ( not in top 10 ) in ... by SanthoshSreshta Contributor in Splunk Search 05-11-2015 1 2	1	2
REST API/Curl help Hi, I have a search that runs within Splunk, but when I try it via curl, I get an error. Hoping someone can help me... by a212830 Champion in Splunk Search 05-11-2015 0 2	0	2
How to debug transforms.conf regex errors Hi I have a logfile with different formated lines and I want to extract comon fields . My props.conf looks like: ... by huaraz Explorer in Splunk Search 05-11-2015 0 2	0	2
How i get Avg, Max, Min for every 5 min interval one by one in row? I create query which give total Average, min and max value in one row i need the result come in every 5 minuet Avg, ... by nitesh218ss Communicator in Splunk Search 05-11-2015 0 9	0	9
Help with search and stats Hi, I need to report on the latest events per two fields - remotehost and FS_Name. The FS_Name could be the same on... by a212830 Champion in Splunk Search 05-11-2015 0 5	0	5
why I am not able to find my string using search? I am trying to find the string using search "com.jdedwards.system.connector.dynamic.InvalidRemoteSessionException". T... by Abilan1 Path Finder in Splunk Search 05-11-2015 0 7	0	7
format command using up memory I got a simple search which uses format command and I noticed that the search uses up much more memory than when I do... by cwl Contributor in Splunk Search 05-10-2015 1 1	1	1