Splunk Search

Community Activity

Rowcount comparisons on large numbers of database tables I'm working with a customer to run rowcount comparisons between two tables that are replicating data in one direction... by mcomfurf Path Finder in Splunk Search 05-12-2015 1 2	1	2
Log file not have any date field but splunk auto give different different date to event i need remove date in _time field? Hi I have log file which create every 1 hr so they not have date field but splunk Automatically provide different da... by nitesh218ss Communicator in Splunk Search 05-12-2015 0 15	0	15
Subtract two time in one event not work properly in milisecond hi try to subtract 2 time but some are subtract some show blank my time format is 07:33:41.556 I below i write 2... by nitesh218ss Communicator in Splunk Search 05-12-2015 0 18	0	18
Search for inactive users in my application I am using Splunk to monitor my application and would like to know what users have been inactive of the last X days. ... by will_paxata Explorer in Splunk Search 05-12-2015 0 4	0	4
Top 10 Values of the column Hi all, I am able to get top 10 values but with that I need to get others ( Those who are not in Top 10 ) in one val... by SanthoshSreshta Contributor in Splunk Search 05-12-2015 1 3	1	3
Add a new column,except "Time" "Event". I want to add a new column,just like host to default the search results display .You know the searchstring like "ind... by dovelsh12223621 Path Finder in Splunk Search 05-12-2015 1 3	1	3
Timechart with two graphs Hi! Is there any way to show the following search on a timechart with two graphs lines, one with the number of hits ... by epacke Path Finder in Splunk Search 05-12-2015 0 1	0	1
Scatter Plot of some data I'm new to Splunk and trying to create graphs on some information that I'm collecting. I have lots of jobs that run ... by wweiland Contributor in Splunk Search 05-12-2015 0 6	0	6
How to restrict searches that use wildcards in the index (ex: index=* index=test* index=*test)? For audit and performance reasons, I want to educate (force) my users to always explicitly provide the index(es) that... by lassel Communicator in Splunk Search 05-12-2015 1 8	1	8
Extract date / time from source path with custom datetime.xml I'm hoping someone can help out with something that's been baffling me re: using custom a datetime.xml to extract the... by emechler_splunk Splunk Employee in Splunk Search 05-11-2015 3 4	3	4
conditional distinct count Hello, Is there a way I can merge these two searches into a single conditional search? index="webs" (process_resour... by zahmadian Engager in Splunk Search 05-11-2015 0 3	0	3
formatting _time field into a YYYY-MM-DD field This search is ok ... \| stats max(fieldname1) as fn1 by _time but I want to control the format of the _time field ... by HattrickNZ Motivator in Splunk Search 05-11-2015 0 3	0	3
How do you obtain an attribute present in numerous sourcetypes? I want to find any IP addr present in numerous sourcetypes. That is, the IP Addr MUST be present in ALL sourcetypes: ... by leotoa New Member in Splunk Search 05-11-2015 0 7	0	7
Setting table headers? I have a transposed table, and I want to change the header. Because of being transposed, it looks like this now: <hea... by szabados Communicator in Splunk Search 05-11-2015 0 1	0	1
Top 10 values and other to be Grouped in "OTHERS"..?? Hi All, I am bit new to this Splunk I am able to get top 10 values but not able to group other ( not in top 10 ) in ... by SanthoshSreshta Contributor in Splunk Search 05-11-2015 1 2	1	2
REST API/Curl help Hi, I have a search that runs within Splunk, but when I try it via curl, I get an error. Hoping someone can help me... by a212830 Champion in Splunk Search 05-11-2015 0 2	0	2
How to debug transforms.conf regex errors Hi I have a logfile with different formated lines and I want to extract comon fields . My props.conf looks like: ... by huaraz Explorer in Splunk Search 05-11-2015 0 2	0	2
How i get Avg, Max, Min for every 5 min interval one by one in row? I create query which give total Average, min and max value in one row i need the result come in every 5 minuet Avg, ... by nitesh218ss Communicator in Splunk Search 05-11-2015 0 9	0	9
Help with search and stats Hi, I need to report on the latest events per two fields - remotehost and FS_Name. The FS_Name could be the same on... by a212830 Champion in Splunk Search 05-11-2015 0 5	0	5
why I am not able to find my string using search? I am trying to find the string using search "com.jdedwards.system.connector.dynamic.InvalidRemoteSessionException". T... by Abilan1 Path Finder in Splunk Search 05-11-2015 0 7	0	7
format command using up memory I got a simple search which uses format command and I noticed that the search uses up much more memory than when I do... by cwl Contributor in Splunk Search 05-10-2015 1 1	1	1
predict does not span the full dataset Hello all, Using Splunk 6.2.1 enterprise, with the wonderfull "predict" feature on my dataset. Can't seem to solve... by kenvanderheyden Path Finder in Splunk Search 05-10-2015 0 2	0	2
Using "eventtype" inside "if" function of "eval" command? This is a repost from the forums and includes the question AND THE ANSWER!</p> QUESTION: I have an event defined li... by woodcock Esteemed Legend in Splunk Search 05-10-2015 0 3	0	3
radial/marker/and filler gauge viualistions + controlling the ranges dynamically I am looking at the radial/marker/and filler gauge viualistions. As I understand it I have to have my search so tha... by HattrickNZ Motivator in Splunk Search 05-10-2015 0 2	0	2
Unpivoting a lookup table I have an interesting lookup table problem. I essentially want to unpivot a lookup table (in other words I have multi... by Splunkster45 Communicator in Splunk Search 05-10-2015 0 1	0	1