Splunk Search

Community Activity

Plot Scatter Chart based on Time I need to plot a scatter/line chart using the below data: Time TransID Duration TransStatus 10/15/... by Venkat_16 Contributor in Splunk Search 10-29-2014 1 1	1	1
Getting the number of parallel intervals in timechart from start and end event I have an event for a user that joins the system and an even for a user that leaves that system. I want to create a t... by shacharz Explorer in Splunk Search 10-29-2014 0 3	0	3
Can I format a table in reverse (field headings by row, not by columns)? I have a number of fields formatted into a table. For example: results \| stats count(results) as Field1, stats coun... by jamesklassen Path Finder in Splunk Search 10-29-2014 2 7	2	7
Why iplocation search returns fields, but no expected results related to iplocation? I'm attempting to use iplocation with searches, but it is not returning any additional fields. I am trying to search... by xyzzylatest Engager in Splunk Search 10-28-2014 0 5	0	5
How to extract fields depending on log message type? Hi, I have a log file consisting of log entries with the following format: data time source message_type optional_qu... by dotandvir Engager in Splunk Search 10-28-2014 2 3	2	3
How to extract a field from within the value of another field? A have a field called RAW_DATA with the following value, for example: 12101410270930070129625962180300102419352400010... by maruero New Member in Splunk Search 10-28-2014 0 7	0	7
Stats output into timechart Hello, I've seen similar posts but they do not answer this question. What I'm trying to do is take the Statistics nu... by thisissplunk Builder in Splunk Search 10-28-2014 0 13	0	13
Why are my two search queries not working with the transaction command? I have a splunk query which takes data out of a database and tries to perform transaction on it. I've discovered some... by sjanwity Communicator in Splunk Search 10-28-2014 2 4	2	4
Why is sorting by time reducing the number of my search results? I made a search over two indexes (OR connected) and five sourcetypes (OR connected), limited the time to two days and... by ulrich_track Path Finder in Splunk Search 10-28-2014 0 1	0	1
Change click behavior in Search in 4.1.2 Any idea how to change the 'click to search' behavior in 4.1.2? Specifically I want to disable the feature that allow... by justinhall Engager in Splunk Search 10-27-2014 1 2	1	2
How to overlay two searches on the same graph? I have these two searches and am trying to figure out the best way to overlay them both on the same graph: search 1 ... by mark_chuman Path Finder in Splunk Search 10-27-2014 1 2	1	2
Performing time restrictions in a subsearch Hi All, Having a sticky issue with adding another time restriction after the primary search. The data we have that ... by phoenixdigital Builder in Splunk Search 10-27-2014 0 3	0	3
How can I append additional custom values to existing field values obtained from an inputlookup? I have an inputlookup xy.csv which is used by multiple searches and has comma separated data. In one of my searches, ... by tehale New Member in Splunk Search 10-27-2014 0 1	0	1
how to show daily 2pm to 4 pm data for one week Hi All, how to show daily count of 2pm to 4 pm data for one week like this i want monday to sunday monday 2pm =10 ... by mvaradarajam Path Finder in Splunk Search 10-27-2014 0 5	0	5
Can field values be used as a macro name? Can be used as a macro name field value? EX) index=_internal \| table sourcetype \| `sourcetype` I have a 500 type ... by mrain7 New Member in Splunk Search 10-27-2014 0 3	0	3
MINTのSDKドキュメントの場所 MINTのSDKや実装例のドキュメントの場所がわかりません。 SDKドキュメントはどちらにありますか？ by Splunk_Shinobi Splunk Employee in Splunk Search 10-27-2014 0 1	0	1
I would like to run a regex search to find two words no more the six words apart Is this string anywhere near where I need to be to find word1 and word2 no more than 6 words apart in the field inter... by BrandSentiment Explorer in Splunk Search 10-26-2014 1 4	1	4
Combining a stats search and normal search Is there a query to combine 2 searches a running normal search and stats search and display a single output o... by shellnight Explorer in Splunk Search 10-25-2014 0 23	0	23
lookup table 'lo_hi_subnet_CIDR' does not exist Hope I get some help, message: The lookup table 'lo_hi_subnet_CIDR' does not exist. It is referenced by configuratio... by pparkerntx99 Explorer in Splunk Search 10-24-2014 0 1	0	1
Extract data of only one day from the csv file Hi, I have a csv file which looks like this I am trying to display a table with "ID" and "timestamp "displaying... by harshal_chakran Builder in Splunk Search 10-24-2014 0 5	0	5
Can I use DB Connect to interact with Vertica? Hi, I want to index/lookup data stored in Vertica. Could I use DB Connect for this purpuse? Has anyone actually done... by melonman Motivator in Splunk Search 10-24-2014 2 5	2	5
Get duration between two different events in milliseconds I am trying to figure out how to get duration returned in milliseconds between two events. Transactions are great to ... by tmelios Engager in Splunk Search 10-24-2014 0 5	0	5
Rex Question Hi, Does anyone know what i need to put in between these two fields in order to make the query continue on the ip2 i... by ho000dor Explorer in Splunk Search 10-24-2014 0 8	0	8
eval not matching value from Data model Im rewritting a dashboard using data models. So far so good, but I'm stuck at this point where I need to redefine two... by snemiro_514 Path Finder in Splunk Search 10-24-2014 1 1	1	1
Standard Deviation of Timechart I'm working on a chart which will map a baseline of existing data. The search I am currently using is as follows. so... by tfitzgerald15 Explorer in Splunk Search 10-24-2014 0 1	0	1