Splunk Search

Community Activity

Splunk 6 - Customize Search App Views In Splunk 5, it was possible to customize the two basic views in the Search App: flashtimeline and dashboard_live. Th... by lguinn2 Legend in Splunk Search 08-18-2014 3 11	3	11
Grouping events by time within some milliseconds Hello there, I hope there is someone who can help me. I want to group events that occur within some milliseconds. I ... by TBo123 Path Finder in Splunk Search 08-18-2014 0 4	0	4
How to use variables in splunk to count something? Hallo again, is it possible to use variables in splunk to count something? For example if a string match something t... by TBo123 Path Finder in Splunk Search 08-18-2014 0 2	0	2
searching 3 index to get field not found in other index I have three indexes. I want to create single table in dashboard panel for the following requirement. index=indexPr... by kb_vells Path Finder in Splunk Search 08-18-2014 0 4	0	4
How to find all results in an inputlookup and display zero if no events are matched? I have a semi-static CSV that I am using for an input lookup to generate usage data on trial application we have in o... by justinfranks Path Finder in Splunk Search 08-17-2014 0 4	0	4
How to create timechart of events from servers that appeared last week, but not the last 24 hours? Hi, I have hundreds of servers that report to Splunk. I would like to create a timechart that will include only event... by yanivamram Path Finder in Splunk Search 08-17-2014 1 4	1	4
How to get Hunk to recognize timestamps with sub-second epoch times in data path? In our environment we have data files that contain earliest and latest time expressed in millisecond granularity, see... by Ledion_Bitincka Splunk Employee in Splunk Search 08-15-2014 2 1	2	1
How to create a chart from a search finding percentages? I know Im likely missing something easy, but I cant seem to get the output how I would like. I have the below search... by brywilk_umich Path Finder in Splunk Search 08-15-2014 0 1	0	1
Subsearch Passback I have the following sub-search: index=voice "ani" "8005558508" \| rex field=_raw "{\"ani\",\"(?<ani>\d*)\"}" \| rex f... by steven10172 Explorer in Splunk Search 08-15-2014 0 5	0	5
Problem with strptime() when date is earlier than 1970 \|eval DateMeasured="1900-01-01" \|eval DateMeasured=strftime(strptime(DateMeasured,"%Y-%m-%d"),"%d/%m/%Y") Returns no... by manus Communicator in Splunk Search 08-15-2014 0 4	0	4
Manipulating inputs prior search in app I have created an app which has a single input for MSISDN. The user enters the MSISDN in local 10-digit format ex: 0... by carljohan Path Finder in Splunk Search 08-15-2014 0 11	0	11
Calculate epoch date from a month name I have a date field "Expiry" that comes in this lovely format: To: Thursday, 17 July 2036 00:59:59 o'clock BST I c... by skooby Explorer in Splunk Search 08-15-2014 0 2	0	2
Troubleshooting a multi-line, multi-value field extraction My event is mostly output from java's keytool utility, and looks like this...... (except for the top line which is ... by skooby Explorer in Splunk Search 08-15-2014 0 4	0	4
Too many search jobs found in the dispatch directory. How to remove old search jobs? Hi All, Am getting the error message below: "Too many search jobs found in the dispatch directory (found=2021, warn... by kpavan Path Finder in Splunk Search 08-14-2014 1 2	1	2
How to display events in chronological order on a graph? I am displaying the number of bytes out per hour for a single user. When I attempt to graph this for the last 24 hou... by DEAD_BEEF Builder in Splunk Search 08-14-2014 1 4	1	4
Is it possible to use appendcols without multiple searches to improve efficiency? Hi, I am trying to build a table of results, and my query has the form: search X \|dedup block \|stats count by block... by asherman Path Finder in Splunk Search 08-14-2014 1 8	1	8
Why timewrap command only shows current results from today (latest_day)? I am trying to test timewrap and have created the following simple search: index=_internal source=*metrics.log group... by hlarimer Communicator in Splunk Search 08-14-2014 0 3	0	3
How to combine two searches to evaluate uptime percentage? Hello, I have nagios feeding data into splunk. The below searches give me ping (up, down) and a service check (ok, ... by brywilk_umich Path Finder in Splunk Search 08-14-2014 0 4	0	4
Display Time in Stats Chart I have built a dashboard panel for management that shows concurrent connections by hour during peak hours to one our ... by caviman2201 Path Finder in Splunk Search 08-14-2014 0 11	0	11
Search timerange within custom time I am trying to create an alert to check for spikes in a record that is created once a minute with a number of created... by skuller Engager in Splunk Search 08-14-2014 0 2	0	2
How to write regex for search or index time field extractions? Im trying to get search time field extractions (or index time) on the following log format: 2014-06-11T09:32:45.545-... by smudge797 Path Finder in Splunk Search 08-14-2014 0 4	0	4
How can I get the previous value of the field that I'm computing in my eval I'm computing a field using eval statement and in the same eval I want to check what is the value for the same field ... by pradeepkumarg Influencer in Splunk Search 08-14-2014 1 3	1	3
Is there already a French translation for Splunk available? To Translate my Splunk app into French following the advice in: http://docs.splunk.com/Documentation/Splunk/5.0.2/Adv... by PaulZandbergen Engager in Splunk Search 08-14-2014 0 4	0	4
How to hide search string in the link for my dashboards? Hello, when I open my dashboards the search string is embedded in the link. How can I hide the string, that nobody ca... by C_Sparn Communicator in Splunk Search 08-14-2014 0 12	0	12
How to calculate the average time of day a job will finish with end_time field? I have a table which has start_time & end_time of some jobs. Now i want to calculate the average at what point of tim... by allan_newton Path Finder in Splunk Search 08-14-2014 1 3	1	3