Splunk Search

Community Activity

append searches I appended 2 searches and each of them has "top Engineer" and now my result is like this. Engineer Escalated Cl... by karthik4455 Explorer in Splunk Search 07-27-2014 2 2	2	2
"Compress" a multiline search Hi, I am trying to compress/optimize a search, spanning multiple lines, see below (obfuscated, but logically the sam... by atanasmitev Path Finder in Splunk Search 07-27-2014 1 3	1	3
Distinct count higher than a value ? Hello all, I am trying to search for distinct count higher than a value. Below is what I tried, obfuscated : stats... by atanasmitev Path Finder in Splunk Search 07-27-2014 1 2	1	2
How to dynamically select a search from dropdown Hi, i have a dashboard and i want to get data for each environment. For example QA/Prod, etc. So i want to have a d... by xvxt006 Contributor in Splunk Search 07-25-2014 0 2	0	2
Separate a field value and use the parts to make a new field Separate a field values and use the parts to make a new field. My host names have four components in the name separat... by hartfoml Motivator in Splunk Search 07-25-2014 1 1	1	1
How to ignore a section of a log in a query? I am parsing a file and would like to skip a section of the same Below is the log : \| INFO \| 57023 \| Starting new th... by shah_nishay Engager in Splunk Search 07-25-2014 0 6	0	6
Help with rex expression to capture time Hi, i have an event like below after ms there is a line break and some other text. i want to capture that time. i h... by xvxt006 Contributor in Splunk Search 07-25-2014 0 4	0	4
Data normalization for bandwidth from Mbps to Gbps I have some logs that list the bandwidth in either Mbps or Gbps. I want to make some reports that show everything as ... by sswansonchtr Path Finder in Splunk Search 07-25-2014 0 5	0	5
Change Column Color If Over Threshhold - Splunk License I've looked at this link: http://answers.splunk.com/answers/7228/change-column-color-if-over-a-range However, I am ... by aferone Builder in Splunk Search 07-25-2014 0 7	0	7
Help with regex search Good Afternoon, I would like to use a regex search to get "Inbound TCP connection denied" and "High". What's the co... by jhampton3rd Explorer in Splunk Search 07-25-2014 1 2	1	2
HTML query for passing multiple values form checkbox I have converted simple XML dashboard to html dashboard. var selectedsourcetypes="sourcetype=" + view_checkboxgroup.... by vaishnavi07 Explorer in Splunk Search 07-25-2014 0 2	0	2
Create a new row based on two fields? Good day Splunkers, I have this table example consisting of 4 fields naming (src_ip, start_time, time_delta, avg_byt... by crt89 Communicator in Splunk Search 07-24-2014 1 4	1	4
My Named Searches are being Audited, can I put a title on my search? Our named searches are being audited. Named searches are those that have a specific User name in the actual search sy... by mcm10285 Communicator in Splunk Search 07-24-2014 1 2	1	2
DB Connect Database Query Ignoring Alias Names and Functions Hey folks, I'm running into an issue where the Splunk DB Connect App is not respecting the alias names and through m... by AvianFLU Explorer in Splunk Search 07-24-2014 1 2	1	2
extracted field propagation across related events Hey all, I have a event log that i have to generate reports off of for the BI team where i work. the problem i keep r... by twistedsixty4 Path Finder in Splunk Search 07-24-2014 0 3	0	3
How to use join command to keep events from subsearch that do not match with parent search? My understanding of the documentation (and my experiments) is that the inner keeps only events that match both search... by sloshburch Ultra Champion in Splunk Search 07-24-2014 1 5	1	5
Data Model Regex - Matching on Angle Bracket (<) I amy trying to use an angle bracket (< or >) as part of the raw text criteria for a regex in a data model using 6.0.... by David Splunk Employee in Splunk Search 07-24-2014 0 1	0	1
Python example fails I know this is probably because I am not a Python expert and I have done something wrong, but when I try to run your ... by rmarshall Explorer in Splunk Search 07-24-2014 1 2	1	2
Regex Help I am struggling with the regex match on the below pattern. I need to capture etl_fdaf_33424134 . Pretty much after th... by theouhuios Motivator in Splunk Search 07-24-2014 0 4	0	4
How to combine search results with multiple fields and compare the results against a table. I am trying to combine the search results from 3 separate sources logs and then compare the results against it agains... by sbadger Explorer in Splunk Search 07-24-2014 1 9	1	9
Counting Number of Events Matching Search in a Transaction I have a number of events, correlated in a transaction by a field called distinct_id. The typical transaction setup i... by kevinrentenna New Member in Splunk Search 07-24-2014 0 3	0	3
If-statement does not work Hi, my search looks like this: ... \| eval month=strftime(_time, "%Y_%m") \| chart dc(user_id) as count by user_id, m... by HeinzWaescher Motivator in Splunk Search 07-24-2014 0 6	0	6
Python Script Not working via search command Hi, I have written a python script which runs perfectly when opened directly, but when i run it via search \|script p... by harshal_chakran Builder in Splunk Search 07-24-2014 0 2	0	2
Combine two tables into one wrt two common parameter(where blank values should be filled with zero "0") Hi , I have two input csv's which are displayed in splunk as shown in below image: I want to search in second csv ... by harshal_chakran Builder in Splunk Search 07-24-2014 0 2	0	2
Append search term based on condition How can I append a search term based on a condition? For example - if fieldA > 1 I want to append \| search someCri... by pradeepkumarg Influencer in Splunk Search 07-23-2014 1 1	1	1