Splunk Search

Community Activity

Duplicate nested KV's Resource_list_select=ncpus=24:mpiprocs=2:node_class=n24.48+7:ncpus=24:mpiprocs=1:node_class=n24.48 Every once in a w... by mjones414 Contributor in Splunk Search 07-18-2014 0 1	0	1
How do you search on a form token that has a value enclosed in double quotes? Hello. I know variants of this question have been asked before, but I haven't found a solution for my specific case.... by cphair Builder in Splunk Search 07-18-2014 0 2	0	2
How to extract data into a data model attribute regex? I'm trying to extract data into a Data Model Attribute Regex. The data I'm trying to extract from the events get log... by robertpenberthy Explorer in Splunk Search 07-18-2014 1 3	1	3
Not Reading Dropdown Form Tokens I'm trying to use two dropdowns, one to select a fiscal quarter and one to select the fiscal year. These are both bas... by willial Communicator in Splunk Search 07-18-2014 0 4	0	4
Return the Field Name from a Common Value Across Sourcetypes If I do a search like this: index=* sourcetype=* host=* 1.1.1.1 And I get millions of responses from dozens of sour... by proletariat99 Communicator in Splunk Search 07-18-2014 1 2	1	2
Limited Search to 2 Categories The search below is taking anything that contains IBC Allow in the category and repurposing it to a new Category. Onl... by jaywilwk Engager in Splunk Search 07-18-2014 0 10	0	10
lookup table mappings configuration and sample request Can you please tell us how to setup the lookup table for the below case, We have indexed log like below pattern and ... by dhavamanis Builder in Splunk Search 07-18-2014 0 1	0	1
can i hide and show the modules ?? Hi.. I have created a advanced xml with certain no of modules in it.can i hide the modules and display when ever i n... by rakesh_498115 Motivator in Splunk Search 07-18-2014 0 9	0	9
LDAP lookup shell script inside python wrapper not executing in Splunk search I have a proxy that logs to my SPLUNK and send it an information (userid). With that information I need to search my ... by alexantao Path Finder in Splunk Search 07-18-2014 0 5	0	5
Help with regex to extract field "failure" and add to field called "error" Can anyone help me with a regular expression for an extraction please? Need to extract "failure" from below and add ... by denisevw Path Finder in Splunk Search 07-18-2014 1 7	1	7
How to update app with deployment server without overwriting current csv files? I have an app that updates a lookup table from a saved search each night. The app is going to be updated periodically... by franks59 Explorer in Splunk Search 07-18-2014 0 4	0	4
How to add values and count of a field and use them in a stats command? Hi Splunkers I need some assistance with a search. I need to add the values of a Field and then use them in a stats... by denisevw Path Finder in Splunk Search 07-18-2014 1 4	1	4
Splunk hangs browser doing simple search with ERROR StreamGroup log entry Here is the log entry from splunkd.log: 12-23-2013 11:47:26.478 -0500 ERROR StreamGroup - Dumping contents of file="... by working_dog Explorer in Splunk Search 07-18-2014 2 5	2	5
How to graph keep-alive timers from tcpdump I am trying to use Splunk to monitor the time between keep alives between servers. The data has been captured using t... by chrisraper New Member in Splunk Search 07-18-2014 0 1	0	1
Is there a way to put eval into a file to be called up as a function? For various dashboards and whatnot, I have a particular eval that I use quite a bit over a couple of calculated field... by Richfez SplunkTrust in Splunk Search 07-17-2014 1 2	1	2
How many people login with the same IP in the same hour using stats? Hi, I have a problem with "stats count by" command. I have login, ip and hour. I want to know how many people have s... by RichPierre Engager in Splunk Search 07-17-2014 1 3	1	3
Adding a column to a daily stats chart that adds up multiple fields I have a simple stats chart that shows a daily total with 6 fields. I would like to add a column that adds 3 of thos... by Bliide Path Finder in Splunk Search 07-17-2014 1 4	1	4
How to search and table IP addresses to see which ones are active? Hello, I am trying to do a complex search for almost 500 IP addresses to see which ones are active. My query looks li... by m8733 Explorer in Splunk Search 07-17-2014 1 26	1	26
Problem with fields extractions using configuration files Hello, I'm creating an add-on that sets a data source and fields extractions. First, I modify inputs.conf to set th... by SalimRahmani Explorer in Splunk Search 07-17-2014 0 4	0	4
Use field result from one search to perform another search? So I've searched the Splunk answers over and over, and read up on subsearches, but I must not be getting something qu... by dreamwork801 Path Finder in Splunk Search 07-17-2014 1 1	1	1
Do newly added tags get updated for already indexed data or only new incoming data? Hello All, Does the newly added tags get updated for already indexed data OR it applies for new in-coming data? Th... by rsathish47 Contributor in Splunk Search 07-17-2014 1 4	1	4
Timechart count with split-by not adding up I have 191 events logged for a specific day. When I do a timechart span=1d count I get count of 191 for that day... by asetyyli Explorer in Splunk Search 07-17-2014 1 3	1	3
Share a search for multiple widgets in a Dashboard Hi. I want to create a Dashboard containing several widgets that mainly, are views of the same set of information re... by arturoduran Engager in Splunk Search 07-17-2014 0 3	0	3
avg value of a field based on the range of another field Logs : Size ExecValue 3 400 4 200 13 150 2 300 Output: Size avg(ExecValue) ... by Da_Vicki Engager in Splunk Search 07-17-2014 0 1	0	1
percent of sum over total elapsed time I'd like to write a report in Splunk that would give me sum(downTimeInSec) as a percentage of total time, 3 days. Th... by SamPask Engager in Splunk Search 07-16-2014 1 3	1	3