Splunk Search

Community Activity

How to ignore a section of a log in a query? I am parsing a file and would like to skip a section of the same Below is the log : \| INFO \| 57023 \| Starting new th... by shah_nishay Engager in Splunk Search 07-25-2014 0 6	0	6
Help with rex expression to capture time Hi, i have an event like below after ms there is a line break and some other text. i want to capture that time. i h... by xvxt006 Contributor in Splunk Search 07-25-2014 0 4	0	4
Data normalization for bandwidth from Mbps to Gbps I have some logs that list the bandwidth in either Mbps or Gbps. I want to make some reports that show everything as ... by sswansonchtr Path Finder in Splunk Search 07-25-2014 0 5	0	5
Change Column Color If Over Threshhold - Splunk License I've looked at this link: http://answers.splunk.com/answers/7228/change-column-color-if-over-a-range However, I am ... by aferone Builder in Splunk Search 07-25-2014 0 7	0	7
Help with regex search Good Afternoon, I would like to use a regex search to get "Inbound TCP connection denied" and "High". What's the co... by jhampton3rd Explorer in Splunk Search 07-25-2014 1 2	1	2
HTML query for passing multiple values form checkbox I have converted simple XML dashboard to html dashboard. var selectedsourcetypes="sourcetype=" + view_checkboxgroup.... by vaishnavi07 Explorer in Splunk Search 07-25-2014 0 2	0	2
Create a new row based on two fields? Good day Splunkers, I have this table example consisting of 4 fields naming (src_ip, start_time, time_delta, avg_byt... by crt89 Communicator in Splunk Search 07-24-2014 1 4	1	4
My Named Searches are being Audited, can I put a title on my search? Our named searches are being audited. Named searches are those that have a specific User name in the actual search sy... by mcm10285 Communicator in Splunk Search 07-24-2014 1 2	1	2
DB Connect Database Query Ignoring Alias Names and Functions Hey folks, I'm running into an issue where the Splunk DB Connect App is not respecting the alias names and through m... by AvianFLU Explorer in Splunk Search 07-24-2014 1 2	1	2
extracted field propagation across related events Hey all, I have a event log that i have to generate reports off of for the BI team where i work. the problem i keep r... by twistedsixty4 Path Finder in Splunk Search 07-24-2014 0 3	0	3
How to use join command to keep events from subsearch that do not match with parent search? My understanding of the documentation (and my experiments) is that the inner keeps only events that match both search... by sloshburch Ultra Champion in Splunk Search 07-24-2014 1 5	1	5
Data Model Regex - Matching on Angle Bracket (<) I amy trying to use an angle bracket (< or >) as part of the raw text criteria for a regex in a data model using 6.0.... by David Splunk Employee in Splunk Search 07-24-2014 0 1	0	1
Python example fails I know this is probably because I am not a Python expert and I have done something wrong, but when I try to run your ... by rmarshall Explorer in Splunk Search 07-24-2014 1 2	1	2
Regex Help I am struggling with the regex match on the below pattern. I need to capture etl_fdaf_33424134 . Pretty much after th... by theouhuios Motivator in Splunk Search 07-24-2014 0 4	0	4
How to combine search results with multiple fields and compare the results against a table. I am trying to combine the search results from 3 separate sources logs and then compare the results against it agains... by sbadger Explorer in Splunk Search 07-24-2014 1 9	1	9
Counting Number of Events Matching Search in a Transaction I have a number of events, correlated in a transaction by a field called distinct_id. The typical transaction setup i... by kevinrentenna New Member in Splunk Search 07-24-2014 0 3	0	3
If-statement does not work Hi, my search looks like this: ... \| eval month=strftime(_time, "%Y_%m") \| chart dc(user_id) as count by user_id, m... by HeinzWaescher Motivator in Splunk Search 07-24-2014 0 6	0	6
Python Script Not working via search command Hi, I have written a python script which runs perfectly when opened directly, but when i run it via search \|script p... by harshal_chakran Builder in Splunk Search 07-24-2014 0 2	0	2
Combine two tables into one wrt two common parameter(where blank values should be filled with zero "0") Hi , I have two input csv's which are displayed in splunk as shown in below image: I want to search in second csv ... by harshal_chakran Builder in Splunk Search 07-24-2014 0 2	0	2
Append search term based on condition How can I append a search term based on a condition? For example - if fieldA > 1 I want to append \| search someCri... by pradeepkumarg Influencer in Splunk Search 07-23-2014 1 1	1	1
chart with missing values Hi, i am charting errors and i see that for some of the days there is no data and i want to fill that date with 0. S... by xvxt006 Contributor in Splunk Search 07-23-2014 2 5	2	5
chart by source and hostname Hello Splunkers, I am trying to correlate hostnames to multiple sources (4 .csv host files) to see if I can find wher... by lbogle Contributor in Splunk Search 07-23-2014 1 8	1	8
DB Connect : SQL query column output ALIAS names are not indexing as fields Hi, Background: I am trying to index SQL source where i have to give alias to table column names. My query: WITH ... by ma7859 Explorer in Splunk Search 07-23-2014 0 10	0	10
Search Help I am stuck on creating a search. I need to sort my results by Agency and I need to list a count of all events as well... by DonDandrea Path Finder in Splunk Search 07-23-2014 0 2	0	2
Sort year month string in timechart legend Hi, I am trying to sort the legend in my timechart chronologically but can't seem to make it work. This is my searc... by splunkmasterfle Path Finder in Splunk Search 07-23-2014 0 10	0	10