Splunk Search

Community Activity

how to calculate the difference between two dates in transaction I have a set of logs over which the transaction command is applied and some fields are extracted .Below is the sample... by Mubarish Path Finder in Splunk Search 07-11-2014 0 3	0	3
Why do real time searches create many rt_scheduler_* directories, how can I control them I have set up a single real time alert that creates about 1000 rt_scheduler__ entries in /var/run/splunk/dispatch/. I... by chris Motivator in Splunk Search 07-11-2014 1 4	1	4
showing max and min value along with line chart How to show a max value and min value along with line chart in Splunk dashboard. Currently splunk dashboard has a lin... by sathiyamoorthy Explorer in Splunk Search 07-11-2014 0 2	0	2
Which search commands use MapReduce and which don't? Is there a list published someplace? Or a rule? Thanks! by whoogle New Member in Splunk Search 07-10-2014 0 1	0	1
Why isn't my lookup working? Lookup file testing.csv looks a bit like user,username 1234,bob 2345,jim 3456,mary In props.conf I have [weblogic... by willthames2 Path Finder in Splunk Search 07-10-2014 2 7	2	7
Finding substrings When searching for index=myindex exception I only get events with the text "exception" surrounded by term separato... by sloshburch Ultra Champion in Splunk Search 07-10-2014 1 4	1	4
Request: Lookup Search Ability It would be very convenient to be able to see all of the dashboards in which a lookup is being used - that way if I w... by edschembor Path Finder in Splunk Search 07-10-2014 0 5	0	5
Field-Extraction I have a some data I am attempting to extract and then do lookups on. I am attempting to extract the FID number, whic... by tmarlette Motivator in Splunk Search 07-10-2014 1 8	1	8
How to aggregate data from CSV file in Splunk Chart? Hi guys, I have CSV file with following structure, TicketNumber,OpenDate 1,date1 2,date1 3,date1 4,date2 5,date3 6,... by rus7am Explorer in Splunk Search 07-10-2014 1 3	1	3
How do you extract timestamp in Mysql database column? Hi splunkers, I am collecting data using dbconnect and I am studying about this application, then I installed mysql... by dfigurello Communicator in Splunk Search 07-10-2014 1 6	1	6
Updated lookup tables not reflected in the UI After updating some lookup tables that define a server, its alias, and the environment it is apart of (stage, dev, pr... by LiquidTension Path Finder in Splunk Search 07-10-2014 0 6	0	6
Display all enabled user event without a corresponding create event and mark the time Hello everybody, I'm trying to figure out the following problem - "Display all enabled user event without a correspo... by sijssennagger Engager in Splunk Search 07-10-2014 1 2	1	2
Regex for extraction between text and second comma I am working on a field extraction. I have created an extraction that pulls the field I want but I need it to pull e... by Bliide Path Finder in Splunk Search 07-09-2014 1 5	1	5
Regex works inline search but not as field extraction... I have a regex I am using to extract exception from a java stacktrace to get for error analysis. It would be much bet... by snoobzilla Builder in Splunk Search 07-09-2014 1 4	1	4
Using Transaction on one to many relationship data I have following data from a log file and I am trying to create a Report on Splunk site. 2014-07-08 16:09:55.966473 ... by shah_nishay Engager in Splunk Search 07-09-2014 0 6	0	6
Is there a way to add a "country" field to logs based on their ip address Hi, Obviously ip addresses can be pushed onto a world map. However, I'd like to create reports Split by country spec... by anthonycopus Path Finder in Splunk Search 07-09-2014 1 2	1	2
Automatic lookup on eventtype not working - same lookup works inline I am working on a way to bucket java stacktraces and assign numbers to those signatures... lookups seem an obvious ch... by snoobzilla Builder in Splunk Search 07-09-2014 0 2	0	2
How to find the number or days between a fixed date and Today date Hello Experts, Here's our requirement: We are performing an auto repair process based on the Splunk output. The goal... by Raghav2384 Motivator in Splunk Search 07-09-2014 0 6	0	6
New line with count eval match Hi, I did a search of search engine bots and divide them by number and take their total calls. This one is for goog... by levent_kurt Explorer in Splunk Search 07-09-2014 0 1	0	1
loadjob Encountered an error while reading file '/opt/splunk/var/run/splunk/dispatch/scheduler[...]/results.csv.gz' Hello, I'm using Splunk 6, I have an issue when I want to load a basic savedsearch with the command line below : \|... by Micmac Path Finder in Splunk Search 07-09-2014 1 4	1	4
search by linecount last 1 million lines. how can i search only last 1 million lines of 4 million lined total log file? by levent_kurt Explorer in Splunk Search 07-09-2014 0 1	0	1
Subsearch calculating average of hits and showing list of values higher than the average? I am trying to make a subsearch which calculates the avg of the hits . And showing the list of higher value than the ... by changwoo Communicator in Splunk Search 07-09-2014 1 3	1	3
calculate duration of multiple seperate log lines Sometimes a single connection is interrupted in the logs, becoming two lines. (Lines 2 and 5) and sometimes the exact... by AzJimbo Path Finder in Splunk Search 07-09-2014 0 4	0	4
Search result based on max(field) Log format ServiceName,ResponseTime,RequestTime,TransactionId Service1,10,12,12345 Service2,5,8,12346 Service2,7,3,1... by th1agarajan Path Finder in Splunk Search 07-08-2014 0 3	0	3
REGEX not working in transforms.conf Here is my event: Contact=" (Contact){ Id -- '123' Email -- 'johnny@gmail.com' Name -- 'Johnny blah' Phone -- '33333... by jhallur_splunk Splunk Employee in Splunk Search 07-08-2014 0 5	0	5