Splunk Search

Community Activity

Average response time, and count, by url path Hi, I'm trying to create a table that shows me the number of times a URL is requested for and what its average respo... by hdus001 New Member in Splunk Search 07-02-2014 0 5	0	5
How to refresh the list of servers in the SOS app I removed a server from my cluster, and it still shows up in the dropdowns of the SOS app. How is it maintained, can ... by mataharry Communicator in Splunk Search 07-01-2014 2 2	2	2
Splunk appears to be ignoring limits.conf: base_max_searches = 8 When submitting queries in rapid succession to Splunk (via the REST API), I'm getting 503 errors from splunkd. This s... by zliu Splunk Employee in Splunk Search 07-01-2014 0 2	0	2
How to use delim with stats? How to use delim with stats? Multivalued fields generated after using list() in stats is resulting in space-separated... by adityainamdar89 Explorer in Splunk Search 07-01-2014 0 4	0	4
Using token from previous populating search within a second populating search Hi all, I am currently using a populating search for several dropdowns in a dashboard. I have one for location, dev... by bcarr12 Path Finder in Splunk Search 07-01-2014 0 6	0	6
How to run subsearches on individual values of a field from a primary search? I have a primary search that finds all the events that indicate a failure of a process and presents a list of unique ... by djconroy Path Finder in Splunk Search 07-01-2014 0 1	0	1
Why query works in my own app, but not Search and Reporting app? Hi, I am having trouble with a query. It works in my own app, which I created with the Splunk -> Manage Apps, new Ap... by splunkbeginner2 Path Finder in Splunk Search 07-01-2014 0 2	0	2
Max of Distinct Count I am trying to get a distinct count of two concatenated numbers and then get the max of that distinct count over a ti... by pontorito Explorer in Splunk Search 07-01-2014 0 6	0	6
How to split time equally in bar chart index=main sourcetype=myTest host="hello1234" getUserDetail \| rex "(?im)^(?:[^:]:){4}\s(?P<TIMESTAMP>(?P<Date>[^T])... by th1agarajan Path Finder in Splunk Search 07-01-2014 0 4	0	4
How to create overlay chart in Splunk 6.0 with 2 y-axes? How to create an overlay chart in 6.0 with 2 y axis where bar graph refering to one axis and line graph refering to s... by nidhigoyal Explorer in Splunk Search 07-01-2014 0 2	0	2
Searching indexes by Deployment Client Name In a network with up to 150 deployment clients (all UF), is there a way to search indexes for all data from a particu... by pmdba Builder in Splunk Search 07-01-2014 0 2	0	2
Field Extraction from space-aligned fields in multi-line events From events of the form: Filesystem Type Size Used Avail UsePct M... by landen99 Motivator in Splunk Search 07-01-2014 0 2	0	2
Need help with Lookup and Auto Lookup I do have a solution to get guest logged into our network. This gives nice logs that I get into Splunk. My goal is to... by lakromani Builder in Splunk Search 07-01-2014 0 6	0	6
EVAL, EXTRACT in props.conf not working when using field names with special characters Hi, I try to add some EVAL and EXTRACT to the props.conf of same windows events with german localisation. Because th... by ndcl Path Finder in Splunk Search 07-01-2014 0 2	0	2
Real-time charts - Query once, view many? Hi all, We have a splunk setup where we are investigating a way of having a shared streaming dashboard that can be u... by alekksi Communicator in Splunk Search 06-30-2014 0 1	0	1
Filtering events with inputlookup not working Hello, Here is an example of my csv - first three lines: sourceHost web-a01 a02 I have given the lookup global per... by bsizemore Path Finder in Splunk Search 06-30-2014 0 1	0	1
How can I do a timechart of sum(val) where events have start/end times? I'm hoping that this is easy for someone with more Splunk-Fu than my meager amount. The indexed data looks like the ... by rettops Path Finder in Splunk Search 06-30-2014 1 6	1	6
time range selection not working on CLI I'm trying: splunk search Calling -earliest=06/30/2014:11:40:00 AND -latest=06/30/2014:12:00:00 and i'm not getting r... by glsplunk New Member in Splunk Search 06-30-2014 0 4	0	4
Wildcards and Regex(s) in Windows OS (UF) Monitor Paths (inputs.conf)? Without any examples of Windows UF Monitor Paths (Universal Forwarder), it's pretty tough to figure out just what wor... by kfeagans_splunk Splunk Employee in Splunk Search 06-30-2014 2 5	2	5
Table visualisation of events with extra metadata fields I'm currently trying to get a dashboard to show a simple overview table of 4 or 5 keys fields. Then instead of using ... by atat23 Path Finder in Splunk Search 06-30-2014 0 4	0	4
Transaction with field from a lookup Hi, I'm trying to correlate events from 2 different sourcetypes. The “correlation field” is the user email address. ... by mpuigmal New Member in Splunk Search 06-30-2014 0 1	0	1
How do i get top services and put it in chart?? Hello, I need to get the top 25 services from the requesting system and have to put it in a chart with the SUCCESS a... by RashmiGowda Explorer in Splunk Search 06-30-2014 0 2	0	2
calculate duration between multiple events from same session I am dealing with log files which are structured as follows TimeStamp=1 SessionHandle=1 SessionEvent=A TimeStamp=2 Se... by sajids New Member in Splunk Search 06-30-2014 0 2	0	2
Moving manual rex to props.conf and transforms.conf Hi When I perform index=test_index, I can see the field name "actions" and "active_features" with one or more array ... by splunk_worker Path Finder in Splunk Search 06-30-2014 2 4	2	4
How to change the format of my data? Hi, we have data that i am getting report using addcols to combine the data and using transpose to get the data in t... by xvxt006 Contributor in Splunk Search 06-29-2014 0 2	0	2