Splunk Search

Community Activity

Why other users cannot see results from dashboard with inline searches? I created a dashboard with inline searches. Why can't other users see any results, even users in the same Admin group... by yuan_ka Explorer in Splunk Search 07-04-2014 1 4	1	4
Subtotals over columns generated by timechart I have the following search query: source=*Src some_filtering \| ... \| timechart span=5m max(ActCnt) by source that... by takemusu Explorer in Splunk Search 07-03-2014 0 3	0	3
How to extract Time and User from events using regex? The following events are filtered by Snare and sent to Splunk from Windows Servers: Server.egcorp.com MSWinEventLo... by uayub Path Finder in Splunk Search 07-03-2014 0 16	0	16
Modify default field extraction for spaces We are successfully ingesting Websense logs into Splunk but the user field is recorded in LDAP context and has spaces... by cbs01 Engager in Splunk Search 07-03-2014 0 1	0	1
Graphing windows system from uptime to downtime I have a query that provides windows startup, ending and duration - however I was looking for a way to graph this? T... by matthewhaswell Path Finder in Splunk Search 07-03-2014 0 1	0	1
How to force graph to include recent "zero" values? So I have this basic search for a line graph visualization: (search goes here) \| timechart count Let's say I've ha... by echojacques Builder in Splunk Search 07-03-2014 0 9	0	9
Combining fields with mvcombine Hi folks, I'm trying to merge events that share a common keyword value, with the mvcombine. The problem is it just l... by jravida Communicator in Splunk Search 07-03-2014 0 1	0	1
Format Stats Column Data So I'm running this search string here: index = git \| rename Data.payload.head_commit.modified{} as FilesModified \| ... by dreamwork801 Path Finder in Splunk Search 07-03-2014 0 2	0	2
How to filter Windows Security Event Logs containing machine name as username? Hello everyone, I´m trying to filter some Windows Security Event Logs that contains the machine name as the username... by caroline_fortun Explorer in Splunk Search 07-03-2014 0 4	0	4
Substring of multivalues out ot multivalue field I'm trying to produce a multivalue field out of another multivalue field in my data model, and that's proven to be qu... by geoffmartin Engager in Splunk Search 07-03-2014 0 1	0	1
REGEX to remove a word from indexing Anybody can answer to simple question? How to remove from indexing host= d:\TEST.log just "<TD>" combination? What sh... by sergeyvinnik Explorer in Splunk Search 07-03-2014 0 3	0	3
How to return result for users whose name contain and do not contain underscore My Splunk is 5.0.5. I constructed a rex to extract user from free-hand logs. In some logs, user is null. This skew... by yuanliu SplunkTrust in Splunk Search 07-03-2014 0 9	0	9
Macro and Comment Fields Is it possible to add a comment field in a Macro so that it is displayed in a search? For example, if a macro contain... by albyva Communicator in Splunk Search 07-03-2014 0 1	0	1
SplunkES - How does the correlation search results goto 'notable' index ? How does the results of the correlation events go to "notable" index ? Is there any configuration file for this ? Al... by splunker12er Motivator in Splunk Search 07-03-2014 0 1	0	1
Increasing TIMESTAMP by adding seconds. Hi, I have a proxy log that logs the time the query was executed and also give the duration in seconds. "11/Jan/201... by jlhamlet Path Finder in Splunk Search 07-03-2014 0 3	0	3
Regex Field extraction question Hello, I am trying to extract a field and I have an error in my REGEX. The line looks like this: 6/26/2014 13:00:1... by Bliide Path Finder in Splunk Search 07-03-2014 1 5	1	5
How do i find the most common events in my search? As a splunk user, i want to find the most common events in my search results. How would I accomplish this? I am tryin... by RicoSuave Builder in Splunk Search 07-02-2014 2 2	2	2
Concatenate events from FTP log to produce UserID list of successful logins My goal is to create a search that produces a report of ftp users that have logged in (successfully) in the past 7 da... by bwhyle Engager in Splunk Search 07-02-2014 1 3	1	3
How to run three different searches on click of a submitbutton? Hi How to run three different searches on click of a submitbutton? The scenario to choose a particular search will b... by Mubarish Path Finder in Splunk Search 07-02-2014 0 4	0	4
Top 3 results within a group from table How can i get the top 3 rows from each group in a table. Here is sample data output from my query The output is res... by pradeepkumarg Influencer in Splunk Search 07-02-2014 0 2	0	2
Regular expressions I'm new to writing regular expressions and am having a difficult time building a field using extract fields. Unfortun... by jsmith39 Path Finder in Splunk Search 07-02-2014 0 5	0	5
scheduled search with changing query Hi, I'm using 6.1 I have a group of people who are looking at a way to create monthly reports based on their list o... by jonathanfalconi Explorer in Splunk Search 07-02-2014 0 2	0	2
Moving CSV file to lookup folder Hi, I need to move the csv file generated inside the folder $SPLUNK_HOME$\var\run\splunk [as part of outputcsv comma... by Bhuavana Explorer in Splunk Search 07-02-2014 0 1	0	1
How to make case InSensitive search everywhere by default? Hi all, I need to make by default all searches in Splunk 6.1.1 as case InSensitive. For example, this search are cas... by Nikita_Danilov Path Finder in Splunk Search 07-02-2014 0 5	0	5
Splunk skipping indexing of Websphere logs We have a case where 4 log files are being monitored. Daily the log file is rolled to a back up and truncated at the ... by asherinb Explorer in Splunk Search 07-02-2014 0 2	0	2