Splunk Search

Community Activity

Is there a way to add a "country" field to logs based on their ip address Hi, Obviously ip addresses can be pushed onto a world map. However, I'd like to create reports Split by country spec... by anthonycopus Path Finder in Splunk Search 07-09-2014 1 2	1	2
Automatic lookup on eventtype not working - same lookup works inline I am working on a way to bucket java stacktraces and assign numbers to those signatures... lookups seem an obvious ch... by snoobzilla Builder in Splunk Search 07-09-2014 0 2	0	2
How to find the number or days between a fixed date and Today date Hello Experts, Here's our requirement: We are performing an auto repair process based on the Splunk output. The goal... by Raghav2384 Motivator in Splunk Search 07-09-2014 0 6	0	6
New line with count eval match Hi, I did a search of search engine bots and divide them by number and take their total calls. This one is for goog... by levent_kurt Explorer in Splunk Search 07-09-2014 0 1	0	1
loadjob Encountered an error while reading file '/opt/splunk/var/run/splunk/dispatch/scheduler[...]/results.csv.gz' Hello, I'm using Splunk 6, I have an issue when I want to load a basic savedsearch with the command line below : \|... by Micmac Path Finder in Splunk Search 07-09-2014 1 4	1	4
search by linecount last 1 million lines. how can i search only last 1 million lines of 4 million lined total log file? by levent_kurt Explorer in Splunk Search 07-09-2014 0 1	0	1
Subsearch calculating average of hits and showing list of values higher than the average? I am trying to make a subsearch which calculates the avg of the hits . And showing the list of higher value than the ... by changwoo Communicator in Splunk Search 07-09-2014 1 3	1	3
calculate duration of multiple seperate log lines Sometimes a single connection is interrupted in the logs, becoming two lines. (Lines 2 and 5) and sometimes the exact... by AzJimbo Path Finder in Splunk Search 07-09-2014 0 4	0	4
Search result based on max(field) Log format ServiceName,ResponseTime,RequestTime,TransactionId Service1,10,12,12345 Service2,5,8,12346 Service2,7,3,1... by th1agarajan Path Finder in Splunk Search 07-08-2014 0 3	0	3
REGEX not working in transforms.conf Here is my event: Contact=" (Contact){ Id -- '123' Email -- 'johnny@gmail.com' Name -- 'Johnny blah' Phone -- '33333... by jhallur_splunk Splunk Employee in Splunk Search 07-08-2014 0 5	0	5
extract URI_Stem and combine based on lowest path Hey all I have some IIS extractions that are pulling the field cs_uri_stem from my IIS 7.0-8.0 logs. I am trying t... by dragon98902072 Explorer in Splunk Search 07-08-2014 1 1	1	1
Why search query not working ? I am not able to run any search query and getting following error. Splunkd daemon is not responding: ('Error connect... by spsrasru Path Finder in Splunk Search 07-08-2014 0 1	0	1
DBX > 1.2 rising_column in query problem So, to get around the known issue with rising_column not being able to be fully qualified (which is sort of required ... by StewGoin1 Explorer in Splunk Search 07-08-2014 2 4	2	4
TailingProcessor File Status without port 8089? We would like to have forwarders run as root in order to overcome file permissions. However, we also will be security... by vcarbona Path Finder in Splunk Search 07-08-2014 0 7	0	7
How do I search a csv file created via Outputlookup? I am creating lookup csv files for my app on a nightly basis via scheduled searches doing search \| outputlookup mydat... by mshapirovp Explorer in Splunk Search 07-08-2014 0 4	0	4
Splunk triggers an alert but shouldn't Hello, I have implemented an correlation search, where I want to find "Brute Force Behavior" and afterwards an "User... by ESIMatNeforce Path Finder in Splunk Search 07-08-2014 0 1	0	1
How can I pass field value as macro name I have two macros with names yes and no Now, I want to refer to these macros in my search query, but not by directly... by pradeepkumarg Influencer in Splunk Search 07-08-2014 1 6	1	6
Parse time in drilldown and snap to beginning of that month I am creating a series of dashboards with will enable to globally view data and drilldown to specific events. My fir... by splunkmasterfle Path Finder in Splunk Search 07-08-2014 1 2	1	2
TImeChart Fun Multiple Lines for a line graph I have this search string below which gives the top files with the most Bugs related to them. index = git \| rename D... by dreamwork801 Path Finder in Splunk Search 07-08-2014 1 7	1	7
help with splunk dedup Hello, please help me. How I can dedup this: Jul 8 07:58:01 host crond[7597]: pam_unix(crond:account): password for... by vinchakov_a Path Finder in Splunk Search 07-08-2014 1 2	1	2
parsing json and sending as search command Hi Guys I have a json with 75 elements. Normally i can put them in macro and run in search but that means 75 macro ... by CorpusCallosum Explorer in Splunk Search 07-07-2014 1 4	1	4
Create a field whose value is a multi-value list of all field names in each respective event I'd like to create a field whose value is a multi-value list of all field names in each respective event. I don't mi... by landen99 Motivator in Splunk Search 07-07-2014 0 2	0	2
searching iplocation generated fields Hi, Splunk newbie here. I am trying to search for values in fields generated by the iplocation command (i.e., Country... by shermantsui New Member in Splunk Search 07-07-2014 0 2	0	2
Trying to find the 'run time' difference between two daily jobs Hello - I am trying to find a way to display the daily run time of a job that kicks off daily. I am trying to creat... by fisuser1 Contributor in Splunk Search 07-07-2014 0 12	0	12
Are there hooks into an ERP app when a job is paused or stopped? I basically have a command to start my Java ERP program and that all works fine. I was wondering if any calls are mad... by peberhardt Engager in Splunk Search 07-07-2014 0 1	0	1