Splunk Search

Community Activity

Change orientation of X axis labels in simple XML chart Hi, I have a simple XML dashboard which displays a line chart. Because of large data set, the X axis labels of chart... by harshal_chakran Builder in Splunk Search 06-11-2014 0 2	0	2
calculate last 1 hr events for last one week Hi I want to calculate the last 1 hour events for the past week at any given point of time. Support now the time is ... by jayannah Builder in Splunk Search 06-11-2014 0 8	0	8
Filed transformation / regex help I could use some help creating a field transform. A sample log entry: 192.168.2.1 Bubba Joe [10/Jun/2014:13:34:26 -... by jdziedzic New Member in Splunk Search 06-11-2014 0 1	0	1
Join 2 search - Want to display both common and non-common values index=abc earliest=-7d@d latest=-6d@d action=commit_success \| stats count as SUCCESS by user Gives the result: user ... by jayannah Builder in Splunk Search 06-10-2014 0 1	0	1
Count occurrences of values for a field For below, I'd like to list the number of times a 'type' exists, that is, 1 PDF, 1 GIF, 2 JPG and 6 PNG. There is mo... by RB5 Path Finder in Splunk Search 06-10-2014 0 1	0	1
Adding python script to search app I have python script I want to add to the search app in splunk 5.0.3, I found some documentation: http://docs.splunk... by bkirk Path Finder in Splunk Search 06-10-2014 0 3	0	3
How to perform search among multiple instances based on instance name? I run multiple instances of the same application on a server. Each instance generates its own set of log files, and ... by cdavistt New Member in Splunk Search 06-10-2014 0 1	0	1
Splunk 6 :: Form search query is running on form load ?? Hi All, Not Sure why this has been running in Splunk 6 like this. I have a form with a timepicker and search button.... by rakesh_498115 Motivator in Splunk Search 06-10-2014 1 4	1	4
Timing inner transactions I Have transactions within transactions, namely something like the following: PlanId, [OPEN PLAN START] Action="AAA"... by RVDowning Contributor in Splunk Search 06-10-2014 0 3	0	3
Chart - show rows only where one field is greater than zero Hi, I'm building a chart of customers and what operating system they're using: chart count(_raw) by customer,ua_pla... by robertlabrie Path Finder in Splunk Search 06-10-2014 1 2	1	2
Count per minute over 7 day period, graphed I am trying to graph distinct count per minute over a 7-day period. I have a search that will give me the correct res... by pontorito Explorer in Splunk Search 06-10-2014 0 3	0	3
How to remove using regex in field extraction Hi, I have to do field extraction on the following data. **2014/02/02 10:10:10 level - test Can please help to g... by reach2tushar Explorer in Splunk Search 06-10-2014 0 1	0	1
Detecting attacks on web sites/applications We have number of external facing web sites/applications which are often being targeted, using different attacks. I w... by Kishorebk New Member in Splunk Search 06-10-2014 0 3	0	3
Transitive Transaction attributes Hi there, I'm doing analysis on file transfer logs from different transfer system. I want to follow the file through... by bleinfelder Path Finder in Splunk Search 06-10-2014 0 1	0	1
how to take timestamp from this Dear all, I need your help to how to remove timestamp from this field. 2014-05-19T03:25:26.000-04:00 There is TO w... by gajananh999 Contributor in Splunk Search 06-10-2014 0 4	0	4
Find index retention stats Hi, I would like to get the following stats in a distributed index setup: index name, current size of index (sum all... by shankern Explorer in Splunk Search 06-10-2014 0 3	0	3
How to give output of first search to second search input? ![alt text][1]I have log files with errors and warnings so my requirement is first events show only errors or warnin... by frankharry New Member in Splunk Search 06-09-2014 0 1	0	1
Splunk - retrieve nth word in a string Hi, How can I retrieve nth word in a string using rex or other alternatives? For example: "ABC BBC XYZ QAS" "POP IM... by rupesh30n Explorer in Splunk Search 06-09-2014 0 4	0	4
db lookup not found Hi, I just added a db lookup (via db connect), and when I try to use it via a search, I get a "lookup table does not... by a212830 Champion in Splunk Search 06-09-2014 2 1	2	1
what are the calculated differences between stats and eventstats? The result from this search: index=_internal \| eval something=case(kb!="0", "1") \| stats sum(something) as sumST \| st... by kingsizebk Path Finder in Splunk Search 06-09-2014 0 6	0	6
How to remove your own searches I am creating a dashboard for failed login, however, in the table created, there will be rows with all "" as values- ... by chungmp New Member in Splunk Search 06-09-2014 0 1	0	1
Adding help for custom search commands in splunk 6? Hi all, I have created custom search command. I need to add a custom search command to the list that search help pop... by rsathish47 Contributor in Splunk Search 06-09-2014 0 3	0	3
Splunk search not returning results prior to ./splunk clean eventdata As the title says, after cleaning the event data and reindexing, the splunk search doesn't return events prior to the... by wtian4 Engager in Splunk Search 06-09-2014 0 1	0	1
時間の計算方法を教えてください時間の計算を行い、各端末がどれぐらいの時間使用しているか調査したいと考えています。このような例のログになります。時間 , 端末名 , ステータス 2014/6/5 12:00:00 , PC01 , ログイン 2014/6... by pisc Explorer in Splunk Search 06-08-2014 0 2	0	2
A search that does not produce results for "All time (real-time)" but does for "Today" It is a very simple search for a string. (Account lock outs to be precise) and as worked in the past. But just recent... by neiljpeterson Communicator in Splunk Search 06-06-2014 0 1	0	1