Splunk Search

Community Activity

operations on field values within multiple rows of the same source I have one source and I need to use the field values from multiple rows to come up with an average. I have the data a... by trailhead26 New Member in Splunk Search 06-16-2014 0 8	0	8
Standardizing Account_Name for Event 4769 to match others? I'm trying to use EventCode 4769 along with several other EventCodes in a search and am running into the problem that... by kearaspoor SplunkTrust in Splunk Search 06-16-2014 0 2	0	2
Search users who access url1, url2 but not url3 I am analyzing Apache web access log and want to search all clientip who accessed url1, url2 but not url3. Meanwhile,... by xuguang New Member in Splunk Search 06-16-2014 0 2	0	2
Is there a way to use wildcards or regex in lookup csv file? Hello Following up on a previous question about lookups I am looking for a way to either use or simulate wildcards i... by wsw70 Communicator in Splunk Search 06-16-2014 1 2	1	2
lookup file not queried? Hello I have a search which reports a field N_os (a string indicating an Operating System). I wanted values from thi... by wsw70 Communicator in Splunk Search 06-16-2014 0 5	0	5
props/transforms combination not working since switching from indexing locally forwarding props.conf: [pbs:status] TRANSFORMS-pbs_set_host = pbs_set_host BREAK_ONLY_BEFORE = (^name1\|^name2\|^name3\|^name4\|^nam... by mjones414 Contributor in Splunk Search 06-16-2014 0 4	0	4
Execute regex based on condition I have to display the counters starting with # and also % if the sourcetype is "PerfmonMk:.Net CLR Exceptions" and fo... by vaishnavi07 Explorer in Splunk Search 06-16-2014 1 5	1	5
Specific time of the day search for the past 6 months Hi There, Currently I'm using Splunk 4.3. Need help on how to write a query to specify a timeframe so that i get da... by karambaz New Member in Splunk Search 06-16-2014 0 1	0	1
Streamstats And Timechart Hi - Trying to sort by highest URL count, limit to 12(prevent "other" in the time-chart) and then time-chart. Thank... by subtrakt Contributor in Splunk Search 06-15-2014 0 2	0	2
Merge Related Data From Two Different Sourcetypes Into One Row of A Table Here's the query I have that is getting results from two sourcetypes: index=bro (sourcetype=bro_files OR sourcetype=... by xamiel Explorer in Splunk Search 06-15-2014 0 2	0	2
Regular Expression (RegEX) Extracting Field from String Contains Hi, I'm trying to extract the third comma deliminated column with the string "ABC" in it. example data: QWE ALL,06... by nissanse98 Explorer in Splunk Search 06-14-2014 1 5	1	5
I need help regarding to search in splunk, I am new to splunk please help me. I have error log file looks like fallowing Time stamp \| Trans type \| Status \| Summary 10/10/2013 \| Harry ... by frankharry New Member in Splunk Search 06-14-2014 0 1	0	1
Sum Total File Size By Year I have the following data: TimeFileNameFileSize5/4/2010stuff.txt1517/15/2010whatever.txt2526/5/2011things.txt3536/7/... by caviman2201 Path Finder in Splunk Search 06-13-2014 1 1	1	1
How to print a static value to a single element panel? Hi there, I am trying to use a single element panel as a key for understanding the other single element panels which... by chrisdopuch Path Finder in Splunk Search 06-13-2014 0 1	0	1
blending field values with transactions for stats Hey everyone, I am trying to blend field values from subcategory events that are related by a key. I can group them ... by twistedsixty4 Path Finder in Splunk Search 06-13-2014 1 2	1	2
How to extract fields from vsftpd logs in Splunk 6.0.1? I'm struggling to get Splunk 6.0.1 to properly extract fields from vsftpd logs. The log format is space separated va... by mcomfurf Path Finder in Splunk Search 06-13-2014 0 2	0	2
How to group together events based on their relative distance in _time? Hello All, I'm trying to figure out how to group certain events together if they happen within 1 second of each othe... by thisissplunk Builder in Splunk Search 06-13-2014 0 2	0	2
How to extract date and time in Splunk? I am having problems getting splunk to recognize date/time. The txt file I am extracting data from has multiple sourc... by DonDandrea Path Finder in Splunk Search 06-13-2014 0 2	0	2
Cascaded search with tabular data Given a normal http log I want to be able to use the tabular data (or list) from one search as criteria in a second s... by drodman29 Path Finder in Splunk Search 06-13-2014 0 2	0	2
Regex in inputs.con Hi. I have this "problem": I get files delivered into the same folder containing the same data, but with different fi... by mtyrefors Engager in Splunk Search 06-13-2014 2 3	2	3
Take an average of values in a cell from every four rows Hi, I have a CSV file, which looks as follows: ID time value parameter 1 0000-0015 12 param1 1 ... by harshal_chakran Builder in Splunk Search 06-12-2014 0 2	0	2
DB input configuration setup for oracle database Hi , I recently installed DB Connect and I am setting up a new DB input to index db space used in Oracle. Please see ... by gudli618 New Member in Splunk Search 06-12-2014 0 10	0	10
Adding Outputs of a Search to Timechart Hi All, I'd like to add duration and last weeks avg duration values in to timechart to help display time better, how... by _gkollias Builder in Splunk Search 06-12-2014 0 6	0	6
Splunk PDF export issue with "empty" pdf Actually the view below shows "No results found." in the browser by opening the view and as soon as I try to generat... by flo_cognosec Communicator in Splunk Search 06-12-2014 0 2	0	2
Consolidate multiple sparklines into a single sparkline Hello, I would like to consolidate multiple sparklines from different rows into a single sparkline, that shows the ... by splunkbeginner2 Path Finder in Splunk Search 06-12-2014 1 2	1	2