Splunk Search

Community Activity

A search that does not produce results for "All time (real-time)" but does for "Today" It is a very simple search for a string. (Account lock outs to be precise) and as worked in the past. But just recent... by neiljpeterson Communicator in Splunk Search 06-06-2014 0 1	0	1
Regular expression for a pattern Hi we have some uri's as shown below which have 2 words (/verify/abrasives) before /ecatalog and 3 words and 4 words.... by xvxt006 Contributor in Splunk Search 06-06-2014 0 3	0	3
List of top client IP's each with their most common user agent I am trying to find a search command that will get me a list of my top 20 client ip addresses (c_ip) along with each ... by soundchaos Path Finder in Splunk Search 06-06-2014 0 3	0	3
Splunk DB Connect Error - NullValuePointerException I am getting this error on some data I am trying to push into a Teradata database: command="dboutput", Unexpected er... by ShaneNewman Motivator in Splunk Search 06-06-2014 1 16	1	16
Regex apache log when field is undefined We have some apache logs that I've added the %D (response time in microseconds) log config to at the very end. The s... by DFresh4130 Path Finder in Splunk Search 06-06-2014 0 3	0	3
Get the number of similar rows in table in splunk having count greater than 100 I have a splunk query like this index=main_branch* \| table email_id file_size_in_bytes I want to count for simila... by sanchitlohia Explorer in Splunk Search 06-06-2014 0 6	0	6
tsidx size limits Is there a way to set a max size on the entire tsidxstats or even a single set of tsidxstats? I have the Splunk for ... by jtrucks Splunk Employee in Splunk Search 06-06-2014 3 2	3	2
Adjust fieldvalue (regex) Hi, I've got some fieldvalues like this: field=aaaaaaaabbbbccccddddeeeeeeeeeeee I would like to add a "-" after c... by HeinzWaescher Motivator in Splunk Search 06-06-2014 0 2	0	2
Database lookup returning no results I've set up a database lookup, but it's not returning any results; it should be returning 5 events. Here are the sce... by redc Builder in Splunk Search 06-05-2014 0 2	0	2
Means to generate a chart and then send it to non-Splunk users? A user has asked me if they can take a chart they just generated in Splunk and then send it to other users who don't ... by mfrost8 Builder in Splunk Search 06-05-2014 2 8	2	8
Can I use a macro within a macro? Wondering if it's possible to embed a macro into another macro. by Dimitri_McKay Splunk Employee in Splunk Search 06-05-2014 0 2	0	2
How to create a search that calculates percentage from 2 different values in the same field. New Splunk user. I am creating web dashboards and I want to calculate the percentage of successful status codes. Th... by Bliide Path Finder in Splunk Search 06-05-2014 0 2	0	2
round number from max () as and also avg() as I have a created a table using timechart with the max #. It generates a row of maximum of sourcetype. How would I r... by mmouse88 Path Finder in Splunk Search 06-04-2014 0 16	0	16
What forwarder versions am I running? Is there a search that I can run at the indexer that will tell me what versions my forwarders are on? by the_wolverine Champion in Splunk Search 06-04-2014 4 4	4	4
Can I split a field based on its values and graph as multi-series? I have a single numeric field that I want to timechart in ranges...i.e. rangemap the field into custom buckets, then ... by jheney New Member in Splunk Search 06-04-2014 0 1	0	1
Database lookup says its table doesn't exist I'm attempting to create my first database lookup. I followed this documentation, choosing to specify the fields dir... by redc Builder in Splunk Search 06-04-2014 0 2	0	2
Lookup table question Using Splunk v 5.04 I have a lookup table containing devicename,interfacename,speed . Each device name can have mul... by pitshot Explorer in Splunk Search 06-04-2014 0 3	0	3
Appendcols error doesn't make sense I have a query that works when I run it with a time range under 4 hours but anything at 4 hours or over, I get this e... by EricLloyd79 Builder in Splunk Search 06-04-2014 0 6	0	6
Results of a join search Hello I have the below search and it seems to work fine for the most part. The problem is that if search 2 does no... by brywilk_umich Path Finder in Splunk Search 06-04-2014 0 4	0	4
Unable to bind splunk to IP We would like to access Splunk Web from other hosts. We did a full splunk 5.0.1 (build: 143156) install on a Windows... by atewari Path Finder in Splunk Search 06-04-2014 0 8	0	8
Converting AM/PM time to 24 hour time for a view I have data that contains a field with dates and times formatted as such: "5/18/14 7:04:04.000 PM". The date part is ... by nlapier2 Path Finder in Splunk Search 06-04-2014 0 1	0	1
Extract fields from antivirus summary I've been trying to use the field extractor to get some useful data from my Sophos Anti-virus scan log. Unfortunately... by thommck New Member in Splunk Search 06-04-2014 0 5	0	5
dbquery and outputlookup Hello, I'm running a dbquery and would like to save the results as a lookuptable.csv. \| dbquery mysearch \| outputlo... by HeinzWaescher Motivator in Splunk Search 06-04-2014 0 5	0	5
logical grouping of hosts - aggregate stats I have a situation where I want to report on events from 2 sets of servers where i can compare the aggregate counts. ... by desertpilotjc Explorer in Splunk Search 06-03-2014 0 1	0	1
"Unknown country" returned by iplocation? bug? iplocation bug? "UNKNOWN COUNTRY" is returned for ip addresses that actually have a known country? USA 208.65.40.98... by boris Path Finder in Splunk Search 06-03-2014 0 4	0	4