Splunk Search

Community Activity

stats/chart Only Summing Cells with Multiple Values If I have fields that have the potential to contain any number of values, from null to many, how can I get the sum fu... by Rushingjs New Member in Splunk Search 06-12-2014 0 1	0	1
Timechart WHERE clause not behaving as expected In the file /var/log/server.log, we have one log line each time a host sends a heartbeat to our service. I've got th... by jluxenberg Engager in Splunk Search 06-12-2014 3 3	3	3
weird ip address with leading zeros Hi all, I have a log file which has weird ip addresses as followings. There are leading zeros. 2014.06.10 13:14:56 ... by tuneit New Member in Splunk Search 06-12-2014 0 2	0	2
Replace A pattern Splunk Hello Guys , I have a field Month that have values like this 1-2013 10-2014 9-2014 i would like to get 0X-YYYY if ... by baranova New Member in Splunk Search 06-12-2014 0 2	0	2
Regex in splunk Hi, I have data like below, Contact_Number---------------Name land="1234" Phone="324"------Kumar land="3254" phone=... by thambisetty SplunkTrust in Splunk Search 06-11-2014 0 7	0	7
regex expression works sometimes and not at others Hello, I am working with Omniture Data contained in a csv in a scripted data input. I fetch a file using curl, chop... by bsizemore Path Finder in Splunk Search 06-11-2014 0 1	0	1
How to identify an 'Upload' in search? I'm trying to search for logs relating to an upload of data. For example, a computer uploads a file to dropbox or som... by thomashigginson Path Finder in Splunk Search 06-11-2014 1 3	1	3
add sum of previous point to next minute value Hi, I want increment graph, current minute transactions do sum with previous minute transaction and this will contin... by rameshlpatel Communicator in Splunk Search 06-11-2014 0 5	0	5
Easy way to match just the beginning of a field value Hi Folks, I'm having a hard time working around using a wildcard within an eval, which isn't possible as far as I kn... by jravida Communicator in Splunk Search 06-11-2014 0 2	0	2
Extract string using rex I have data that looks like: 20140609 19:14:03 [PERF] [CREATE PLAN START] Action=CreatePlan, and would like to extrac... by RVDowning Contributor in Splunk Search 06-11-2014 0 2	0	2
How to use regex in field extraction? I can't seem to get my regex to work as a field extraction. below is an example string and the regex I'm trying to u... by digital_alchemy Path Finder in Splunk Search 06-11-2014 1 2	1	2
Splunk/eval ignores real numbers less than 1.0 Splunk seems to be ignoring numbers less than 1.0 regardless of incoming precision. If my tField value is 1.000 or g... by nysoitsmiket Explorer in Splunk Search 06-11-2014 0 4	0	4
Show only NON distinct values for a given field. I am looking to compare a list of non unique usernames with unique IP's, and specifically analyze the occurences wher... by soundchaos Path Finder in Splunk Search 06-11-2014 1 2	1	2
how to add a string to a table element? Hello I have two fields field1 and field2 extracted from my search and I would like to present then in a table, with... by wsw70 Communicator in Splunk Search 06-11-2014 1 1	1	1
Asset Discovery I've noticed on the dashboard that the scan isn't detecting any particular OS - leaving it as unknown for most of the... by tmccool New Member in Splunk Search 06-11-2014 0 1	0	1
How to compute time range spread over multiple files. Hi Everyone, I want to calculate availability time range of each employee based on the records present in two files (... by sanjeevdixit Explorer in Splunk Search 06-11-2014 1 2	1	2
not all real-time-alert emails are being sent Hi, I have very odd situation, all but one realtime alert are working fine. One alert which flags up the 404s works... by michal_centralw Explorer in Splunk Search 06-11-2014 0 3	0	3
handle ' as field delimiter in logs I have logs that are generally fine and log in key=value pairs - however it uses a strage format Sample: rmIP='195.1... by dominiquevocat SplunkTrust in Splunk Search 06-11-2014 0 3	0	3
How to get "duration" without use transaction transaction関数を使用すれば、グルーピングしたログの間隔（duration）を取得出来ますが、transactionを使用しない場合のduration取得方法をご教授頂けますでしょうか。下記のログを用いてPCの操作時間の... by pisc Explorer in Splunk Search 06-11-2014 0 3	0	3
Change orientation of X axis labels in simple XML chart Hi, I have a simple XML dashboard which displays a line chart. Because of large data set, the X axis labels of chart... by harshal_chakran Builder in Splunk Search 06-11-2014 0 2	0	2
calculate last 1 hr events for last one week Hi I want to calculate the last 1 hour events for the past week at any given point of time. Support now the time is ... by jayannah Builder in Splunk Search 06-11-2014 0 8	0	8
Filed transformation / regex help I could use some help creating a field transform. A sample log entry: 192.168.2.1 Bubba Joe [10/Jun/2014:13:34:26 -... by jdziedzic New Member in Splunk Search 06-11-2014 0 1	0	1
Join 2 search - Want to display both common and non-common values index=abc earliest=-7d@d latest=-6d@d action=commit_success \| stats count as SUCCESS by user Gives the result: user ... by jayannah Builder in Splunk Search 06-10-2014 0 1	0	1
Count occurrences of values for a field For below, I'd like to list the number of times a 'type' exists, that is, 1 PDF, 1 GIF, 2 JPG and 6 PNG. There is mo... by RB5 Path Finder in Splunk Search 06-10-2014 0 1	0	1
Adding python script to search app I have python script I want to add to the search app in splunk 5.0.3, I found some documentation: http://docs.splunk... by bkirk Path Finder in Splunk Search 06-10-2014 0 3	0	3