Splunk Search

Community Activity

filter windows application event by Source I am using windows TA app to get events from windows event log. The windows events are coming inside Indexer. But i ... by ajaysamantbms Explorer in Splunk Search 05-29-2014 0 1	0	1
How to reassemble bidirectional flows with transaction I need to assemble transactions where, depending on the direction of the traffic, the "source" might actually be the ... by emf1123 New Member in Splunk Search 05-29-2014 0 3	0	3
how to get the total sum based on specific field I have a query which runs over a month period which lists all users connected via VPN and the duration of each connec... by ikcresswell Explorer in Splunk Search 05-29-2014 2 5	2	5
Combination of stat and lookup? Hi! I would like have some advice with the search command. If I have 3 records like below and each record contains ... by yuwtennis Communicator in Splunk Search 05-29-2014 0 4	0	4
How to use the chart command optional argument "format" hi, i'm looking at the documentation (http://docs.splunk.com/Documentation/Splunk/6.1.1/SearchReference/Chart) and I'... by klee310 Communicator in Splunk Search 05-29-2014 0 4	0	4
Stop search after events matched Hi! I would like to ask question related to following thread. http://answers.splunk.com/answers/8107/return-only-th... by yuwtennis Communicator in Splunk Search 05-29-2014 0 1	0	1
Count of hosts I have a search: index="proxy" ([\|inputlookup proxy.csv\|rename site as query \| fields query] ) NOT www.google.com \| ... by Armyeric Path Finder in Splunk Search 05-28-2014 0 2	0	2
REX / REGEX question Hi all, I am new to splunk. I am trying to extract a field from a line in a record where the field will always begin ... by dbrown0412 Engager in Splunk Search 05-28-2014 0 11	0	11
Percentage in range - numeric search? I have a field extraction that comes back with the literal values of 'X%'. Note that the % is part of the value retur... by timbCFCA Path Finder in Splunk Search 05-28-2014 0 4	0	4
replace with a where clause on a null field I seem to be having a syntactical error that I can't resolve in splunk 6.1 when I have about 3 fields that may have u... by mjones414 Contributor in Splunk Search 05-28-2014 0 4	0	4
use Rex to extract second IP address from message text I am trying to extract the IP address from the field below, I can extract the first but am not sure how to extract th... by ikcresswell Explorer in Splunk Search 05-28-2014 0 3	0	3
host regex does not seem to work Hello all, I am new to Splunk and I am currently evaluating 6.1. We collect logs from a bunch of devices (routersan... by stefan_radovano Explorer in Splunk Search 05-28-2014 0 5	0	5
Clarification on the search in Form Hi, A form was created using simple XML containing two components as two text boxes named as Filename and Status.When... by Jananee_iNautix Path Finder in Splunk Search 05-28-2014 0 3	0	3
How to filter data quickly Hi! I would like to get advice for search command. I have a search that looks like below. index=A \| MySearch1 ....... by yuwtennis Communicator in Splunk Search 05-27-2014 0 7	0	7
Lexicographic comparison of version strings? I have version strings in my log output, and I'd like to filter on these, like \| where version < 2.3.5 But Splunk ... by waisbrot Engager in Splunk Search 05-27-2014 1 1	1	1
Timechart avg values looking odd. I see values like this when I do \|table _time Value . 2014-05-26 16:30:28 48.438430017856341 2014-05-26 16:30:28... by theouhuios Motivator in Splunk Search 05-27-2014 0 7	0	7
Calculating Kill / Death ratio in a game I'd like to calculate K/D ratio for the game Insurgency. I have two searches that can calculate #kills and number of... by khourihan_splun Splunk Employee in Splunk Search 05-27-2014 3 8	3	8
Return values from map command? So I have a function which takes a certain amount of time (timer_value) and I'm trying to create an alert that trigge... by silentttone New Member in Splunk Search 05-27-2014 0 4	0	4
Sort fields by date Hello There , Basically I have some dates in this format : 01/13 700 02/13 600 ... 01/14 500 I use t... by baranova New Member in Splunk Search 05-27-2014 0 2	0	2
Grouping the data row based HI All, I need to group the data row based my table looks like this. Table: DBName Region Dag count DB1 ... by rsathish47 Contributor in Splunk Search 05-27-2014 0 2	0	2
Database lookup not returning all matches I have created a database lookup and have changed the maximum matches in the lookup defintion to 100, but only 1 matc... by sc0tt Builder in Splunk Search 05-27-2014 0 4	0	4
XPATH functions Hi there, Can we use the XPATH functions like fn:distinct-values(//NodeName) in Splunk XPATH command. I tried it but... by ramanjain1983 Path Finder in Splunk Search 05-27-2014 0 1	0	1
How to extract event raw size just like linecount I frequently use the length of the raw data - more often than readily extracted fields punctuation and linecount I d... by tpflicke Path Finder in Splunk Search 05-27-2014 1 2	1	2
Transaction function not working with dbquery Hi All, I tried using the transaction function on the output of a DB Connect \|dbquery and it keeps showing no result... by ManusMenon Explorer in Splunk Search 05-27-2014 0 2	0	2
Eval search help... can't seem to get it right. Hello, I am somewhat new to splunk but I am having issues creating a table for a search I am doing and I need assist... by kj384g New Member in Splunk Search 05-26-2014 0 3	0	3