Splunk Search

Community Activity

tsidx size limits Is there a way to set a max size on the entire tsidxstats or even a single set of tsidxstats? I have the Splunk for ... by jtrucks Splunk Employee in Splunk Search 06-06-2014 3 2	3	2
Adjust fieldvalue (regex) Hi, I've got some fieldvalues like this: field=aaaaaaaabbbbccccddddeeeeeeeeeeee I would like to add a "-" after c... by HeinzWaescher Motivator in Splunk Search 06-06-2014 0 2	0	2
Database lookup returning no results I've set up a database lookup, but it's not returning any results; it should be returning 5 events. Here are the sce... by redc Builder in Splunk Search 06-05-2014 0 2	0	2
Means to generate a chart and then send it to non-Splunk users? A user has asked me if they can take a chart they just generated in Splunk and then send it to other users who don't ... by mfrost8 Builder in Splunk Search 06-05-2014 2 8	2	8
Can I use a macro within a macro? Wondering if it's possible to embed a macro into another macro. by Dimitri_McKay Splunk Employee in Splunk Search 06-05-2014 0 2	0	2
How to create a search that calculates percentage from 2 different values in the same field. New Splunk user. I am creating web dashboards and I want to calculate the percentage of successful status codes. Th... by Bliide Path Finder in Splunk Search 06-05-2014 0 2	0	2
round number from max () as and also avg() as I have a created a table using timechart with the max #. It generates a row of maximum of sourcetype. How would I r... by mmouse88 Path Finder in Splunk Search 06-04-2014 0 16	0	16
What forwarder versions am I running? Is there a search that I can run at the indexer that will tell me what versions my forwarders are on? by the_wolverine Champion in Splunk Search 06-04-2014 4 4	4	4
Can I split a field based on its values and graph as multi-series? I have a single numeric field that I want to timechart in ranges...i.e. rangemap the field into custom buckets, then ... by jheney New Member in Splunk Search 06-04-2014 0 1	0	1
Database lookup says its table doesn't exist I'm attempting to create my first database lookup. I followed this documentation, choosing to specify the fields dir... by redc Builder in Splunk Search 06-04-2014 0 2	0	2
Lookup table question Using Splunk v 5.04 I have a lookup table containing devicename,interfacename,speed . Each device name can have mul... by pitshot Explorer in Splunk Search 06-04-2014 0 3	0	3
Appendcols error doesn't make sense I have a query that works when I run it with a time range under 4 hours but anything at 4 hours or over, I get this e... by EricLloyd79 Builder in Splunk Search 06-04-2014 0 6	0	6
Results of a join search Hello I have the below search and it seems to work fine for the most part. The problem is that if search 2 does no... by brywilk_umich Path Finder in Splunk Search 06-04-2014 0 4	0	4
Unable to bind splunk to IP We would like to access Splunk Web from other hosts. We did a full splunk 5.0.1 (build: 143156) install on a Windows... by atewari Path Finder in Splunk Search 06-04-2014 0 8	0	8
Converting AM/PM time to 24 hour time for a view I have data that contains a field with dates and times formatted as such: "5/18/14 7:04:04.000 PM". The date part is ... by nlapier2 Path Finder in Splunk Search 06-04-2014 0 1	0	1
Extract fields from antivirus summary I've been trying to use the field extractor to get some useful data from my Sophos Anti-virus scan log. Unfortunately... by thommck New Member in Splunk Search 06-04-2014 0 5	0	5
dbquery and outputlookup Hello, I'm running a dbquery and would like to save the results as a lookuptable.csv. \| dbquery mysearch \| outputlo... by HeinzWaescher Motivator in Splunk Search 06-04-2014 0 5	0	5
logical grouping of hosts - aggregate stats I have a situation where I want to report on events from 2 sets of servers where i can compare the aggregate counts. ... by desertpilotjc Explorer in Splunk Search 06-03-2014 0 1	0	1
"Unknown country" returned by iplocation? bug? iplocation bug? "UNKNOWN COUNTRY" is returned for ip addresses that actually have a known country? USA 208.65.40.98... by boris Path Finder in Splunk Search 06-03-2014 0 4	0	4
Different values of parameters Hi, I have below variations of uri patterns for a particular functionality. i want to list out query string paramete... by xvxt006 Contributor in Splunk Search 06-03-2014 0 4	0	4
Search to Pull Values from START log I have a search that monitor's failed PO's. Essentially the idea is to monitor the overall state of the txn, and whe... by _gkollias Builder in Splunk Search 06-03-2014 0 2	0	2
How to create an array of values from a field? Hello, I am trying to parse a field like the one below into an array of Key/Value pairs and access each array value ... by naveenurs Explorer in Splunk Search 06-03-2014 0 2	0	2
Two Search Heads One Indexer I have two Splunk instances, a development and a test platform. Can I have them both pointing to the same indexer wit... by kmattern Builder in Splunk Search 06-03-2014 0 7	0	7
Show source not available Hi. For some events in a particular index, users (including Admins) are getting an error of "Show Source not availab... by Sqig Path Finder in Splunk Search 06-03-2014 0 3	0	3
Top Limit 50000 results - Where to Change? In my local limits.conf file, on my Search Head, I have the following: [searchresults] maxresultrows = 100000 [s... by aferone Builder in Splunk Search 06-03-2014 1 5	1	5