Splunk Search

Community Activity

Is there a way to drilldown to two different dashboards depending on column i click? In my dashboard, it loads data into a table with 4 columns Now what i require is to drill down to Dashboard1 if any ... by adityapavan18 Contributor in Splunk Search 06-02-2014 1 2	1	2
How to pass a variable value from one search to another in advance xml? Hi, Following is the advance xml code, where I have defined a search command in a postprocess module and want to pas... by harshal_chakran Builder in Splunk Search 06-02-2014 0 3	0	3
Searches appearing in search results (yo dawg) When I search in the search application, my search terms are starting to appear in subsequent searches. So search fo... by bbegyperkspot Explorer in Splunk Search 06-02-2014 1 5	1	5
Joining multiple events via a common field. So I have three sources that i need to join together to view as one event. The three sources are NewWFL, MoneyNEW, an... by mgubser Explorer in Splunk Search 06-02-2014 0 5	0	5
Longer Period of Time showing Fewer Results?? Hi, I have a search which returns 37 results for one date (May 30), but 0 results for May 30-Jun2. I am failing to... by essklau Path Finder in Splunk Search 06-02-2014 0 3	0	3
Null iplocation data Hello, I have the following query: . . . \| iplocation ClientIP \| eval GeoLocation=case(Country="United States", "... by hagjos43 Contributor in Splunk Search 06-02-2014 0 1	0	1
Add fields to all events, derived from a static application name Our deployed application services have a static deployment name of this format: {service name}-{environment}-{the r... by nikekeen New Member in Splunk Search 06-02-2014 0 2	0	2
How do you extract multiple strings of text using rex? I have VPN access connect/disconnect events from a Meraki security appliance being fed into Splunk. They show up in S... by TechnicalRS Engager in Splunk Search 06-02-2014 0 3	0	3
rex command to regex in transforms.conf This rex statement works in search command: rex field=source "3......(?P.+?)rly" I would like to convert it into REGE... by ch_goh Explorer in Splunk Search 06-02-2014 0 3	0	3
Regex for extraction Hi, i want to extract account field and i have events in 2 patterns. One where account has boundaries of @account= ... by xvxt006 Contributor in Splunk Search 06-02-2014 0 4	0	4
Join two searches and draw them on the same chart Hello guys , I kinda need your help , i spend some time on this query and i don't really see how to do that ( tried... by baranova New Member in Splunk Search 06-02-2014 0 2	0	2
Calculate Difference Between Outputs of two Scheduled Searches I have two scheduled searches that each output a single numerical value to populate panels on a dashboard. I want to... by jodros Builder in Splunk Search 06-02-2014 2 3	2	3
Extracting multiple field values with same field name Can anyone provide assistance for extracting multiple field values with same field name? My log is something like thi... by splunkingsplun1 Explorer in Splunk Search 06-02-2014 0 1	0	1
Timed out waiting for peer xxx.xxx.com Hello, I am getting the following errors in my search head while loading a dashboard which includes the saved seache... by abhayneilam Contributor in Splunk Search 06-01-2014 0 1	0	1
Count days with events Hi everyone, I have looked all over for a solution but without luck, so i'm approaching you hoping to find a solution... by NaorPenso Explorer in Splunk Search 06-01-2014 0 2	0	2
Using calculated values to create timechart -- too many columns Hello, I know this type of question has been asked several times: ex: http://answers.splunk.com/answers/11020/display... by EricLloyd79 Builder in Splunk Search 05-30-2014 0 1	0	1
Perfmon Timechart - Multiple Series, Multiple Host I have been struggling to find the proper syntax for this type of timechart. This relates to creating a Windows Perf... by seanp Path Finder in Splunk Search 05-30-2014 0 2	0	2
Using calculated values to create timechart -- too many columns Hello, I know this type of question has been asked several times: ex: http://answers.splunk.com/answers/11020/display... by EricLloyd79 Builder in Splunk Search 05-30-2014 0 2	0	2
Creating operacional intelligence in xml file. Hey guys, I am writing a script to colect data from social media and generate a XML file. I would like to index the... by dfigurello Communicator in Splunk Search 05-30-2014 0 1	0	1
Dynamic Lookup issue By trying to run a python script for a dynamic lookup I get the following error Error in 'lookup' command: The look... by dirkbaumann Explorer in Splunk Search 05-30-2014 1 3	1	3
metadata vs stats count When running \| metadata index=myindex type=sources, I see 301785788 for my totalCount for one of my sources (let's ca... by sloshburch Ultra Champion in Splunk Search 05-30-2014 0 2	0	2
transaction startswith 1, endswith multiple Hi all, simple question I hope. I have a system that has one starting event with multiple outputs and I want to find ... by leea11 Engager in Splunk Search 05-30-2014 0 5	0	5
Top 10 IP along w/ top 4 ports Hello Splunkers, I'm looking to build a search w/ chart that tracks top 10 source IP's in a firewall but also a list... by lbogle Contributor in Splunk Search 05-29-2014 0 7	0	7
Dropdown Not Populating I'm trying to populate a dropdown box with this search which returns the values I would expect, but the dropdown is n... by CannonT Engager in Splunk Search 05-29-2014 0 1	0	1
Need help with rex Hi, i am using this expression - base search \| rex field=uri "better\?q=(?[^&]+)$" and i was expecting to return e... by xvxt006 Contributor in Splunk Search 05-29-2014 0 4	0	4