Splunk Search

Community Activity

Cumulative counters with "slice" logic Hi all! I am working on task: Create cumulative chart for counting Success and Error entities, by 1 hour slice inter... by Nikita_Danilov Path Finder in Splunk Search 05-05-2014 0 17	0	17
Search based on list of values in a lookup table Hi, The usual way of using lookup tables is to get a value from a searh, do a lookup in a lookup table and output a ... by bregan84 Engager in Splunk Search 05-05-2014 1 2	1	2
How often does the IPlocation database update in Splunk 6.x I'd like to know how often the native IP geo location database is updated in Splunk. Is the native database better t... by wweiland Contributor in Splunk Search 05-05-2014 0 2	0	2
Combining 2 different search results based on fields Hello, I have 2 different searches for 2 different sourcetypes with field extractions. I'm doing the field extracti... by selim Path Finder in Splunk Search 05-05-2014 0 4	0	4
Single-Field Multi-Value Count Difference by Multiple other Fields I am trying to find the difference of the dns type values for each domain in each time bucket. Let's say there are 1... by landen99 Motivator in Splunk Search 05-05-2014 0 9	0	9
Help with Search String for Ironport to aggregate destination sites and durations I am using this Search String to return results for specific user accounts: search index=summary user_id=****** \| se... by sinescorey New Member in Splunk Search 05-05-2014 0 3	0	3
Please Help Me Extend This Search I'm trying to automate sending a "clear" Splunk alert by comparing results from a previous search with the current on... by niall_munnelly Path Finder in Splunk Search 05-05-2014 0 2	0	2
[UPDATE] Pivot searches erroring out with: Error in 'TSCollectProcessor' I have a Splunk instance out on Amazon EC2 that I have used for demo purposes for a long time. It's just indexing th... by gauldridge Path Finder in Splunk Search 05-05-2014 0 5	0	5
Subsearch Question I am trying to create a report that includes failed log on attempts from our windows security logs with the originati... by lehrfeld Path Finder in Splunk Search 05-05-2014 0 2	0	2
Create new field from subsearch results Hello, im looking for a possibility to create a multivalue field from the result list of a subsearch and work with t... by C_Sparn Communicator in Splunk Search 05-05-2014 0 9	0	9
Need help on Search This question is related to 'This' one. I wanted to extract multiple fields from different sourcetypes and indexes an... by pramit46 Contributor in Splunk Search 05-05-2014 0 5	0	5
Search Time field extractions not working when moved to an app I decided to take some of the work I've been doing and move it into an app. I haven't made any UI changes at this po... by thesteve Path Finder in Splunk Search 05-04-2014 0 5	0	5
Huge logs not getting stopped We have one server which sends many logs say per hour 4000 logs which are not required i.e. event ID of 560 and 562. ... by udayk1 Path Finder in Splunk Search 05-04-2014 0 5	0	5
How to extract a field and chart it Splunk newbie here. Contents of my logfile are as follows: 2014-05-02 20:29:25 - FOOBAR_STAT:Q_COUNT=5 2014-05-02 20... by venkat_d New Member in Splunk Search 05-04-2014 0 3	0	3
macro with regex I have use case where i have to pass host in macro argument. I also want to pass argument in regex way apart from * w... by sumitnagal Path Finder in Splunk Search 05-03-2014 0 2	0	2
Display deleted events between 2 scheduled searches Hi All, Hoping you can help me out here. I have a ps input indexing daily AD computer objects to Splunk. The scrip... by saurabhkunte Path Finder in Splunk Search 05-02-2014 0 6	0	6
Gathering Stats on Log Entries within a Time Period Denoted by Log Entries in another Log Hi Guys, I have log entries in one log file that denote the start and end of a time frame of interest in my logs. Th... by derekwalsh_1 Explorer in Splunk Search 05-02-2014 0 4	0	4
How do I get results for just yesterday? This seems like a simple proposition, yet I'm having a hard time finding date parameters to embed in my search to jus... by MichaelCohen829 Explorer in Splunk Search 05-02-2014 1 3	1	3
is there a logical OR available for searching? This has to be splunk 101. There has be something better than NOT sourcetype=top NOT sourcetype=ps NOT sourcetype... by di2esysadmin Path Finder in Splunk Search 05-02-2014 1 2	1	2
Multiple Key Value Pair Extraction I have a log format that contains KEY/VALUE pairs in this format: Feb 10 12:02:38 192.168.56.101 Feb 10 12:02:37 PRO... by FRoth Contributor in Splunk Search 05-02-2014 0 5	0	5
how to extract first word from the given format. . Hi , I have following values: Thomson SpeedTouch ST510 V6 versao 6.2.15.7 or ST585 v6, D-LINK DSL-500B Geracao II, ... by kavyatim Path Finder in Splunk Search 05-02-2014 0 3	0	3
Show count of zero on chart Hi Everyone, I have a search that creates a chart that shows the counts of different errors for each item, but if th... by AlexMcDuffMille Communicator in Splunk Search 05-02-2014 0 14	0	14
Searching for punct field values As the title reveals, I am trying to search the punct field for specific values. The punct field is naturally tricky... by landen99 Motivator in Splunk Search 05-02-2014 0 5	0	5
How to output matching fields Hi, I have indexed few records from my DB into Splunk & an log file is also indexed into Splunk. There is one matchi... by harshavrath Contributor in Splunk Search 05-02-2014 0 7	0	7
Response Time search with a additional calculation Hi there Splunkers I need some assistance with a search. We are calculating the response time between transactions ... by denisevw Path Finder in Splunk Search 05-02-2014 0 5	0	5