Splunk Search

Community Activity

How to extract a field and chart it Splunk newbie here. Contents of my logfile are as follows: 2014-05-02 20:29:25 - FOOBAR_STAT:Q_COUNT=5 2014-05-02 20... by venkat_d New Member in Splunk Search 05-04-2014 0 3	0	3
macro with regex I have use case where i have to pass host in macro argument. I also want to pass argument in regex way apart from * w... by sumitnagal Path Finder in Splunk Search 05-03-2014 0 2	0	2
Display deleted events between 2 scheduled searches Hi All, Hoping you can help me out here. I have a ps input indexing daily AD computer objects to Splunk. The scrip... by saurabhkunte Path Finder in Splunk Search 05-02-2014 0 6	0	6
Gathering Stats on Log Entries within a Time Period Denoted by Log Entries in another Log Hi Guys, I have log entries in one log file that denote the start and end of a time frame of interest in my logs. Th... by derekwalsh_1 Explorer in Splunk Search 05-02-2014 0 4	0	4
How do I get results for just yesterday? This seems like a simple proposition, yet I'm having a hard time finding date parameters to embed in my search to jus... by MichaelCohen829 Explorer in Splunk Search 05-02-2014 1 3	1	3
is there a logical OR available for searching? This has to be splunk 101. There has be something better than NOT sourcetype=top NOT sourcetype=ps NOT sourcetype... by di2esysadmin Path Finder in Splunk Search 05-02-2014 1 2	1	2
Multiple Key Value Pair Extraction I have a log format that contains KEY/VALUE pairs in this format: Feb 10 12:02:38 192.168.56.101 Feb 10 12:02:37 PRO... by FRoth Contributor in Splunk Search 05-02-2014 0 5	0	5
how to extract first word from the given format. . Hi , I have following values: Thomson SpeedTouch ST510 V6 versao 6.2.15.7 or ST585 v6, D-LINK DSL-500B Geracao II, ... by kavyatim Path Finder in Splunk Search 05-02-2014 0 3	0	3
Show count of zero on chart Hi Everyone, I have a search that creates a chart that shows the counts of different errors for each item, but if th... by AlexMcDuffMille Communicator in Splunk Search 05-02-2014 0 14	0	14
Searching for punct field values As the title reveals, I am trying to search the punct field for specific values. The punct field is naturally tricky... by landen99 Motivator in Splunk Search 05-02-2014 0 5	0	5
How to output matching fields Hi, I have indexed few records from my DB into Splunk & an log file is also indexed into Splunk. There is one matchi... by harshavrath Contributor in Splunk Search 05-02-2014 0 7	0	7
Response Time search with a additional calculation Hi there Splunkers I need some assistance with a search. We are calculating the response time between transactions ... by denisevw Path Finder in Splunk Search 05-02-2014 0 5	0	5
Plot Avg, Std Dev and Data on the same Chart Hi, I realize there are a number of ways to approach putting multiple values in a time chart, but I'm not sure how be... by proletariat99 Communicator in Splunk Search 05-01-2014 1 2	1	2
iplocation is available in version 5? According to this link, iplocation command is available in version 5.0. I'm not sure if this is incorrect or if my i... by the_wolverine Champion in Splunk Search 05-01-2014 0 3	0	3
get total results per client per item for the last 7 days I would like to create a panel that displays in a table a historical records of counts for the last 7 days. The total... by jdepp Path Finder in Splunk Search 05-01-2014 0 6	0	6
visualization of iis logs hey! i indexed the iis logs. when i type in the search field sourcetype=iis, i see a lot of information in text form.... by jimmyfallon New Member in Splunk Search 05-01-2014 0 4	0	4
Get the last Json Inserted document I have an Index where i store huge Json documents. I want the last document inserted which contains the latest state.... by sibbsnb Path Finder in Splunk Search 05-01-2014 0 3	0	3
column chart : How can we create a chart with three fields? Hello, I have a question about a timechart creation. I want to create a columns chart. My search is : tag::source="... by LauraBre Communicator in Splunk Search 05-01-2014 0 3	0	3
regex difficulty with host / path discrimination I have a log file that has the host as either an IP address OR a FQDN. This is easy, right. Nope. The format can b... by tyronetv Communicator in Splunk Search 05-01-2014 0 3	0	3
sum function with conditions Hey there, I am trying to get stats for one of our OpEx metrics Working query : index=summary source="c:\\users\\nj... by Raghav2384 Motivator in Splunk Search 05-01-2014 0 5	0	5
Joining Searches for Authentication Times So I have two searches; one for the client_vpn_asa and one for the nac, they both require regex: index=client_vpn_as... by dsmeerkat Explorer in Splunk Search 05-01-2014 0 4	0	4
Increase the number of values shown for selected fields Is there a way to increase the number of values shown for selected fields from 10 to 20-25? A customer has put in a r... by theouhuios Motivator in Splunk Search 05-01-2014 0 3	0	3
Transaction not showing some events in table format I am using Transaction command to group events in one line and want to see this in a table format. Have the "order_n... by jinal24 New Member in Splunk Search 04-30-2014 0 1	0	1
limit results by 10 events per day in one month timeframe Hi- I have this search query: "source="/prod/splunkforwarder/bin/scripts/jrexpiry.sh" npw.gov.se" and my time frame i... by Isaias_Garcia Path Finder in Splunk Search 04-30-2014 0 1	0	1
How to execute a shell script kept in app's bin folder using a dashboard? I have a requirement to execute a script (does file cleanup) to be executed from a dashboard button (so as to avoid l... by somesoni2 Revered Legend in Splunk Search 04-30-2014 0 1	0	1