Splunk Search

Community Activity

Huge logs not getting stopped We have one server which sends many logs say per hour 4000 logs which are not required i.e. event ID of 560 and 562. ... by udayk1 Path Finder in Splunk Search 05-04-2014 0 5	0	5
How to extract a field and chart it Splunk newbie here. Contents of my logfile are as follows: 2014-05-02 20:29:25 - FOOBAR_STAT:Q_COUNT=5 2014-05-02 20... by venkat_d New Member in Splunk Search 05-04-2014 0 3	0	3
macro with regex I have use case where i have to pass host in macro argument. I also want to pass argument in regex way apart from * w... by sumitnagal Path Finder in Splunk Search 05-03-2014 0 2	0	2
Display deleted events between 2 scheduled searches Hi All, Hoping you can help me out here. I have a ps input indexing daily AD computer objects to Splunk. The scrip... by saurabhkunte Path Finder in Splunk Search 05-02-2014 0 6	0	6
Gathering Stats on Log Entries within a Time Period Denoted by Log Entries in another Log Hi Guys, I have log entries in one log file that denote the start and end of a time frame of interest in my logs. Th... by derekwalsh_1 Explorer in Splunk Search 05-02-2014 0 4	0	4
How do I get results for just yesterday? This seems like a simple proposition, yet I'm having a hard time finding date parameters to embed in my search to jus... by MichaelCohen829 Explorer in Splunk Search 05-02-2014 1 3	1	3
is there a logical OR available for searching? This has to be splunk 101. There has be something better than NOT sourcetype=top NOT sourcetype=ps NOT sourcetype... by di2esysadmin Path Finder in Splunk Search 05-02-2014 1 2	1	2
Multiple Key Value Pair Extraction I have a log format that contains KEY/VALUE pairs in this format: Feb 10 12:02:38 192.168.56.101 Feb 10 12:02:37 PRO... by FRoth Contributor in Splunk Search 05-02-2014 0 5	0	5
how to extract first word from the given format. . Hi , I have following values: Thomson SpeedTouch ST510 V6 versao 6.2.15.7 or ST585 v6, D-LINK DSL-500B Geracao II, ... by kavyatim Path Finder in Splunk Search 05-02-2014 0 3	0	3
Show count of zero on chart Hi Everyone, I have a search that creates a chart that shows the counts of different errors for each item, but if th... by AlexMcDuffMille Communicator in Splunk Search 05-02-2014 0 14	0	14
Searching for punct field values As the title reveals, I am trying to search the punct field for specific values. The punct field is naturally tricky... by landen99 Motivator in Splunk Search 05-02-2014 0 5	0	5
How to output matching fields Hi, I have indexed few records from my DB into Splunk & an log file is also indexed into Splunk. There is one matchi... by harshavrath Contributor in Splunk Search 05-02-2014 0 7	0	7
Response Time search with a additional calculation Hi there Splunkers I need some assistance with a search. We are calculating the response time between transactions ... by denisevw Path Finder in Splunk Search 05-02-2014 0 5	0	5
Plot Avg, Std Dev and Data on the same Chart Hi, I realize there are a number of ways to approach putting multiple values in a time chart, but I'm not sure how be... by proletariat99 Communicator in Splunk Search 05-01-2014 1 2	1	2
iplocation is available in version 5? According to this link, iplocation command is available in version 5.0. I'm not sure if this is incorrect or if my i... by the_wolverine Champion in Splunk Search 05-01-2014 0 3	0	3
get total results per client per item for the last 7 days I would like to create a panel that displays in a table a historical records of counts for the last 7 days. The total... by jdepp Path Finder in Splunk Search 05-01-2014 0 6	0	6
visualization of iis logs hey! i indexed the iis logs. when i type in the search field sourcetype=iis, i see a lot of information in text form.... by jimmyfallon New Member in Splunk Search 05-01-2014 0 4	0	4
Get the last Json Inserted document I have an Index where i store huge Json documents. I want the last document inserted which contains the latest state.... by sibbsnb Path Finder in Splunk Search 05-01-2014 0 3	0	3
column chart : How can we create a chart with three fields? Hello, I have a question about a timechart creation. I want to create a columns chart. My search is : tag::source="... by LauraBre Communicator in Splunk Search 05-01-2014 0 3	0	3
regex difficulty with host / path discrimination I have a log file that has the host as either an IP address OR a FQDN. This is easy, right. Nope. The format can b... by tyronetv Communicator in Splunk Search 05-01-2014 0 3	0	3
sum function with conditions Hey there, I am trying to get stats for one of our OpEx metrics Working query : index=summary source="c:\\users\\nj... by Raghav2384 Motivator in Splunk Search 05-01-2014 0 5	0	5
Joining Searches for Authentication Times So I have two searches; one for the client_vpn_asa and one for the nac, they both require regex: index=client_vpn_as... by dsmeerkat Explorer in Splunk Search 05-01-2014 0 4	0	4
Increase the number of values shown for selected fields Is there a way to increase the number of values shown for selected fields from 10 to 20-25? A customer has put in a r... by theouhuios Motivator in Splunk Search 05-01-2014 0 3	0	3
Transaction not showing some events in table format I am using Transaction command to group events in one line and want to see this in a table format. Have the "order_n... by jinal24 New Member in Splunk Search 04-30-2014 0 1	0	1
limit results by 10 events per day in one month timeframe Hi- I have this search query: "source="/prod/splunkforwarder/bin/scripts/jrexpiry.sh" npw.gov.se" and my time frame i... by Isaias_Garcia Path Finder in Splunk Search 04-30-2014 0 1	0	1