Splunk Search

Community Activity

Copy data from search results to clipboard; preserve previous search The results of the searches bring a lot of useful information such as hashes, ip addresses, file locations and names.... by landen99 Motivator in Splunk Search 03-07-2014 1 9	1	9
average of a sum of values based on differing values in a different column Hi, given the data below, I want to find the average sum of a1 to a3 and b1 to b3 every 10 minutes time field1 field... by stephen123 Path Finder in Splunk Search 03-07-2014 0 1	0	1
Extend Search without re-running I just ran a search over the last 24 hours which returned a large number of results, but not the full picture I was l... by thepocketwade Path Finder in Splunk Search 03-07-2014 0 4	0	4
adding results from top query Hi, I've got a result table from a top query and want to add the results to compute an overall cache hit rate and fe... by snookerfly New Member in Splunk Search 03-07-2014 0 1	0	1
when will OSX 10.7 / Lion supported ? I saw that 4.2.4 is only supported on Mac OS 10.5 and 10.6. When will Lion be supported ? Will Splunk run in full 64... by mataharry Communicator in Splunk Search 03-06-2014 3 4	3	4
Custom modules not loading Hi, I have created some custom modules, but receive warnings that the module cannot be found when opening the view c... by joonradley Path Finder in Splunk Search 03-06-2014 3 5	3	5
Override Sourcetype I'm trying to do a sourcetype override and not having much luck. I am trying to change the sourcetype from 2 hosts, f... by Bill_B Communicator in Splunk Search 03-06-2014 0 4	0	4
Stop displaying aliased fields I have aliased a field (let's call it application_auth_id) to a new name (user). I want my Splunk users to search usi... by lguinn2 Legend in Splunk Search 03-06-2014 1 4	1	4
Only display earliest hit for each day Hi, We have building access logs in Splunk and I have to generate an attendance report. I can filter based on speci... by oleg106 Explorer in Splunk Search 03-06-2014 0 9	0	9
Need help with Splunk REST command, Get property value from configuration file Hi All, I am trying to write a search to get values from the configuration file. An example of it will be to the min... by somesoni2 Revered Legend in Splunk Search 03-06-2014 1 3	1	3
Multiple Search Heads in a Cluster We're setting up an Index Cluster with a Master Node. From the documentation it looks like the Cluster will take care... by hvandenb Path Finder in Splunk Search 03-06-2014 0 4	0	4
TIME_FORMAT vs DATETIME_CONFIG = CURRENT I have a log file that has a date at the top, but otherwise is essentially unpredictable stdout. It could be written ... by vbumgarner Contributor in Splunk Search 03-06-2014 0 2	0	2
Show date in label Hello Everyone, Please suggest me how I can get current date and time in label . Regards Vikas by vikas_gopal Builder in Splunk Search 03-06-2014 0 4	0	4
what could account for changes in case for input sources? When constructing a search to render a table of count of events by source I noticed that splunk was treating the iden... by dstaulcu Builder in Splunk Search 03-06-2014 1 5	1	5
Detecting expensive searches in enterprise environment Is there a search I can run that will identify expensive searches across our enterprise environment? We are finding ... by smudge797 Path Finder in Splunk Search 03-06-2014 0 2	0	2
Automatic Lookup not applying to scripted inputs I have implemented an automatic lookup by specifying the filename in transforms.conf: [host_info] filename = host_in... by jamesvz84 Communicator in Splunk Search 03-06-2014 0 1	0	1
Summary Field = "OK" or "DOWN" I am currently attempting to create a 'summary' type of view within a dashboard stating that this list of services (s... by tmarlette Motivator in Splunk Search 03-06-2014 0 7	0	7
Add a button in Dashboard using XML and run a search command to show the result Hi, I want to create a button in dashboard using XML. And on click of this button, a search command should run which ... by harshal_chakran Builder in Splunk Search 03-06-2014 0 1	0	1
Using splunk to perform semi-automated analysis of customer comments / reviews / complaints? Is there a practical way to do this in Splunk? As far as I can tell it is basically only some sentiment analysis opti... by kgodwin New Member in Splunk Search 03-06-2014 0 1	0	1
Host list on default search shows error message of: [SimpleResultsTable module] Input is not proper UTF-8, indicate encoding ! Bytes... So my main search page in the bottom right hosts summary has the following error message listed: [SimpleResultsTable... by Pierceyuk Path Finder in Splunk Search 03-06-2014 0 1	0	1
How to count/eval filter with tstats Hello, How to get a percent of "Success / Total" events in a DataModel with "status=success or failed": Trying to c... by ividence Engager in Splunk Search 03-06-2014 0 1	0	1
Search for Events that Happened Around the time of Other Events that Also meet other Criteria How do I make a query that will search for events that happened around the same time as the results of another query?... by Kyle_Brandt Path Finder in Splunk Search 03-05-2014 12 6	12	6
Data Model Lookup Attribute doesn't list all tables Splunk 6.0 The title says it all. I want to add a specific lookup table attribute but the table is not in the dropdo... by kmattern Builder in Splunk Search 03-05-2014 0 2	0	2
Perform Eval on results on monthly TimeChart results I basically have a 3 step problem. #1 is figured out. 1) I've created a monthly timechart adding summing up a bunch ... by atornes Path Finder in Splunk Search 03-05-2014 0 6	0	6
Fields not automatically extracting Splunk is intermittently not automatically extracting fields in the regular foo=bar format. E.g. in this event Jan ... by Shtark Explorer in Splunk Search 03-05-2014 0 8	0	8