Splunk Search

Community Activity

How to apply rex for a field on mutiple sources Hello I am trying to change the data of the host field which has already been indexed. The host field has values in ... by theouhuios Motivator in Splunk Search 03-14-2014 0 6	0	6
Filter values after timechart Hello, i want to have a search which shows me in 10 minute span how often something did happen. i only want to displ... by Matthias_BY Communicator in Splunk Search 03-14-2014 0 2	0	2
How can we do drilldown saved searches in splunk sideview. I have saved searches in my app. In human words my requirement is: 1. Save the search 2. save the next search 3. s... by disha Contributor in Splunk Search 03-14-2014 0 3	0	3
Can segmentation be done for sourcetypes and indexes? Hello I have a syslog server which is being used to collect various network oriented data. For example if its a Arub... by theouhuios Motivator in Splunk Search 03-14-2014 0 24	0	24
Shorter maxspan delivers more results We have build a query spanning multiple source types. We try to create a simple transaction with one field. The resul... by cmeerbeek Path Finder in Splunk Search 03-14-2014 0 2	0	2
Building a Search for Comparison/Match I have a search that brings up specific order types by order numbers that begin with a 7: index=contract_gateway sou... by _gkollias Builder in Splunk Search 03-14-2014 0 2	0	2
Problem with rex not doing anything at all, not even in its simplest form! Hi, I am trying to extract the string after the first space, so for ex. I need to extract: "02-main-menu" for the fir... by fere Path Finder in Splunk Search 03-14-2014 1 5	1	5
INFO, ERROR and FATAL Hi all, if a log has the following types of log entries (INFO, ERROR, FATAL), how do I get splunk to recognise those ... by ycalpu New Member in Splunk Search 03-13-2014 0 3	0	3
Average events per day Hi, I would like to view the average number of events per day for a certain event code. It looks like I should be ab... by womblesplunk New Member in Splunk Search 03-13-2014 0 3	0	3
How can I make mvfind start its search at the last entry of a multivalue field ? Hi, I have a search query that creates trans: ......\| eval locale=case(tags=="my-world", "my-world:".screen, tags==... by fere Path Finder in Splunk Search 03-13-2014 0 3	0	3
Looking to create a chart that displays run time values Hello, looking to create a data table that displays run time values of a batch jobs... Example of this would be defin... by fisuser1 Contributor in Splunk Search 03-13-2014 0 7	0	7
last indexed data How to search last indexed data in splunk? by rsathish47 Contributor in Splunk Search 03-13-2014 0 7	0	7
how to add Attributes with a Regular Expression Hi Gurus, I have a index, and the data was in one column is like Item__bAffected, I'd like to replace "__b" with a... by bigbeetlefan Explorer in Splunk Search 03-13-2014 0 4	0	4
Checkpoint OPSEC LEA is not working Hi, Mi Checkpoint OPSEC LEA is working. I get next splunk log: index=_internal host="MOL18107" ( source="*splunkd.... by apezuela Explorer in Splunk Search 03-13-2014 1 1	1	1
Format Date Hi - I have a raw event which has raw event lines as "11-Mar-14 9:38:58 PM",300,64.00000000 This was from today 11 M... by nikhilmehra79 Path Finder in Splunk Search 03-13-2014 0 9	0	9
How to perfom math calculations I am trying to figure out how to take two searches and divide their results to create a dial chart showing the percen... by bvenom28 Engager in Splunk Search 03-13-2014 0 4	0	4
Displaying full list of server names I'm querying a log file on 50+ servers looking for the number of records processed in a given time frame. The problem... by jsmith39 Path Finder in Splunk Search 03-13-2014 0 9	0	9
two time series data in one chart Hi, Is there a way to put two lines in one chart while these two lines of data are in different timeframes ? For exa... by jimyliu Explorer in Splunk Search 03-12-2014 0 1	0	1
How to compare multiple files by diff command in search? I have a question about diff command in search. Of course though, a diff command compares two files, I want to comp... by sunrise Contributor in Splunk Search 03-12-2014 1 3	1	3
Chart showing the results of multiple searches Hi there! Wondering if anyone can offer some advice on how to combine several searches to create a chart... I have e... by andilee Explorer in Splunk Search 03-12-2014 0 2	0	2
Limit values I have a search that pipes this: stats count,values(category) by src_user src_ip It returns results with a ton of ... by ccsfdave Builder in Splunk Search 03-12-2014 2 7	2	7
How do i use R (open source package) in splunk? How do i use R (open source package) in splunk? by lsh Engager in Splunk Search 03-12-2014 1 8	1	8
How to query a particular hour for last 3 months Hi, is it possible to specify a timeframe so that i get data for every Friday 8 PM to 9 PM for the last 3 months? by xvxt006 Contributor in Splunk Search 03-12-2014 0 3	0	3
perform math calculations on values with the same field name I have some data which shows the counts of items collected by category and subcategory. The data essentially looks l... by dang Path Finder in Splunk Search 03-12-2014 0 5	0	5
time-based lookups using db connect I specified a field in the lookup definitions to use with a lookup command (database lookup) and it appears not to wo... by rdownie Communicator in Splunk Search 03-12-2014 1 2	1	2