Splunk Search

Community Activity

Mulitple indexes, sourcetypes - obtaining counts Hi, I am hoping to use the search below, to get the counts for the categories in DIRECTION and the categories in TYPE... by RB5 Path Finder in Splunk Search 02-05-2014 0 5	0	5
Grouping and Counting the Group Values Hello. I have a requirement of presenting a table with Countries, users and the number of users in that country.. SO ... by kanda18 Explorer in Splunk Search 02-05-2014 0 4	0	4
generate external url links from search I have a simple search with an eval that generates a valid HTML link: index=sonicwall "TemplateID=265" \| eval suppor... by jalfrey Communicator in Splunk Search 02-05-2014 0 1	0	1
Pareto charting of sensor data hey everyone, I'm working with a lot of sensor data and i have been trying to develop a pareto chart to look at the p... by twistedsixty4 Path Finder in Splunk Search 02-05-2014 0 2	0	2
How do I chart "number of values that are at least"/"number of values that are X or more" Sample data: alpha 2 beta 1 gamma 4 delta 3 epsilon 10 zeta 13 eta 3 theta 8 iota 4 kappa 6 ... by Raistlan Explorer in Splunk Search 02-05-2014 1 3	1	3
splunk.Intersplunk.outputResults to return the results in a determined order I have a set of custom search commands that are working fine but I need splunk.Intersplunk.outputResults to return th... by lpolo Motivator in Splunk Search 02-05-2014 0 4	0	4
Radio Button default selection parameter (Advanced XML) In a StaticSelect module, the parameter to set the pre-selected value is: All But when I try to use that for a stat... by beaunewcomb Communicator in Splunk Search 02-05-2014 1 1	1	1
Version 6 Search Dashboard? I just upgraded to version 6 and I'm disappointed that the search dashboard from version 5 doesn't appear to be avail... by mhpeters New Member in Splunk Search 02-05-2014 0 1	0	1
Extracting Logs at Whitespace Right now, I have a name=value\|name=value\| format for some logs. But one problem is the Splunk auto-extract for tha... by _gkollias Builder in Splunk Search 02-05-2014 0 4	0	4
search & sub search to match on valu- I'm trying to create a search to validate two files match on a given field. I want to check the all the event number... by himynamesdave Contributor in Splunk Search 02-05-2014 0 1	0	1
Combine the two search commands output to get the desired result Hi, I have one search command which gives the output in table as shown below: parameter1 value1 param1 10 p... by harshal_chakran Builder in Splunk Search 02-05-2014 0 3	0	3
display the dropdown content as Chart title Hi, I am using a xml code for showing a dropdown as follows:- I want to display the content of dropdown, i.e.Data... by harshal_chakran Builder in Splunk Search 02-05-2014 2 3	2	3
data filter hello , @ props.conf [host::TheHost] TRANSFORMS-ReadData_bktfileserver = filter_ReadData [WinEventLog:Security] T... by blebit Path Finder in Splunk Search 02-05-2014 0 7	0	7
regex path without filename from source Hallo, I fruitless tried to extract the path from the source field. My latest test is: source="C:\\Users\\...\\...\\... by Moritz Explorer in Splunk Search 02-05-2014 0 7	0	7
Determine number of searches per day (non-scheduled). How do I determine the number of non-scheduled searches that are run per day. We are running pooled searchheads. Ru... by rmorlen Splunk Employee in Splunk Search 02-04-2014 2 5	2	5
Ironport email - list out the email errors Can anyone provide some sample search query to list out the errors? I have the error log shown as below and I want t... by vickileong Explorer in Splunk Search 02-04-2014 0 2	0	2
Cut Fields of log data file Hi guys, I'll appreciate your help for my question. Well, I have a data file that has ten fields and I need cut only... by rafamss Contributor in Splunk Search 02-04-2014 0 1	0	1
Need help with timechart query We have following entries in our app log: 2013-12-06 09:09:23,918 Level=INFO Thread=http-apr-45082-exec-2 Logger=c.... by splunknovice Engager in Splunk Search 02-04-2014 0 2	0	2
Saved Searches Hi, When I run a search query and save the job for 7 days by editing under job settings. Will the results for those... by sushma7 Path Finder in Splunk Search 02-04-2014 0 1	0	1
Can't evaluate expression in query over multiple files Here's my query in Search: host=kpidata source="avail" \| eval Time = _time \| eval days_in_month = round((relative_... by rjahrling New Member in Splunk Search 02-04-2014 0 3	0	3
Subsearch with stats first not working as expected My dataset has multiple events for a single _time. Batches get loaded whenever it's sent by a 3rd party. I have 25 un... by robertlabrie Path Finder in Splunk Search 02-04-2014 0 4	0	4
Need to Change Search to Add 90th Percentile to the Bucketed Items Hello index=tt Reserve OrderIntegration \| transaction dye maxspan=30s maxpause=10s startswith="Begin Reserve" endsw... by tkwaller Builder in Splunk Search 02-04-2014 1 8	1	8
Extracting name out of http_request Need help extracting "test" out of - http_request="POST /rest/api/test/*" Thanks, by vmishra Engager in Splunk Search 02-04-2014 0 3	0	3
Finding an Error in the middle of a Transaction I have a unique ID (RID) for a each client click. A single click can execute between 3 and, sometimes, over 100 log ... by tyronetv Communicator in Splunk Search 02-04-2014 0 3	0	3
Count when sum reaches specific number then start over. Hello, I have data that shows the number of items I'm counting by item number. Is there a way to count when I have ... by AlexMcDuffMille Communicator in Splunk Search 02-04-2014 1 5	1	5