Splunk Search

Community Activity

Percentage of counts (view through rates) I am looking to get percentages into a table. I have 2 separate searches that count different events. I will like to... by kramsay Engager in Splunk Search 01-09-2014 0 6	0	6
how to turn an inner join into sub-search and pass non matching values sourcetype=Account contains Id values and the AccountName sourcetype=Issue contains AccountId values but no Account... by rsennett_splunk Splunk Employee in Splunk Search 01-09-2014 1 6	1	6
Intersect, Diff and Pie Chart I have a very large number of win7 machines. I pulled a CSV file from Active Directory, AD1.csv. I then created ano... by belka Path Finder in Splunk Search 01-09-2014 0 1	0	1
Splunk Default Fields in Data What happens during indexing if my data were to have key value pairs where the key is the same as one of the default ... by fredclown Builder in Splunk Search 01-09-2014 0 2	0	2
what is the syntax for fieldname not equals regex hi, what is the syntax for fieldname not equals regex thanks, by alexl1 Path Finder in Splunk Search 01-09-2014 0 4	0	4
Problem with hyphen delimited sourcetype and spaces I've got some logs that are in a format like this 2013-12-29 08:23:21,151 - INFO - 1.1.1.1 - None - None - SERVER1 -... by jstockamp Communicator in Splunk Search 01-09-2014 0 5	0	5
I need help finding a substring and setting it to display in a new field. I am sure this is probably a noob question, but I am a noob and I have been researching this for a while this morning... by dlespron Path Finder in Splunk Search 01-09-2014 0 19	0	19
Ensure scheduled searched based alerts finish before next one kicks in We have a lot of scheduled search based alerts (mostly 10 minute schedules)....how do we ensure these jobs are comple... by Mag2sub Path Finder in Splunk Search 01-09-2014 0 5	0	5
How to compare strings and determine the newly added fields. Hello I am trying to create a report which compares users present on day x with the users present on day y.After com... by theouhuios Motivator in Splunk Search 01-09-2014 0 2	0	2
Searching Columns Hi All, I am new to splunk and when I try to search an excel file with one of the columns like id i am not getting a... by jimjohn Path Finder in Splunk Search 01-09-2014 0 2	0	2
use outputcsv and inputcsv in one query Hi, I want to write a query where, I can store a result in csv file. for e.g "outputFile" and then search through tha... by harshal_chakran Builder in Splunk Search 01-09-2014 0 2	0	2
Co related sub search in Splunk Please help in creating the below search: Select x.cn_no, (select distinct ad.CD_cd_flag from act_hist ad w... by dinesh_wadhwa Engager in Splunk Search 01-08-2014 0 5	0	5
Sorting a list Hi Splunkers! My data looks like this - it may be familiar from a recent high-profile data leak  phone number, use... by himynamesdave Contributor in Splunk Search 01-08-2014 0 1	0	1
Detection of stealthy events On security issues, there are high intensity events - scanning - and low-intensity (or stealthy) events - periodic or... by Thuan Explorer in Splunk Search 01-08-2014 0 3	0	3
local limits.conf not working for the specified span would result in too many (>50000) rows I have created a view for max transactions/second, I have a timechart with a 1 second span which counts transaction/s... by jaideep_gaikwad Engager in Splunk Search 01-08-2014 1 1	1	1
Find data in indexes with only two leters in the title I have lots of indexes All of the Organizations have there data in indexes with only two letters like index=os I wan... by hartfoml Motivator in Splunk Search 01-08-2014 0 2	0	2
change home caption Hello Friends, I want to change "Home" caption which is at the first page at left hand side once we login and I want... by vikas_gopal Builder in Splunk Search 01-08-2014 0 1	0	1
Conditional search command Hi Splunkers, I was wondering if it's possible to run a search command only under specific conditions? E.g. when a f... by Simon Contributor in Splunk Search 01-08-2014 1 4	1	4
same event with two stamps Hi, sample.log 13 Aug 2013 11:28:30,414 [WebContainer : 6] ERROR - An Error has occured for com.framework.core.exce... by prad18 Path Finder in Splunk Search 01-08-2014 0 4	0	4
Mathematic manipulation on 2 separate seraches I want to perform mathematic manipulations on 2 unrelated search results. i.e. I want to take a result like: source=... by ramic Engager in Splunk Search 01-08-2014 0 5	0	5
Events correlation: search events that occur after N given events Hello guys, I have an access log and I need to extract (detect) all those "successful login" events that have occurr... by fabiob Explorer in Splunk Search 01-08-2014 0 6	0	6
total concurrent searches can anyone let me know how to find the total concurrent searches in splunk for example in the last few days etc and t... by d646800 Explorer in Splunk Search 01-07-2014 0 3	0	3
lookup table and drop downs Hi All, I have created a lookup table of all the users by piping the search results to output lookup called users.csv... by daktapaal Path Finder in Splunk Search 01-07-2014 0 2	0	2
Getting a list or count of events against a list of values - where a value might not have any associated events I have a list of apps and would like to generate a view that shows what scheduled searches are being run in each. The... by Runals Motivator in Splunk Search 01-07-2014 0 3	0	3
I've installed the Splunkit App, but now I have no idea how to use it I just tried to install the splunkit App here: http://apps.splunk.com/app/749/ But I can't find any documentation o... by weeb Splunk Employee in Splunk Search 01-07-2014 4 1	4	1