Splunk Search

Community Activity

Renaming Disparate Search Fields I'm trying to rename two fields gathered from a search and having a problem. In the example below, I have a search th... by albyva Communicator in Splunk Search 11-15-2013 0 2	0	2
Real-time search, URL Loader and inputlookup issue Hello there, I am facing a fairly difficult problem with Splunk... Let me quickly explain my current scenario: I ha... by anjafischer Path Finder in Splunk Search 11-15-2013 0 4	0	4
Real-time and charts not working in a dashboard Hello, I am having trouble to make realt-time charts work uin my current dashboard. I am working with advanced XML a... by anjafischer Path Finder in Splunk Search 11-15-2013 0 1	0	1
Combine search and subsearch into one search to enable real-time charting Hello, I am trying to figure out how to combine the following search and subsearch into one search such that I can u... by anjafischer Path Finder in Splunk Search 11-15-2013 0 3	0	3
Why does "Ask a Question" page merge some lines? I had a perfectly coherent question but when I clicked the "Ask Your Question" button, I saw that the most important ... by woodcock Esteemed Legend in Splunk Search 11-14-2013 3 3	3	3
Display total and type from one type in Area Plot 24hr increments Hope someone is up for a challenge. Here's the query I'm using. index=[app] [keyword] earliest=10/01/2013:0:0:0 lat... by CharterBT Explorer in Splunk Search 11-14-2013 0 1	0	1
Splunk receiver not responding I have Splunk set up on Windows 7. Set to receive on port 9997. I have Splunk Universal Forwarder on Ubuntu set to f... by ser72 New Member in Splunk Search 11-14-2013 0 2	0	2
Index selected events of log file I have a log file namned: wrapper.log This log file has two different type of events defined with the prefix INFO or ... by carljohan Path Finder in Splunk Search 11-14-2013 0 10	0	10
Sideview Utils Table module question Hi the table module support horizontal scrolling ? I do not see the scroll bar , when there are too many columns i... by dmlee Communicator in Splunk Search 11-14-2013 0 4	0	4
host name is listed twice - lowercase and CAPS not sure how this happened, but I have the same host listed twice; once in all lower case (host1) and once in all CAP... by pil321 Communicator in Splunk Search 11-14-2013 0 1	0	1
Key/value pair vs CSV in relation to daily license We currently have a scripted input into Splunk that is a CSV and we are doing field extractions via regex. This is no... by fredclown Builder in Splunk Search 11-14-2013 0 2	0	2
limiting column or cell results Hello All - I have the following search query with following search results below. What I like to do is to limit the ... by dhammad New Member in Splunk Search 11-14-2013 0 2	0	2
How do I regex and include in field value? I'm monitoring DHCP logs and I'm trying to separate out known device types with the aim of looking for unknown device... by capilarity Path Finder in Splunk Search 11-14-2013 0 2	0	2
metadata search for tagged and untagged servers I'm trying to do a search for servers that have reported to verify their status (server up or server down). I have so... by pil321 Communicator in Splunk Search 11-14-2013 0 2	0	2
Hide Interesting Fields? Is it possible to hide certain fields from users based on roles or some other granularity? I'm interested in giving... by andrewkenth Communicator in Splunk Search 11-13-2013 2 2	2	2
How to configure Syslog on Wireless Router Team, Please guide me to configure my wireless router to send the data over to Splunk ( My laptop) How to validate ... by thiliphk New Member in Splunk Search 11-13-2013 0 4	0	4
Frequency correlation between different sourcetypes I have two sourcetypes, one containing alerts from users that we have a problem, and another one with server logs. In... by nl_cape Explorer in Splunk Search 11-13-2013 0 6	0	6
good regex (fast) I have a field called "user". I am looking for matches that contain 6 or 7 characters, and always end with "a" but do... by mcbradford Contributor in Splunk Search 11-13-2013 0 7	0	7
DBX not outputing SQL DateTime Timestamp I have a Splunk DB Connect input setup that simply runs a sql query to grab events from sql. I have a template as my... by aelliott Motivator in Splunk Search 11-13-2013 1 20	1	20
I upgraded to 6.0 and now my field extractions don't work at all. In fact I don't get any fields extracted when I run a search from the search bar. I upgraded to 6.0 and now my field extractions don't work at all. In fact I don't get any fields extracted when I run... by DerekB Splunk Employee in Splunk Search 11-13-2013 1 1	1	1
How do i write a query on SPL to have a flag when next value of an event is greater then the precedence value? How do i write a query on SPL to have a flag when next value on events is greater then the precedence value? Here... by royimad Builder in Splunk Search 11-13-2013 0 1	0	1
Can I set the earliest and latests statements in my search using an eval statement? (any other options?) I have been trying to complete a search whicj includes several ealiest and latest statements. I need to search betwe... by itgmidrange New Member in Splunk Search 11-13-2013 0 2	0	2
Lookup return same value if not found Hi is there any way to return same value if not found in lookup table? i.e. I have file users.csv code,name 100,jh... by sarumjanuch Path Finder in Splunk Search 11-13-2013 1 2	1	2
Strptime and mktime don't want to modify time string Hi! I have a lookup table with time srings like this: 2013.11 and I want splunk to understand it is a time and make ... by iKate Builder in Splunk Search 11-13-2013 0 8	0	8
How to get the assigned value of a macro with ":" (colon) as a seperator Hi, I need to find the value of PLANDATA_TYPE from the given string in my logs i.e. PLANDATA_TYPE: ASBFGH, PLANWORK... by harshal_chakran Builder in Splunk Search 11-13-2013 0 5	0	5