Splunk Search

Community Activity

Chronological Eventcount Per User Hi, is it possible to a add field to each event and add a value to this field, that shows the chronological count of... by HeinzWaescher Motivator in Splunk Search 11-26-2013 0 4	0	4
Native Chart Format Limitations I'm trying to build a timechart (line graph) over 13 years using a 12 month span. My search to generate the visualis... by himynamesdave Contributor in Splunk Search 11-26-2013 0 3	0	3
Converting a timestamp, but the hour always becomes: 00 Hi, I was hoping for help on this. I want to reformat a date as follows (and if there is an easier--more condense wa... by RB5 Path Finder in Splunk Search 11-26-2013 1 7	1	7
Changing sourcetype with regex I try this in transforms.conf : [Hirschmann] DEST_KEY = MetaData:Sourcetype REGEX = "\S[A-Z]+\s[0-9]+\s[0-9]+:[0-9]... by ddarmand Communicator in Splunk Search 11-26-2013 0 3	0	3
define and search on space delimited fields Hi, I have the following data: (time x y word1 word2 ) 20131116-162406.698 569 609 burbled his 20131116-162407.59... by TimInSplunkAcc New Member in Splunk Search 11-26-2013 0 4	0	4
Multi-value Field extraction Hello, I would like to create a multi-value field for my data, how can i do that? here's a sample of my data (Start... by tallasky Explorer in Splunk Search 11-26-2013 0 6	0	6
how to create slide charts based on time in splunk using simple xml Hi all, how to create charts slide show based on time in splunk using simple xml,can u plz help me...... by mvaradarajam Path Finder in Splunk Search 11-25-2013 0 2	0	2
Correlating results from different searches I am trying to generate a report that returns a number of different account activities, specifically when new account... by JWBailey Communicator in Splunk Search 11-25-2013 0 5	0	5
How to search for a field whose value is * Hi I have a field whose value is "*", When i use that field value pair splunk is assuming it as a wildcard and retur... by mohankesireddy Path Finder in Splunk Search 11-25-2013 1 10	1	10
How can I color fields in a table based on date? Requirements: I have a dashboard to display a table containing a list of my sourcetypes with the first date last date... by digital_alchemy Path Finder in Splunk Search 11-25-2013 0 2	0	2
cron in decimal I use Splunk 5.0.1 I want a scheduled search to run by 2.5 hours. Does the search accept decimal values? like from:... by aniketb Path Finder in Splunk Search 11-25-2013 1 6	1	6
Count filled rows in multiple columns I have a table that has three columns. Normally the columns will have different numbers of entries, for example Col1 ... by kmattern Builder in Splunk Search 11-25-2013 0 5	0	5
Is it possible to increment values time after time ? Hi there, Because of some product limitations on a SMTP server, I need to desactivate snmp polling but I have to kee... by RomainH New Member in Splunk Search 11-25-2013 0 3	0	3
Search time Time-fields Hello, I have defined a search macro which is taking 3 arguments: starttime, endtime, (starttime-1y). This works ver... by psobisch Path Finder in Splunk Search 11-25-2013 0 3	0	3
How do i capture login ID as the same field across two differently-formatted logs? Hi, Looking for ideas on how to attack a problem... I have a couple of different systems (servers and vpn's) and I ... by a212830 Champion in Splunk Search 11-25-2013 0 8	0	8
Can we call different saved searches based on systemtime automatically in a dashboard? Hi I want to display different graphs within a single panel in adashboard based on system time or elase I want to dis... by lahariveerlapat Explorer in Splunk Search 11-24-2013 0 6	0	6
Data from large search deleting during search. How do I override? I have a user that is reporting that data is dropping out from a large search in splunk after a time. The user report... by gtspacegirl New Member in Splunk Search 11-24-2013 0 1	0	1
Count Events, Group by date field I have data that looks like this that I'm pulling from a db. Each row is pulling in as one event: trxn_id create... by hogan24 Path Finder in Splunk Search 11-24-2013 0 3	0	3
Adding results, fields from two different queries I have two completely different queries which of them output fields like below The output of the fields will be just... by pradeepkumarg Influencer in Splunk Search 11-23-2013 0 3	0	3
Color in a table based on cell values on 6.0 Does anybody know how to configure the necessary .js and .css in an app to color the backgrounds of cells in a table ... by aholzer Motivator in Splunk Search 11-23-2013 0 1	0	1
Regex error I am trying to validate that the user has entered their phone number in this format (555) 555-5555. I keep getting th... by Puzzle2011 Engager in Splunk Search 11-23-2013 0 1	0	1
newbie question Hi basic question. How do i search data and return results on content that has a colon in it? Such as Server: Apa... by simplywibble New Member in Splunk Search 11-22-2013 0 3	0	3
tonumber Not Working? I have windows logs and I have extracted the Process ID's and Login ID's. I thought the \| eval tonumber would work bu... by andrewkenth Communicator in Splunk Search 11-22-2013 0 1	0	1
How to combine results from 2 servers into 1 combined field? Hello, Is there a way to combine the results for 2 different servers (DNS names) into a third field that becomes the... by echojacques Builder in Splunk Search 11-22-2013 0 9	0	9
How to build a tranform which applies to a events with a field value found in a provided list I have a index time transform which is a bit loose in what it matches. I would like to limit it to a whitelist of in... by juniormint Communicator in Splunk Search 11-22-2013 0 3	0	3