Splunk Search

Community Activity

Linegraph with Datestring / Convert Timestamp to _time Hi, I've got a lookupfile with a timestamp (in seconds) and other entries. I've converted the timestamp into a dates... by HeinzWaescher Motivator in Splunk Search 11-06-2013 0 3	0	3
How to use Splunk Reports in SAP Business Objects? Did someone ever tried to use a Splunk Dashboard or single Report in SAP Business Objects? Is this even possible? Wh... by tpaulsen Contributor in Splunk Search 11-06-2013 0 1	0	1
Custom Variables \ eVars in Splunk – Segment all data on a user event. I use iis server logs, each user has a unique ID (cs_username) as authentication is required on the site. Does Splun... by DanielFordWA Contributor in Splunk Search 11-06-2013 0 4	0	4
Search for mutiple values using rex and store them in a same single field Im looking to achieve the following using Rex. Below is the search query which im trying to run sourcetype=XXXXXX (... by ppurokit Path Finder in Splunk Search 11-06-2013 0 3	0	3
Nested search Hi all, I have 2 dump files and put separate them into 2 sourcetypes, sourcetype=transaction_status and sourcetype=t... by frankagustinus Explorer in Splunk Search 11-05-2013 0 3	0	3
Basic OR statement question So I have this search and it works just fine: dest="10." OR dest="172.16." OR dest="192.168.*" AND action=failure ... by echojacques Builder in Splunk Search 11-05-2013 1 3	1	3
Extraction Precedence If you have index time extractions configured will search time extractions override them? by tprzelom Path Finder in Splunk Search 11-05-2013 0 2	0	2
Buffer overflow for field? Hi ! I would like to know if there are any restricted size value for fields. I have tried to create a fields consis... by yuwtennis Communicator in Splunk Search 11-05-2013 1 1	1	1
Is there a way to set the label on the y axis of a chart in simple xml? I have the following chart defined in a view: <chart> <searchString> index=summary report=hw_use_by_jobs... by travis_bear Explorer in Splunk Search 11-05-2013 0 2	0	2
Events with null fields being discarded in results? Hello, in my search below, events with null fields are being discarded/excluded from the results. Specifically, any ... by echojacques Builder in Splunk Search 11-05-2013 0 2	0	2
save search results? Once a search has been created and saved, how does one change the amount of time (number of days, for example) that t... by jlawsonmers New Member in Splunk Search 11-05-2013 0 5	0	5
earliest and latest times for each hour of a day ? Hi How can give earliest and latest times for each hour of day of previous day . i.e first hour , second hour ,thir... by rakesh_498115 Motivator in Splunk Search 11-05-2013 0 1	0	1
Top to a sum by a field I am trying to get top 10 channels (chanName) by brand (BRAND) based on the duration (durationPerRoom). I have durati... by cmerriman Super Champion in Splunk Search 11-05-2013 1 4	1	4
Data Format Transforamtion Hello All I am just started using Splunk for my project and very new to it . In my project, there is a requirement ... by kkamatchisundar New Member in Splunk Search 11-05-2013 0 2	0	2
date time format Hi, we have a tool, which is writing to a database. I use splunk db connect to get the data out of it. The tool write... by ryoku Explorer in Splunk Search 11-05-2013 3 3	3	3
sum values if< Hi, I'm calculating a duration for each event in the dataset and would like to calculate the sum for all durations <... by HeinzWaescher Motivator in Splunk Search 11-05-2013 1 2	1	2
Trouble with regex in transforms.conf I am filtering events in transforms.conf but I cannot seem to get the regex to match. When I test the regex in Search... by sc0tt Builder in Splunk Search 11-05-2013 0 4	0	4
Index data through syslog push. Hello guys, I have a doubt about this application "Splunk for Cisco IronPort Web Security Appliance". I'd like to i... by dfigurello Communicator in Splunk Search 11-05-2013 0 1	0	1
Single search in multiple charts Hi All, I have a search such as search logs \| ... \|timchart count(eval(X="a")), count(eval(X="b)), count(eval(X="c... by gimbil Explorer in Splunk Search 11-04-2013 0 2	0	2
Is there a search or other way to easily list the indexes I am permissioned to search? I have a multiple index system where some roles can search some indexes and other roles other indexes. My personal u... by juniormint Communicator in Splunk Search 11-04-2013 3 12	3	12
Where to put scripts in a search head pool? We have a search head pool which share etc/apps under a NAS export ... /pool/etc/apps The documention indicates that... by pkeller Contributor in Splunk Search 11-04-2013 1 2	1	2
Search to find hacker changing IP addresses Hello, I have a hacker hitting our site. I can see him in our apache logs and we had an script which send him to a ... by daniel333 Builder in Splunk Search 11-04-2013 0 1	0	1
Search Dashboard: "What to Search", what query is executed? What kind of search query is executed on the Search Dashboard on "What to Search"? In my dashboard (search-head), I ... by mkelderm Path Finder in Splunk Search 11-04-2013 1 10	1	10
2D table to display test results Hi, I want to create a table to display the results(pass rate) of some test results we send to splunk. We send the ... by pm18 New Member in Splunk Search 11-04-2013 0 1	0	1
Newbie question - top(field1) by field2? I have a large log of items that come from different machines. Each machine generates some set of errors. I want to s... by kylar Engager in Splunk Search 11-04-2013 0 4	0	4