Splunk Search

Community Activity

Parameters for search Hi, What would be the available options in order to parameterize a search in a Splunk view ? Let's say that all eve... by klausJohan Path Finder in Splunk Search 11-07-2013 0 3	0	3
How to format _time field and get rid of miliseconds? Hi, In the search results, I'd like to have _time displayed without ms at the end (06/11/2013 23:13:22.000 -> 06/11/... by lutel Explorer in Splunk Search 11-07-2013 0 3	0	3
Trigger Search Restart Hi, I have a dashboard that contains an IFrameInclude module and a HiddenSearch module . The IFrameInclude points to... by klausJohan Path Finder in Splunk Search 11-06-2013 1 2	1	2
best approach for sub search with total Hi, I've the ff search main search for getting total ... \| join type=outer _time [ search main search for getting ... by adomila Explorer in Splunk Search 11-06-2013 0 8	0	8
Path Analysis in Splunk Hi, I use iis server logs and in each hit I have the flowing parameters. cs_uri_stem= Page user is on cs_Referer=Pr... by DanielFordWA Contributor in Splunk Search 11-06-2013 1 13	1	13
combining multiple events (LEG1 & LEG2) and putting as a macro hi Folks, I'm fairly new to splunk. I've written a script to get logs from F5 using SNMP. The events retrieved are ... by koshyk Super Champion in Splunk Search 11-06-2013 0 3	0	3
Lookup table with two primary keys My company uses ConnectDirect (C:D) as a tool for file transfer. Within the connect direct logs the hosts are referr... by tyronetv Communicator in Splunk Search 11-06-2013 0 8	0	8
Linegraph with Datestring / Convert Timestamp to _time Hi, I've got a lookupfile with a timestamp (in seconds) and other entries. I've converted the timestamp into a dates... by HeinzWaescher Motivator in Splunk Search 11-06-2013 0 3	0	3
How to use Splunk Reports in SAP Business Objects? Did someone ever tried to use a Splunk Dashboard or single Report in SAP Business Objects? Is this even possible? Wh... by tpaulsen Contributor in Splunk Search 11-06-2013 0 1	0	1
Custom Variables \ eVars in Splunk – Segment all data on a user event. I use iis server logs, each user has a unique ID (cs_username) as authentication is required on the site. Does Splun... by DanielFordWA Contributor in Splunk Search 11-06-2013 0 4	0	4
Search for mutiple values using rex and store them in a same single field Im looking to achieve the following using Rex. Below is the search query which im trying to run sourcetype=XXXXXX (... by ppurokit Path Finder in Splunk Search 11-06-2013 0 3	0	3
Nested search Hi all, I have 2 dump files and put separate them into 2 sourcetypes, sourcetype=transaction_status and sourcetype=t... by frankagustinus Explorer in Splunk Search 11-05-2013 0 3	0	3
Basic OR statement question So I have this search and it works just fine: dest="10." OR dest="172.16." OR dest="192.168.*" AND action=failure ... by echojacques Builder in Splunk Search 11-05-2013 1 3	1	3
Extraction Precedence If you have index time extractions configured will search time extractions override them? by tprzelom Path Finder in Splunk Search 11-05-2013 0 2	0	2
Buffer overflow for field? Hi ! I would like to know if there are any restricted size value for fields. I have tried to create a fields consis... by yuwtennis Communicator in Splunk Search 11-05-2013 1 1	1	1
Is there a way to set the label on the y axis of a chart in simple xml? I have the following chart defined in a view: <chart> <searchString> index=summary report=hw_use_by_jobs... by travis_bear Explorer in Splunk Search 11-05-2013 0 2	0	2
Events with null fields being discarded in results? Hello, in my search below, events with null fields are being discarded/excluded from the results. Specifically, any ... by echojacques Builder in Splunk Search 11-05-2013 0 2	0	2
save search results? Once a search has been created and saved, how does one change the amount of time (number of days, for example) that t... by jlawsonmers New Member in Splunk Search 11-05-2013 0 5	0	5
earliest and latest times for each hour of a day ? Hi How can give earliest and latest times for each hour of day of previous day . i.e first hour , second hour ,thir... by rakesh_498115 Motivator in Splunk Search 11-05-2013 0 1	0	1
Top to a sum by a field I am trying to get top 10 channels (chanName) by brand (BRAND) based on the duration (durationPerRoom). I have durati... by cmerriman Super Champion in Splunk Search 11-05-2013 1 4	1	4
Data Format Transforamtion Hello All I am just started using Splunk for my project and very new to it . In my project, there is a requirement ... by kkamatchisundar New Member in Splunk Search 11-05-2013 0 2	0	2
date time format Hi, we have a tool, which is writing to a database. I use splunk db connect to get the data out of it. The tool write... by ryoku Explorer in Splunk Search 11-05-2013 3 3	3	3
sum values if< Hi, I'm calculating a duration for each event in the dataset and would like to calculate the sum for all durations <... by HeinzWaescher Motivator in Splunk Search 11-05-2013 1 2	1	2
Trouble with regex in transforms.conf I am filtering events in transforms.conf but I cannot seem to get the regex to match. When I test the regex in Search... by sc0tt Builder in Splunk Search 11-05-2013 0 4	0	4
Index data through syslog push. Hello guys, I have a doubt about this application "Splunk for Cisco IronPort Web Security Appliance". I'd like to i... by dfigurello Communicator in Splunk Search 11-05-2013 0 1	0	1