Splunk Search

Community Activity

timechart span offset I have a working chart that uses "timechart span=1w". Is there any way to make the week span go from Monday-Sunday ... by AI_Wizard New Member in Splunk Search 10-31-2013 0 5	0	5
"sort _time" is losing days/events for timechart Hi, i would like to sort the events by _time and create a timechart. \| timechart span=1d dc(user) Here the displaye... by HeinzWaescher Motivator in Splunk Search 10-31-2013 0 4	0	4
Timecharting a Ratio All, So I have this search, whick works fine. It shows me the unique users in apache vs errors vs checkouts. Perfec... by daniel333 Builder in Splunk Search 10-31-2013 0 1	0	1
plot a graph Hi, For the following search results i need to ploa a graph with starttime in y-axis and Host in x-axis. How to do t... by srinathd Contributor in Splunk Search 10-30-2013 0 8	0	8
Software application best practice for logging sets of tuples for Splunk When you have control of the logging in an application, what is the recommendation to make things as easy as possible... by gregbujak Path Finder in Splunk Search 10-30-2013 0 3	0	3
trouble using regex to find a timestamp Hi, I'm trying to use regex to define where my stamp stamp is in the data below. I have it working for some of the ... by jgautreau Explorer in Splunk Search 10-30-2013 0 10	0	10
Timeout error in ResultsReaderXML c# SDK example search program When I invoke the C# SDK example search() program to retrieve the same test data I submitted, I get some of my result... by afd0174 Explorer in Splunk Search 10-30-2013 3 21	3	21
Dynamic Chart from Summary Index I'm looking to create a dynamic chart from a summary index, but I'm not sure how to go about it. Basically, I need t... by mbuschle Explorer in Splunk Search 10-30-2013 0 3	0	3
Two searches combined including transaction The below gives me the correct number of hits per external user sourcetype="iis-2" \| extract auto=true \| search CORE... by DanielFordWA Contributor in Splunk Search 10-30-2013 0 2	0	2
correct regex for whitelisting files I have files that have names like this: appflow-0017c569f354.syslog-dynamic-96 appflow-0017c569f354.syslog-dynamic-97... by jalfrey Communicator in Splunk Search 10-30-2013 0 3	0	3
Need Assistance with Search to Display Machines with Reoccurring Infections - Delta or Diff Command Assistance I need some assistance with constructing a search to help identify machines with reoccurring infections. I thought t... by jodros Builder in Splunk Search 10-30-2013 0 1	0	1
How do I use inputlookup to search a list of domains? I have a .csv list of domains I would like to search and I've uploaded it as a lookup table file. The table is for... by digital_alchemy Path Finder in Splunk Search 10-30-2013 0 1	0	1
eval searchmatch with OR I am trying to do a search match based on a number of different criteria. The below does not work. sourcetype="iis-... by DanielFordWA Contributor in Splunk Search 10-30-2013 0 11	0	11
Comparing fields with previous events A logon script generates an event every time a user logs into the desktop. Here are the sample events in Splunk from ... by sudhir_gandhe Explorer in Splunk Search 10-30-2013 1 5	1	5
Timechart: Returning Users Hello, I want to achieve a timechart with a stat for returning Users, which means the number of unique users who hav... by HeinzWaescher Motivator in Splunk Search 10-30-2013 0 5	0	5
Stats for exception reporting Hi  I am trying to setup some exception reports for our capacity planners and I can construct a search that generat... by lukeh Contributor in Splunk Search 10-29-2013 1 2	1	2
Timechart with two different spans Hi  I have a chart with one line for Usage (span=1d) and another line for 95th_Percentile (span=30d) but I am using... by lukeh Contributor in Splunk Search 10-29-2013 2 2	2	2
REGEX and NullQueue problem Hello, I have setup a nullqueue to drop certain types of traffic. The traffic I want to drop is dest_port=53, any t... by echojacques Builder in Splunk Search 10-29-2013 0 11	0	11
Work with dates outside of timestamp Hello, I'm trying to keep only results where the date in a field (unix time) is earlier than the previous month. I'... by gnoellbn Explorer in Splunk Search 10-29-2013 0 4	0	4
need to filter out those error which occur due to a particular deployment for that sourcetype. I have a site and errors on that site are being recorded in splunk. I basically need to filter out those error which ... by Nisha18789 Builder in Splunk Search 10-29-2013 0 8	0	8
matching different types of exception Hi, I've to match 3 to 4 types of different types of exception and then tag them as Type_exception. sample log : 0... by prad18 Path Finder in Splunk Search 10-29-2013 0 3	0	3
Optimizing subsearch I'm trying to optimize a query joining multiple sourcetypes based on a key. I would appreciate any suggestions on ho... by mchipouras Explorer in Splunk Search 10-29-2013 1 6	1	6
What is the correct REGEX for this? Hello, What is the correct REGEX to match the following field and value in all events from any sourcetype: dest_por... by echojacques Builder in Splunk Search 10-29-2013 0 5	0	5
Telling Splunk to decide which type of chart to use depending on incoming data I have a view with multiple drop downs. You can select the service and then the users which are related with that ser... by watsm10 Communicator in Splunk Search 10-29-2013 2 2	2	2
Combine 2 searches into table..one is a stats Hello I have the following searches below. The simta_smtp_authuser is the same username as the simta_ublauthuser of... by brywilk_umich Path Finder in Splunk Search 10-29-2013 0 3	0	3