Splunk Search

Community Activity

Top to a sum by a field I am trying to get top 10 channels (chanName) by brand (BRAND) based on the duration (durationPerRoom). I have durati... by cmerriman Super Champion in Splunk Search 11-05-2013 1 4	1	4
Data Format Transforamtion Hello All I am just started using Splunk for my project and very new to it . In my project, there is a requirement ... by kkamatchisundar New Member in Splunk Search 11-05-2013 0 2	0	2
date time format Hi, we have a tool, which is writing to a database. I use splunk db connect to get the data out of it. The tool write... by ryoku Explorer in Splunk Search 11-05-2013 3 3	3	3
sum values if< Hi, I'm calculating a duration for each event in the dataset and would like to calculate the sum for all durations <... by HeinzWaescher Motivator in Splunk Search 11-05-2013 1 2	1	2
Trouble with regex in transforms.conf I am filtering events in transforms.conf but I cannot seem to get the regex to match. When I test the regex in Search... by sc0tt Builder in Splunk Search 11-05-2013 0 4	0	4
Index data through syslog push. Hello guys, I have a doubt about this application "Splunk for Cisco IronPort Web Security Appliance". I'd like to i... by dfigurello Communicator in Splunk Search 11-05-2013 0 1	0	1
Single search in multiple charts Hi All, I have a search such as search logs \| ... \|timchart count(eval(X="a")), count(eval(X="b)), count(eval(X="c... by gimbil Explorer in Splunk Search 11-04-2013 0 2	0	2
Is there a search or other way to easily list the indexes I am permissioned to search? I have a multiple index system where some roles can search some indexes and other roles other indexes. My personal u... by juniormint Communicator in Splunk Search 11-04-2013 3 12	3	12
Where to put scripts in a search head pool? We have a search head pool which share etc/apps under a NAS export ... /pool/etc/apps The documention indicates that... by pkeller Contributor in Splunk Search 11-04-2013 1 2	1	2
Search to find hacker changing IP addresses Hello, I have a hacker hitting our site. I can see him in our apache logs and we had an script which send him to a ... by daniel333 Builder in Splunk Search 11-04-2013 0 1	0	1
Search Dashboard: "What to Search", what query is executed? What kind of search query is executed on the Search Dashboard on "What to Search"? In my dashboard (search-head), I ... by mkelderm Path Finder in Splunk Search 11-04-2013 1 10	1	10
2D table to display test results Hi, I want to create a table to display the results(pass rate) of some test results we send to splunk. We send the ... by pm18 New Member in Splunk Search 11-04-2013 0 1	0	1
Newbie question - top(field1) by field2? I have a large log of items that come from different machines. Each machine generates some set of errors. I want to s... by kylar Engager in Splunk Search 11-04-2013 0 4	0	4
Multiline event report Hi there i have log something like this: id=4555 event=Enter data1=12 id=4555 event=Connect data1=23 id=4555 event... by sarumjanuch Path Finder in Splunk Search 11-04-2013 0 3	0	3
Regex & File Directory Path Hi Everyone, Need a little help with regexing out a portion of a directory path. The examples below are the current ... by behymejt2012 Path Finder in Splunk Search 11-04-2013 0 8	0	8
How to reverse the order of displayed events? Got this question today from someone who needs to reverse the order of the search results for their troubleshooting p... by the_wolverine Champion in Splunk Search 11-04-2013 3 5	3	5
splunk searches to be multithreaded in a single box Is it possible to configure splunk searches to be multithreaded in a single box, that is - make single splunk-search ... by mzorzi Splunk Employee in Splunk Search 11-03-2013 10 7	10	7
How to get data by a field when not using stats Hi, I am trying to get conversion and average order value and i am using eval function to calculate these. But i wan... by xvxt006 Contributor in Splunk Search 11-03-2013 0 3	0	3
Finding the earliest event matching a query Hi all, is there a quick way to find the earliest event (given the logtype and the index) matching a query ? by flaviadonno Explorer in Splunk Search 11-03-2013 2 3	2	3
How can I count occurrences of something in the 7 days before that event? I have a summary index where I record an event for each VPN session for users, tracking things like the client IP add... by usethedata Path Finder in Splunk Search 11-03-2013 0 3	0	3
Earliest and Latest as Variables in Search I'm running a scheduled search that uses the script command to call a python script, which generates a file. I'd real... by tristanmatthews Path Finder in Splunk Search 11-01-2013 0 1	0	1
Grouping Wildcarded Ranges Together in Chart Results Hi, I feel like this is a deceptively simple question, but I'm fairly new to Splunk. I want to find the avg transact... by RMartinezDTV Path Finder in Splunk Search 11-01-2013 0 4	0	4
Contingency: no results found I have two fields: EventCode (66 distinct values) and date_mday (28 distinct values) But when I run: ' * \| continge... by arpoador New Member in Splunk Search 11-01-2013 0 3	0	3
DNS Line Braking Broker at midnight on the first of month Here is what my DNS logs look line `Oct 31 23:59:59 ns2 named[19971]: 31-Oct-2013 23:59:59.999 queries: client xxx.x... by hartfoml Motivator in Splunk Search 11-01-2013 0 2	0	2
How to convert a cumulative total into a rate I have this field which display the total number of transactions since the server has been started. I need to find ou... by adriangrassi Explorer in Splunk Search 11-01-2013 0 2	0	2