Splunk Search

Community Activity

Stats for exception reporting Hi  I am trying to setup some exception reports for our capacity planners and I can construct a search that generat... by lukeh Contributor in Splunk Search 10-29-2013 1 2	1	2
Timechart with two different spans Hi  I have a chart with one line for Usage (span=1d) and another line for 95th_Percentile (span=30d) but I am using... by lukeh Contributor in Splunk Search 10-29-2013 2 2	2	2
REGEX and NullQueue problem Hello, I have setup a nullqueue to drop certain types of traffic. The traffic I want to drop is dest_port=53, any t... by echojacques Builder in Splunk Search 10-29-2013 0 11	0	11
Work with dates outside of timestamp Hello, I'm trying to keep only results where the date in a field (unix time) is earlier than the previous month. I'... by gnoellbn Explorer in Splunk Search 10-29-2013 0 4	0	4
need to filter out those error which occur due to a particular deployment for that sourcetype. I have a site and errors on that site are being recorded in splunk. I basically need to filter out those error which ... by Nisha18789 Builder in Splunk Search 10-29-2013 0 8	0	8
matching different types of exception Hi, I've to match 3 to 4 types of different types of exception and then tag them as Type_exception. sample log : 0... by prad18 Path Finder in Splunk Search 10-29-2013 0 3	0	3
Optimizing subsearch I'm trying to optimize a query joining multiple sourcetypes based on a key. I would appreciate any suggestions on ho... by mchipouras Explorer in Splunk Search 10-29-2013 1 6	1	6
What is the correct REGEX for this? Hello, What is the correct REGEX to match the following field and value in all events from any sourcetype: dest_por... by echojacques Builder in Splunk Search 10-29-2013 0 5	0	5
Telling Splunk to decide which type of chart to use depending on incoming data I have a view with multiple drop downs. You can select the service and then the users which are related with that ser... by watsm10 Communicator in Splunk Search 10-29-2013 2 2	2	2
Combine 2 searches into table..one is a stats Hello I have the following searches below. The simta_smtp_authuser is the same username as the simta_ublauthuser of... by brywilk_umich Path Finder in Splunk Search 10-29-2013 0 3	0	3
REGEX Extraction for btool.log I have these btool logs: 10-29-2013 09:15:34.551 INFO AdminManager - added factory for admin handler: 'licenses' 10... by hartfoml Motivator in Splunk Search 10-29-2013 0 4	0	4
advice for syncing knowledge bundles over the WAN I have West Coast and an East Coast Datacenters with splunk indexers. my search users are in the West coast so my si... by tpsplunk Communicator in Splunk Search 10-29-2013 2 2	2	2
A loop to mail individual events to different addresses I have a simple search similar to this host=ccirc.example.com \| table email malware \| sort email \| uniq which give... by decoherence Explorer in Splunk Search 10-29-2013 0 3	0	3
lookup from different source types based on a common value I want to search from multiple sources having one field in common and the query should return all the fields from bot... by lphirke New Member in Splunk Search 10-29-2013 0 3	0	3
Stacked Chart to show how many calls where assigned to the Assignee by the Queuemanagers I am pretty new to Splunk, but pretty hooked already  After creating some handy reports, I now have a hard time crea... by NielSplunk New Member in Splunk Search 10-29-2013 0 2	0	2
Subsearch in realtime search vs scheduled search I have a search that should display a percentage of bad events compared to the good events over a time period. I want... by chris Motivator in Splunk Search 10-29-2013 0 1	0	1
Does date_hour work properly Hi, I am getting order count today by hour vs last week same day by hour and having a column chart. This works fine m... by xvxt006 Contributor in Splunk Search 10-29-2013 1 5	1	5
Need assistance creating a timechart using a calculated value I have the following search that gives me the ratio between the values from 2 separate searches. I'm sure it's prett... by john_byun Path Finder in Splunk Search 10-28-2013 0 5	0	5
Escaping characters in an event I have a dataset that is going into Splunk where an event is a timestamp followed by a list of key value pairs where ... by jwestberg Splunk Employee in Splunk Search 10-28-2013 2 6	2	6
Custom Search - Help needed. I have trap data coming onto my Splunk Server ... the data looks like this 1.3.6.1.4.1.3279.1.1.8.1.35.2 = ObjectSyn... by nandipatisunil Path Finder in Splunk Search 10-28-2013 2 4	2	4
Transaction Events Issue My search is partially working in the aspect that it returns event data, however all of the events are mashed into on... by jberlin Path Finder in Splunk Search 10-28-2013 0 2	0	2
Understanding Math on the Search Line I'm having trouble understanding the math rules on the search line, so instead of continuing to guess what might work... by tristanmatthews Path Finder in Splunk Search 10-28-2013 1 1	1	1
String to Date Conversion Hi Team, I am new to splunk and currently we are working to visualize splunk reports to Tableau, but when we import ... by sandeep_thosar Explorer in Splunk Search 10-28-2013 1 14	1	14
multiline regex I have an unstructured log file that looks like the following. How would I go about creating key/value pairs for metr... by briang67 Communicator in Splunk Search 10-28-2013 0 7	0	7
Combination of uri patterns Hi, i would like to capture the below 2 patterns and i tried to use the below combination but i am not getting inten... by xvxt006 Contributor in Splunk Search 10-28-2013 0 4	0	4