Splunk Search

Community Activity

Dynamic Chart from Summary Index I'm looking to create a dynamic chart from a summary index, but I'm not sure how to go about it. Basically, I need t... by mbuschle Explorer in Splunk Search 10-30-2013 0 3	0	3
Two searches combined including transaction The below gives me the correct number of hits per external user sourcetype="iis-2" \| extract auto=true \| search CORE... by DanielFordWA Contributor in Splunk Search 10-30-2013 0 2	0	2
correct regex for whitelisting files I have files that have names like this: appflow-0017c569f354.syslog-dynamic-96 appflow-0017c569f354.syslog-dynamic-97... by jalfrey Communicator in Splunk Search 10-30-2013 0 3	0	3
Need Assistance with Search to Display Machines with Reoccurring Infections - Delta or Diff Command Assistance I need some assistance with constructing a search to help identify machines with reoccurring infections. I thought t... by jodros Builder in Splunk Search 10-30-2013 0 1	0	1
How do I use inputlookup to search a list of domains? I have a .csv list of domains I would like to search and I've uploaded it as a lookup table file. The table is for... by digital_alchemy Path Finder in Splunk Search 10-30-2013 0 1	0	1
eval searchmatch with OR I am trying to do a search match based on a number of different criteria. The below does not work. sourcetype="iis-... by DanielFordWA Contributor in Splunk Search 10-30-2013 0 11	0	11
Comparing fields with previous events A logon script generates an event every time a user logs into the desktop. Here are the sample events in Splunk from ... by sudhir_gandhe Explorer in Splunk Search 10-30-2013 1 5	1	5
Timechart: Returning Users Hello, I want to achieve a timechart with a stat for returning Users, which means the number of unique users who hav... by HeinzWaescher Motivator in Splunk Search 10-30-2013 0 5	0	5
Stats for exception reporting Hi  I am trying to setup some exception reports for our capacity planners and I can construct a search that generat... by lukeh Contributor in Splunk Search 10-29-2013 1 2	1	2
Timechart with two different spans Hi  I have a chart with one line for Usage (span=1d) and another line for 95th_Percentile (span=30d) but I am using... by lukeh Contributor in Splunk Search 10-29-2013 2 2	2	2
REGEX and NullQueue problem Hello, I have setup a nullqueue to drop certain types of traffic. The traffic I want to drop is dest_port=53, any t... by echojacques Builder in Splunk Search 10-29-2013 0 11	0	11
Work with dates outside of timestamp Hello, I'm trying to keep only results where the date in a field (unix time) is earlier than the previous month. I'... by gnoellbn Explorer in Splunk Search 10-29-2013 0 4	0	4
need to filter out those error which occur due to a particular deployment for that sourcetype. I have a site and errors on that site are being recorded in splunk. I basically need to filter out those error which ... by Nisha18789 Builder in Splunk Search 10-29-2013 0 8	0	8
matching different types of exception Hi, I've to match 3 to 4 types of different types of exception and then tag them as Type_exception. sample log : 0... by prad18 Path Finder in Splunk Search 10-29-2013 0 3	0	3
Optimizing subsearch I'm trying to optimize a query joining multiple sourcetypes based on a key. I would appreciate any suggestions on ho... by mchipouras Explorer in Splunk Search 10-29-2013 1 6	1	6
What is the correct REGEX for this? Hello, What is the correct REGEX to match the following field and value in all events from any sourcetype: dest_por... by echojacques Builder in Splunk Search 10-29-2013 0 5	0	5
Telling Splunk to decide which type of chart to use depending on incoming data I have a view with multiple drop downs. You can select the service and then the users which are related with that ser... by watsm10 Communicator in Splunk Search 10-29-2013 2 2	2	2
Combine 2 searches into table..one is a stats Hello I have the following searches below. The simta_smtp_authuser is the same username as the simta_ublauthuser of... by brywilk_umich Path Finder in Splunk Search 10-29-2013 0 3	0	3
REGEX Extraction for btool.log I have these btool logs: 10-29-2013 09:15:34.551 INFO AdminManager - added factory for admin handler: 'licenses' 10... by hartfoml Motivator in Splunk Search 10-29-2013 0 4	0	4
advice for syncing knowledge bundles over the WAN I have West Coast and an East Coast Datacenters with splunk indexers. my search users are in the West coast so my si... by tpsplunk Communicator in Splunk Search 10-29-2013 2 2	2	2
A loop to mail individual events to different addresses I have a simple search similar to this host=ccirc.example.com \| table email malware \| sort email \| uniq which give... by decoherence Explorer in Splunk Search 10-29-2013 0 3	0	3
lookup from different source types based on a common value I want to search from multiple sources having one field in common and the query should return all the fields from bot... by lphirke New Member in Splunk Search 10-29-2013 0 3	0	3
Stacked Chart to show how many calls where assigned to the Assignee by the Queuemanagers I am pretty new to Splunk, but pretty hooked already  After creating some handy reports, I now have a hard time crea... by NielSplunk New Member in Splunk Search 10-29-2013 0 2	0	2
Subsearch in realtime search vs scheduled search I have a search that should display a percentage of bad events compared to the good events over a time period. I want... by chris Motivator in Splunk Search 10-29-2013 0 1	0	1
Does date_hour work properly Hi, I am getting order count today by hour vs last week same day by hour and having a column chart. This works fine m... by xvxt006 Contributor in Splunk Search 10-29-2013 1 5	1	5