Splunk Search

Community Activity

Measuring search performance mesurement Hi! Does anybody know any tool that can measure the search performance per pipeline? Purpose is to detect the portio... by yuwtennis Communicator in Splunk Search 10-14-2013 1 1	1	1
Proper command_line format for perfdata log files Hey All, Just going through getting Splunk for Nagios installed and I followed the instructions as provided and all ... by kultar Engager in Splunk Search 10-14-2013 0 1	0	1
using tstats with a datamodel I'm trying to use tstats from an accelerated data model and having no success. I took a look at the Tutorial pivot r... by rettops Path Finder in Splunk Search 10-14-2013 1 1	1	1
Comparing regex and print result if a specific condition is met Hi, I've searched through the Answers section, with not much help. What I'd like to do is to parse a log entry, to ... by mtanadsk Explorer in Splunk Search 10-14-2013 0 1	0	1
Multi value regex Hello I am trying to extract multiple values of single field name. SysStatsUtilizationDiskSpace=17.58% /, SysStat... by theouhuios Motivator in Splunk Search 10-14-2013 0 1	0	1
Inline field extraction with rex I'm not a big regex power yet, I know this is easy, but since it is not on a system I can't test and figure out mysel... by lukejadamec Super Champion in Splunk Search 10-14-2013 0 4	0	4
Can I use search on lookupfields for earliestTime instead of hardcoding them? Hi I want to use lookupfield search to extract value for earliesTime and latestTime. Can I use as in example below? ... by manish31383 New Member in Splunk Search 10-14-2013 0 1	0	1
Comparing 2 fields Hi, I have 2 fields that are already extracted uri and referer. I want to right a search based on if uri value =re... by xvxt006 Contributor in Splunk Search 10-14-2013 0 7	0	7
get the unique count from the list of numbers Hi, I want to get the unique count of the numbers available in the log. for e,g, I have used the list query to get ... by harshal_chakran Builder in Splunk Search 10-14-2013 0 1	0	1
filter results inside a chart... I am using: … \| chart sum(field1) over field2 by field3 to give me a nice chart of sums dependent on different ... by JWBailey Communicator in Splunk Search 10-13-2013 1 6	1	6
How to change app to use default search UI on Splunk 6? We upgraded from Splunk 4.3.5 to 6 and I would like to update an app to use the new UI search. There were no other cu... by sc0tt Builder in Splunk Search 10-13-2013 0 1	0	1
Custom Conditions I am new to splunk and want to create an alert for switch ports that flap. So, I need a way to alert if a port on a ... by exd42062 Path Finder in Splunk Search 10-12-2013 1 20	1	20
Distributed search with multiple timezones We recently set up a distributed search environment to display live data on a shared dashboard. The search peer is 3.... by sc0tt Builder in Splunk Search 10-12-2013 0 9	0	9
Query - Splunk "DB Connect" app We are using Splunk "DB Connect" app running on search head to connect to remote MS SQL database and pull relevant in... by coolgagan13 New Member in Splunk Search 10-12-2013 0 3	0	3
events since a certain time (1700) in the previous business day We have a deadline on a business day after which we cannot place orders (events). This is 1700 hrs. I would like ... by owainmcguire Engager in Splunk Search 10-11-2013 1 4	1	4
PANIC - Splunk 6 can't find any lookup fields When I arrived in the office today I discovered our Splunk 6 logs were filling with errors like these: 10-10-2013 08... by richgalloway SplunkTrust in Splunk Search 10-11-2013 1 3	1	3
Conver string to time duration. Hi I have logs where the media length/duration is displayed in a non standard format. anyone think this can be conve... by marquiselee Path Finder in Splunk Search 10-11-2013 0 4	0	4
avg(count) not working in timechart? I'm trying to chart the average count over a 24 hour span on a timechart, and it's just not working. The RegEx I'm us... by tfitzgerald15 Explorer in Splunk Search 10-11-2013 0 5	0	5
Horizon Charts Congrats on this great major release ! Are there any plans to introduce horizon charts(similar to sparklines but not... by splunk_zen Builder in Splunk Search 10-11-2013 0 5	0	5
Fieldset disappears when using table command I have recently upgraded from 4.3 to the latest 5.x version. I found that now when I use the table command the field... by JoeSco27 Communicator in Splunk Search 10-11-2013 0 2	0	2
Nested search to find the result Hi, I have come across a situation where I have a search string to find error id, then I need to search that error i... by bharatkalra New Member in Splunk Search 10-11-2013 0 4	0	4
Macro returns no result when applied Hello, Could someone explain what am I doing wrong in using a macro ? Here is the macros.conf file [GET_IP] defin... by klausJohan Path Finder in Splunk Search 10-11-2013 0 6	0	6
Form a single statistics from two different sources on common parameters Hi, I am using two different sources, for e.g.source1 and source2, which contains different numeric error on same tim... by harshal_chakran Builder in Splunk Search 10-11-2013 0 2	0	2
Plotting instances of logs onto chart Hi My log looks like this: 2013-10-07T15:37:27.334Z \| allepha \| 2013-10-07T16:37:04+01:00 info platform shell AppEx... by philallen1 Path Finder in Splunk Search 10-11-2013 0 2	0	2
How do I not show the value I do not want? For an apache access log file with an extra field I have created a field extraction myfield - it works great. I then... by mplungjan Path Finder in Splunk Search 10-11-2013 0 6	0	6