Splunk Search

Community Activity

Seach query Hello, My scripted input is configured to poll a particular resource and index into an event the JSON object that it... by klausJohan Path Finder in Splunk Search 10-10-2013 0 1	0	1
Chart set range value Hi, I have a perfmon counter which is monitoring the SLA, most of the time it's constant in a huge number(millions),... by markgomez00 Explorer in Splunk Search 10-10-2013 1 2	1	2
Find where a forwarder is forwarding too Hey Guys I have multiple DMZs with forwarders all over the places that send to specific main forwarders if you like ... by AaronMoorcroft Communicator in Splunk Search 10-10-2013 0 4	0	4
Cannot get external lookup to work I am trying to set up a lookup in my test environment to hopefully push out to production. I have created an app and... by vincesesto Communicator in Splunk Search 10-10-2013 0 8	0	8
How to put search result to google map ? HI, I would like to put search output to google maps. At the momement I`m not talking about geoip or something simi... by konradwawryn Explorer in Splunk Search 10-09-2013 0 1	0	1
If Then? Can this be done with Splunk First off, I’m not very strong in the scripting so If Then might not even be what I need to use. I thought Splunk ju... by pwjohnston79 New Member in Splunk Search 10-09-2013 0 3	0	3
サーチジョブ調査の入力カウントについてサーチジョブ調査で表示される入力カウントは何をカウントしてるんでしょうか？カスタムコマンドを使ってサーチした際に１万件のデータに対して１５万件とカウントされました。何か情報があればお願いします。使ったカスタムコマンドは項目の値を変換す... by HiroshiSatoh Champion in Splunk Search 10-09-2013 0 3	0	3
Search on Google Maps App 下記のGoogle mapsでのサーチ文でそれぞれカウント数が違うのですが、この二つのサーチでカウントしているものの違いを詳しく教えて頂けますでしょうか。ちなみに、ここで使っているログにはclientipはなく、latとlngがすで... by appleman Contributor in Splunk Search 10-09-2013 0 3	0	3
How to extract a very long field with special characters? I am trying to extract a field with 2 distinct problems: The field length can often creep above 498 characters. Thi... by hulahoop Splunk Employee in Splunk Search 10-09-2013 0 5	0	5
Filtering events and Windows Platform Filtering events When adding a new filter to props.conf and transforms.conf does it remove events that have already been indexed or on... by ejdavis Path Finder in Splunk Search 10-09-2013 0 7	0	7
Too many search jobs found in the dispatch directory (found=3079, warning level=2000). This could negatively impact Splunk's performance, consider removing some of the old search jobs. There is no information on any jobs that can be ran within Splunk to auto remove these stagnant searches. There shoul... by blasighb Engager in Splunk Search 10-09-2013 1 2	1	2
Mixed Multivalued Field Extraction I am having some issues pulling fields out of some particularly strange logging statements, kind of a mix of multival... by brianjbrady Engager in Splunk Search 10-09-2013 0 4	0	4
Indexing mySQL database I am attempting to index a mySQL database as searching for me is much easier using the SPL. I currently have a DB Con... by antlefebvre Communicator in Splunk Search 10-09-2013 0 2	0	2
Count unique values from a text result I have the following result from a simple query: 184.168.152.54 10.10.42.61 - - [09/Oct/2013:09:14:38 -0500] "GET /t... by aionius New Member in Splunk Search 10-09-2013 0 2	0	2
Join search with multi-values I have a join on two searches, from the first search, the data return is the same as the following table (equivalent ... by pbarford Explorer in Splunk Search 10-09-2013 0 3	0	3
Randomly inconsistent search result Hi, I am executing a search on Splunk through my java application. The search query is executed through the followin... by Salim_Uddin Engager in Splunk Search 10-09-2013 0 3	0	3
how to set time distance between operations in search? Hello! i need to find clients who had operation "registration" and within 24 hours operation "payment" how can I set ... by zoyaO New Member in Splunk Search 10-09-2013 0 4	0	4
Time Difference in the transaction Below is a sample log, i want to find time difference. By this query index=[search] \| transaction startswith="A star... by sanyonhhh New Member in Splunk Search 10-09-2013 0 11	0	11
Title inside a dasboard Hi, I've to create dashborad with two section in it. How should i give title for these sections inside dashboard. C... by ChhayaV Communicator in Splunk Search 10-09-2013 0 4	0	4
Extract values from all matches in regex I have a line in my log like this 013-09-30 23:55:32,954 [pool-13-thread-18655] INFO c.p.d.r.c.release.MessageReleas... by pbarford Explorer in Splunk Search 10-09-2013 1 3	1	3
I want to search on another Splunk instance We have two separate instances of Splunk 6 (A & B) installed on two different servers that are set up independently f... by sc0tt Builder in Splunk Search 10-08-2013 1 5	1	5
did something change in 4.3.3 or recently around setup.xml? I haven't tested the setup.xml workflows in my apps in a while but for some reason they all seem to be broken now, ev... by sideview SplunkTrust in Splunk Search 10-08-2013 2 4	2	4
search a subnet How do I specify a search on a certain subnet? by btnetsec New Member in Splunk Search 10-08-2013 0 3	0	3
Filtering Fields host=server sourcetype=iis src_ip=* NOT src_ip="x.x.x.x" This Search gives me some very helpful information - but r... by wrays New Member in Splunk Search 10-08-2013 0 4	0	4
email alert for time period that contains multiple items I want to send an email alert only when the last X minutes of a log contains "net1 down", "net2 down", "net3 down", a... by scr4tchfury Engager in Splunk Search 10-08-2013 0 4	0	4