Splunk Search

Community Activity

Search latest indexed file for different sourcetype Hi, I have 3 sources from which the files are loaded into Splunk, the time of arrival of files and frequency is diff... by meenal901 Communicator in Splunk Search 10-07-2013 0 1	0	1
Unidimensional histogram (chart without "by" clause) I have difficulties to create a simple, unidimentional histogram. Suppose you have a log similar to this: host=host1 ... by yoho Contributor in Splunk Search 10-07-2013 2 4	2	4
Exception when running a search in Hunk I see the following exception in search.log when running a Hunk search against my cluster: Exception in thread "main... by Ledion_Bitincka Splunk Employee in Splunk Search 10-06-2013 0 1	0	1
How to change the text box layout (not panel layout)? Hi Splunkers, I have a question about text box layout in dashboard or view. In simple XML, we can look at text box i... by sunrise Contributor in Splunk Search 10-06-2013 0 3	0	3
Create a table in my search when I enable/disable account but not when I create account. Hello guys, I have a question about a query search. I have two queries associated with Windows. My first query is... by dfigurello Communicator in Splunk Search 10-06-2013 1 2	1	2
Substitute a value in the search result I have a search result which returns me the following Username,TimeOnVPN user1,185.25 user2,1920.25 ... ... ... user... by ppurokit Path Finder in Splunk Search 10-06-2013 0 2	0	2
Count number of Transaction every hour 2013-09-20 16:53:04,723 INFO[Thread-3]EndTime=20/09/2013 16:53:04 TransactionID=A, Event=completed, Result=sent 2013... by thinksplunk Engager in Splunk Search 10-04-2013 0 2	0	2
Help for timechart display hi this is mt search index=tm_idx host="server" "finished executing normally" \| rex field=_raw "(?i)Process\s\"(?<P... by ChhayaV Communicator in Splunk Search 10-04-2013 0 4	0	4
insert the earliest and latest in the DBquery Hello I'm breaking my brain for make one thing. I recovery the data from External database, in this point no problem... by radomo Explorer in Splunk Search 10-03-2013 0 2	0	2
How to limit primary search based on time interval from subsearch -- dynamic time interval ; time delta In order to query from an external firewall log that contains say "badwebsite.com" and join those results back throug... by TobiasBoone Communicator in Splunk Search 10-03-2013 3 6	3	6
Splunk web not showing login fields JAVAscript enabled Not able to see login fields when launching splunk web ... Javascript enabled in browser and no iptables issue etc ... by Mag2sub Path Finder in Splunk Search 10-03-2013 1 16	1	16
rex mode=sed syntax I apolagize for the simplicity of this question. I have scowered all over splunk answers and could find or make sense... by cschafer1 New Member in Splunk Search 10-03-2013 0 3	0	3
Data Discovery of Index Fields Does anyone know how to generate a report listing all fields (from an index) and their respective info (example follo... by aportela_work Explorer in Splunk Search 10-03-2013 0 3	0	3
"Write access to the proxy endpoint is disabled. " for any searches after upgrading from 5.0.4 to 6.0 I get the following error for all of my searches after upgrading from 5.0.4 to 6.0: Write access to the proxy endpoi... by DaClyde Contributor in Splunk Search 10-03-2013 0 7	0	7
Function results and evaluating them Soo - I got this great search to show how many hosts at each location we are getting logs from. I want to only disp... by rudy_dom Engager in Splunk Search 10-03-2013 0 1	0	1
eval macro with a case statement errors source="PerfMetrics" "OPEN PLAN" OSArch=64-bit PlanMode=Server \| transaction Guid startswith="OPEN PLAN START" endsw... by RVDowning Contributor in Splunk Search 10-03-2013 0 2	0	2
Overlay search results on a background image My company leverages background images to describe our security architecture around inbound email and on quarterly ba... by bbthesplunk Explorer in Splunk Search 10-03-2013 0 1	0	1
Subquery to get rows Hi What is the syntax using subquery to get all rows having the same correlation id that of an inbound call with a gi... by Ravman New Member in Splunk Search 10-03-2013 0 1	0	1
Where to store a variable value I want to search for all records where some field value is greater than X where X is some number. A number of searche... by RVDowning Contributor in Splunk Search 10-02-2013 0 3	0	3
[RESOLVED] Regex works with rex but errors in transforms.conf [RESOLVED] The extract was defined in the transforms.conf in an app which had the "Sharing for config file-only objec... by ww9rivers Contributor in Splunk Search 10-02-2013 0 3	0	3
Any way to fetch logs via ssh I have a splunk server and ssh access to a server with read-only access to logs. I can ssh from the machine on which ... by hatim New Member in Splunk Search 10-02-2013 0 2	0	2
Extracting an alphanumeric expression from a line I have a logger like below and I need to extract the alphanumeric word from this line- "My employeeID E1233244345 is... by shilpi New Member in Splunk Search 10-02-2013 0 2	0	2
Search job inspector discrepancies I have a search inputs a fairly large lookup table (150 MB). The execution costs are shown as: Execution costs Dura... by responsys_cm Builder in Splunk Search 10-02-2013 0 1	0	1
How do I search for a Term, then get the Percentage out of Total? I'm writing a search query that needs to look for a specific word SPECIFIC_WORD in the logs of host HOST_X and then d... by mkarimi Path Finder in Splunk Search 10-02-2013 0 2	0	2
Resolve IP to Host I am creating a failed login report from WMI security log entires. My temporary search command looks like: sourcety... by lain179 Communicator in Splunk Search 10-02-2013 0 5	0	5