Splunk Search

Community Activity

Conver string to time duration. Hi I have logs where the media length/duration is displayed in a non standard format. anyone think this can be conve... by marquiselee Path Finder in Splunk Search 10-11-2013 0 4	0	4
avg(count) not working in timechart? I'm trying to chart the average count over a 24 hour span on a timechart, and it's just not working. The RegEx I'm us... by tfitzgerald15 Explorer in Splunk Search 10-11-2013 0 5	0	5
Horizon Charts Congrats on this great major release ! Are there any plans to introduce horizon charts(similar to sparklines but not... by splunk_zen Builder in Splunk Search 10-11-2013 0 5	0	5
Fieldset disappears when using table command I have recently upgraded from 4.3 to the latest 5.x version. I found that now when I use the table command the field... by JoeSco27 Communicator in Splunk Search 10-11-2013 0 2	0	2
Nested search to find the result Hi, I have come across a situation where I have a search string to find error id, then I need to search that error i... by bharatkalra New Member in Splunk Search 10-11-2013 0 4	0	4
Macro returns no result when applied Hello, Could someone explain what am I doing wrong in using a macro ? Here is the macros.conf file [GET_IP] defin... by klausJohan Path Finder in Splunk Search 10-11-2013 0 6	0	6
Form a single statistics from two different sources on common parameters Hi, I am using two different sources, for e.g.source1 and source2, which contains different numeric error on same tim... by harshal_chakran Builder in Splunk Search 10-11-2013 0 2	0	2
Plotting instances of logs onto chart Hi My log looks like this: 2013-10-07T15:37:27.334Z \| allepha \| 2013-10-07T16:37:04+01:00 info platform shell AppEx... by philallen1 Path Finder in Splunk Search 10-11-2013 0 2	0	2
How do I not show the value I do not want? For an apache access log file with an extra field I have created a field extraction myfield - it works great. I then... by mplungjan Path Finder in Splunk Search 10-11-2013 0 6	0	6
Lookup Script doesn't return search results Below is the props.conf at $SPLUNK_HOME/etc/system/local: [SPLUNK_SERVICE_Log] lookup_table = namelookup Id OUTP... by bansi Path Finder in Splunk Search 10-10-2013 1 12	1	12
Can customized SearchBar be readonly? Hello Splunk Experts, I have a SearchBar that inherit it's value from a Search $calculation$ I would like tha... by royimad Builder in Splunk Search 10-10-2013 1 2	1	2
How to extract a variable number of fields? Given the following data sample of 4 events where each event has a number immediately after the timestamp that indica... by hulahoop Splunk Employee in Splunk Search 10-10-2013 2 3	2	3
Multi-Axis timechart I am wanting to timechart total logins, login failures, and failure rate on a mult-axis graph. So time across the bo... by schlapfer New Member in Splunk Search 10-10-2013 0 1	0	1
columnグラフにlineグラフをのせたときの単位の設定方法以下の画像のように、棒グラフ上にライングラフを載せた場合、両サイドに棒グラフの単位とライングラフの単位が表示されると思いますが、この単位を両サイド同じ単位（間隔）に合わせる方法をご教示下さい。 Hello, I created th... by appleman Contributor in Splunk Search 10-10-2013 0 2	0	2
Seach query Hello, My scripted input is configured to poll a particular resource and index into an event the JSON object that it... by klausJohan Path Finder in Splunk Search 10-10-2013 0 1	0	1
Chart set range value Hi, I have a perfmon counter which is monitoring the SLA, most of the time it's constant in a huge number(millions),... by markgomez00 Explorer in Splunk Search 10-10-2013 1 2	1	2
Find where a forwarder is forwarding too Hey Guys I have multiple DMZs with forwarders all over the places that send to specific main forwarders if you like ... by AaronMoorcroft Communicator in Splunk Search 10-10-2013 0 4	0	4
Cannot get external lookup to work I am trying to set up a lookup in my test environment to hopefully push out to production. I have created an app and... by vincesesto Communicator in Splunk Search 10-10-2013 0 8	0	8
How to put search result to google map ? HI, I would like to put search output to google maps. At the momement I`m not talking about geoip or something simi... by konradwawryn Explorer in Splunk Search 10-09-2013 0 1	0	1
If Then? Can this be done with Splunk First off, I’m not very strong in the scripting so If Then might not even be what I need to use. I thought Splunk ju... by pwjohnston79 New Member in Splunk Search 10-09-2013 0 3	0	3
サーチジョブ調査の入力カウントについてサーチジョブ調査で表示される入力カウントは何をカウントしてるんでしょうか？カスタムコマンドを使ってサーチした際に１万件のデータに対して１５万件とカウントされました。何か情報があればお願いします。使ったカスタムコマンドは項目の値を変換す... by HiroshiSatoh Champion in Splunk Search 10-09-2013 0 3	0	3
Search on Google Maps App 下記のGoogle mapsでのサーチ文でそれぞれカウント数が違うのですが、この二つのサーチでカウントしているものの違いを詳しく教えて頂けますでしょうか。ちなみに、ここで使っているログにはclientipはなく、latとlngがすで... by appleman Contributor in Splunk Search 10-09-2013 0 3	0	3
How to extract a very long field with special characters? I am trying to extract a field with 2 distinct problems: The field length can often creep above 498 characters. Thi... by hulahoop Splunk Employee in Splunk Search 10-09-2013 0 5	0	5
Filtering events and Windows Platform Filtering events When adding a new filter to props.conf and transforms.conf does it remove events that have already been indexed or on... by ejdavis Path Finder in Splunk Search 10-09-2013 0 7	0	7
Too many search jobs found in the dispatch directory (found=3079, warning level=2000). This could negatively impact Splunk's performance, consider removing some of the old search jobs. There is no information on any jobs that can be ran within Splunk to auto remove these stagnant searches. There shoul... by blasighb Engager in Splunk Search 10-09-2013 1 2	1	2