Splunk Search

Community Activity

What search commands are supported by real-time searches? What search commands are supported by real-time searches? I can't find this information in the manual. by Jason Motivator in Splunk Search 09-27-2013 0 4	0	4
Another lookup question I have this working: \| lookup SensitiveGroups.csv Target_Account_Name OUTPUT CSV_Priority \| search CSV_Priority="Low... by jonbalderston Explorer in Splunk Search 09-27-2013 0 3	0	3
Radial gauge ticks interval Hi I got a Radial gauge going to 1 to 4 like this <module name="HiddenChartFormatter"> <param name="charting.ch... by timmalos Communicator in Splunk Search 09-27-2013 0 1	0	1
Finding which app is doing certain field extractions Hi all, I'm doing some RADIUS stuff and notice there are a load of fields popping up that seem to be provided by ano... by Narj Path Finder in Splunk Search 09-27-2013 1 5	1	5
How do I run a real-time subsearch? I am trying to join in some status information in real-time against a static list of data, but getting an error when ... by Jason Motivator in Splunk Search 09-27-2013 0 14	0	14
Null/empty data and sparkline Hi, I've got some data that reports the number of users once per day, like: users=1000 users=1500 users=9001 I'm tr... by rereeser Explorer in Splunk Search 09-27-2013 0 2	0	2
Help charting the total count on line chart? Hey guys. So I need to display a dashboard panel with a single line, the total count of all hits from the Palo Altos ... by tfitzgerald15 Explorer in Splunk Search 09-26-2013 0 2	0	2
Any point in updating Sampledata.zip? Is there any point in periodically updating Sampledata.zip, and if so how does one best go about it? by RVDowning Contributor in Splunk Search 09-26-2013 0 6	0	6
Number of distinct days an event occurs on, within the last month I would like to chart a count of how many distinct days users logged into our system within the past 7 days. When I t... by fuzzy_rocks Explorer in Splunk Search 09-26-2013 0 2	0	2
Adding one more field to a sub-search. Hey guys , I have created a subsearch for my firewall log files : sourcetype="honetnet" [search sourcetype ="honetn... by cheukkay Engager in Splunk Search 09-26-2013 0 1	0	1
A Chart with data on y-axis Hi, I've requirement where in the process like proces1, process2 need to be on y-axis and corresponding time on x-ax... by ChhayaV Communicator in Splunk Search 09-26-2013 0 1	0	1
Adding seconds to _time hi, I want to add some seconds in the current _time. Is there any build in function for it? e.g_time=23:03:39.022 a... by ChhayaV Communicator in Splunk Search 09-26-2013 0 10	0	10
Locating missing events Hey all, I've searched for an answer to this but cannot see one, so apologies if this has been answered before. Som... by justinfranks Path Finder in Splunk Search 09-25-2013 0 4	0	4
Search: time limit [subsearch]: Search auto-finalized after time limit reached (60 seconds). Results may be incomplete. How can I ... by wyang6 Path Finder in Splunk Search 09-25-2013 2 4	2	4
Use Regex to extract a variable number of fields I would like to perform search time field extraction on text that is already being stored in a field to break it up i... by JWBailey Communicator in Splunk Search 09-25-2013 0 2	0	2
only show 2 decimal places Currently doing a search and converting results from KB to MB but I only want to see 2 decimal places not 6 as it's c... by mileven Explorer in Splunk Search 09-25-2013 0 2	0	2
Group repeating values of a field I have a csv data source with example values as follows MAC_ID, SSID AAAA.AAAA.AAAA, TEST BBBB.BBBB.BBBB, TEST CCCC.... by jedatt01 Builder in Splunk Search 09-25-2013 0 5	0	5
show count as zero if no data found Hello, I have a search like this: sourcetype="mysource" \| stats count by field I need to show zero if the field doesn... by royimad Builder in Splunk Search 09-25-2013 0 4	0	4
HALP! Consulting the summary dashboard of the search app causes my system to run out of memory! I have noticed that when users leave browsers open on the summary dashboard of the search app (http://host.example.co... by hexx Splunk Employee in Splunk Search 09-25-2013 11 8	11	8
Height of charts in generated PDFs I want to have a Simple XML dashboard with twelve rows (one chart each, two per working day, scheduled every weekend)... by martin_mueller SplunkTrust in Splunk Search 09-24-2013 1 2	1	2
how to create a top 5 of results and a bin for the rest of them (sorted stack bars) Hi, Now that I know, thanks to R.Turk, how to sort stacked bar charts I wanted to pick a top 5 of the results. This ... by wsw70 Communicator in Splunk Search 09-24-2013 0 4	0	4
SplunkWeb service is not being started I have installed 'splunk-5.0.4-172409-x64-release.msi' in my local machine (Windows-7, 64 bit) as Local System User. ... by nverma Engager in Splunk Search 09-24-2013 0 6	0	6
Geoip - Limiting what is displayed In my search on a display: index="stuff" severity="high" OR severity="medium" \| top attacker limit=20 \| geoip attac... by Armyeric Path Finder in Splunk Search 09-24-2013 0 2	0	2
Look up table question Hi, We have a filed called BOTs which extracts all the legitimate BOTs (which have +http://.... in the user agent)... by xvxt006 Contributor in Splunk Search 09-24-2013 0 7	0	7
Transaction or bucket not working for TOP command I am using the top command to see splunkd resource use just like SOS I would like to see the total CPU and MEMORY us... by hartfoml Motivator in Splunk Search 09-24-2013 0 3	0	3