Splunk Search

Community Activity

show count as zero if no data found Hello, I have a search like this: sourcetype="mysource" \| stats count by field I need to show zero if the field doesn... by royimad Builder in Splunk Search 09-25-2013 0 4	0	4
HALP! Consulting the summary dashboard of the search app causes my system to run out of memory! I have noticed that when users leave browsers open on the summary dashboard of the search app (http://host.example.co... by hexx Splunk Employee in Splunk Search 09-25-2013 11 8	11	8
Height of charts in generated PDFs I want to have a Simple XML dashboard with twelve rows (one chart each, two per working day, scheduled every weekend)... by martin_mueller SplunkTrust in Splunk Search 09-24-2013 1 2	1	2
how to create a top 5 of results and a bin for the rest of them (sorted stack bars) Hi, Now that I know, thanks to R.Turk, how to sort stacked bar charts I wanted to pick a top 5 of the results. This ... by wsw70 Communicator in Splunk Search 09-24-2013 0 4	0	4
SplunkWeb service is not being started I have installed 'splunk-5.0.4-172409-x64-release.msi' in my local machine (Windows-7, 64 bit) as Local System User. ... by nverma Engager in Splunk Search 09-24-2013 0 6	0	6
Geoip - Limiting what is displayed In my search on a display: index="stuff" severity="high" OR severity="medium" \| top attacker limit=20 \| geoip attac... by Armyeric Path Finder in Splunk Search 09-24-2013 0 2	0	2
Look up table question Hi, We have a filed called BOTs which extracts all the legitimate BOTs (which have +http://.... in the user agent)... by xvxt006 Contributor in Splunk Search 09-24-2013 0 7	0	7
Transaction or bucket not working for TOP command I am using the top command to see splunkd resource use just like SOS I would like to see the total CPU and MEMORY us... by hartfoml Motivator in Splunk Search 09-24-2013 0 3	0	3
Sourcefire estreamer I'm trying to get estreamer working on splunk. I have downloaded the splunk app and configured the files in the app ... by timlaw71 Loves-to-Learn Lots in Splunk Search 09-24-2013 0 1	0	1
how to sort a stacked bar chart by "length" Hello, I have a report with a stacked bar chart I would like to sort by "length", ie. by the total number of events ... by wsw70 Communicator in Splunk Search 09-24-2013 2 2	2	2
How do I sort and get a count for specific data? I have the following search for my Cisco ASA event_desc="Deny TCP (no connection) from IP_address/port to IP_address... by sean_kirkpatric Engager in Splunk Search 09-24-2013 0 6	0	6
Combine two fields values in 1 value Hello, I searched for hours without any working result, sorry. Somes searches I'm running give out results, with a fi... by NewMilenium Path Finder in Splunk Search 09-24-2013 0 3	0	3
Scrolls in Timechart Hi, How can i put scrolls on the X-axis in time chart so that i can view the entire time range. Thanks by ChhayaV Communicator in Splunk Search 09-24-2013 0 1	0	1
Best practice for field extraction from multiple sources Hello, When extracting fields from different sources (syslog, IIS, file, ...), but they have the same semantic meani... by erzeelp New Member in Splunk Search 09-24-2013 0 1	0	1
About premium apps Would you please let me know about Premium Apps. I understood that Premium Apps can't be used on free license. Does i... by dai1219 Explorer in Splunk Search 09-24-2013 1 2	1	2
Extracting from multiple fields and group by Domain name My logs looks like this Tue Aug 27 2013 00:34:47 [DEV][MyTest][error] mpgw(IntegrationGateway): tid(372165969)[error... by thiagarajan Explorer in Splunk Search 09-23-2013 0 3	0	3
Return string of numbers after equals sign I'm trying to create a regex so that I can pull a string of numbers out of a log file. I can limit my search so that ... by AlexMcDuffMille Communicator in Splunk Search 09-23-2013 0 3	0	3
Compare two fields from different sources Hello, I'm trying to compare a host field from two different sources. I've managed to do that with the following ser... by gnoellbn Explorer in Splunk Search 09-23-2013 0 3	0	3
Building a gantt chart I saw the output of dbinspect and how it's used in the "Index health" graph on the "Index status" dashboard. It look... by vbumgarn Path Finder in Splunk Search 09-23-2013 8 4	8	4
Report to show missed schedule searches duo downtime Hello, i have some scheduled searches. Some run every 5 minutes, some 15 minutes some hourly etc. Some of those se... by Matthias_BY Communicator in Splunk Search 09-23-2013 1 4	1	4
How to calculate the total time taken for each transaction 2013-09-20 16:53:04,723 INFO[Thread-3]EndTime=20/09/2013 16:53:04 TransactionID=A, Event=completed, Result=sent 2013-... by thinksplunk Engager in Splunk Search 09-23-2013 0 7	0	7
Chart only plots 500 results Hi This seems like such a simple thing, yet I can't get it working in Splunk. This is my search: sourcetype="PADB... by philallen1 Path Finder in Splunk Search 09-23-2013 0 5	0	5
How to calculate duration inside a LDAP transaction for different LDAP operations An Example: Sep 20 12:36:30 simxxx slapd_simxxx[14304]: conn=2045 fd=28 ACCEPT from IP=99.888.7.50:50716 (IP=0.0.0.0... by sgoyal New Member in Splunk Search 09-23-2013 0 4	0	4
Importing charts from other languages Hi, Can i write a chart generating code in some other language and incorporate in splunk ? How it can be done? I wan... by ChhayaV Communicator in Splunk Search 09-23-2013 0 4	0	4
Gantt chart in splunk Hi, I am very new to Splunk and will be working on Splunk project. There is a requirement in my project to create Gan... by kasu_praveen Communicator in Splunk Search 09-22-2013 0 4	0	4