Splunk Search

Community Activity

Send log to another index I'm getting logs on port 9997 of my splunk server and they go straight to the "main" index. How do I change to go to ... by natsplunk New Member in Splunk Search 08-08-2013 0 1	0	1
DB Connect & Refreshing Hi! I am using the DB Connect app to successfully bring in a SQLite3 database. This database gets updated every 15 mi... by cpbridges New Member in Splunk Search 08-08-2013 0 3	0	3
Saved Searches fail to generate PDF attachment for email We're running 4.1.7 under CentOS 64bit. With the PDF server installed, we can't get PDFs generated as attachments to... by allencb Engager in Splunk Search 08-08-2013 0 5	0	5
eval and "\|search" question So I have a search that runs over a 4h time span that Only gives results when the number of event of one kind are as ... by cpeteman Contributor in Splunk Search 08-08-2013 1 5	1	5
Sourcetype started indexing to wrong date - MDY to YMD Hi All, I recently started having an issue with a few of my sourcetypes where they are logging to the wrong date. Th... by drcheeves New Member in Splunk Search 08-08-2013 0 2	0	2
adding up of two rows hi, when i run a following command it index="New" "Phase * ended" \| table phase_0_ended,phase-1-ended,datetime it... by harsh1734 New Member in Splunk Search 08-08-2013 0 1	0	1
Change/disable 4.2 Help link We're using Splunk on a network that is cordoned off from the interwebs. Is there a way that we could either disable... by kevintelford Path Finder in Splunk Search 08-07-2013 4 5	4	5
Interactive Field Extraction (regex) I have my data here Xml Data, I need to extract using Splunk IFX, Generated pattern (regex). Example 1: (22/7)19:55... by sbnoobbb Path Finder in Splunk Search 08-07-2013 0 2	0	2
wildcard monitoring Hi, I'm doing some testing in my lab, and want to monitor all files in a directory that don't have .csv. I have the ... by a212830 Champion in Splunk Search 08-07-2013 0 2	0	2
Find time range matching events in another log - subquery? I am new to splunk and cannot figure out how to do this - I have start and end transactions in a webAPI log that I p... by mvgetz Engager in Splunk Search 08-07-2013 2 1	2	1
Is it possible Prioritize Search from a specific Role/User Hi There, I was wondering if there is any way of prioritize searches from a Specific Role/User. Actually we have so... by saad_siddiqi Path Finder in Splunk Search 08-07-2013 0 2	0	2
Is there any way to globally disable auto-open? I know that it's possible to go into a dashboard's XML and disable auto-open. Is there any way to globally disable i... by responsys_cm Builder in Splunk Search 08-07-2013 1 3	1	3
Date Time parsed incorrectly We have data coming into Splunk that looks like: DATA_FEED[00ZA044]:08/07 06:59:59 Got 'ABCDL NO PENDING TRANSAC... by rmorlen Splunk Employee in Splunk Search 08-07-2013 0 9	0	9
Regex in Field Transform not greedy? Hi Base, could it be that Regexes in Field Transforms are not greedy? I am using this field transformation to extra... by Olli1919 Path Finder in Splunk Search 08-07-2013 0 3	0	3
All the numbers in the summary page went all weird (was: Corrupt MetaData?) Somehow, Splunk MetaData has become corrupt. My event counts are all off. What do I do? by the_wolverine Champion in Splunk Search 08-07-2013 3 4	3	4
help with apache access searching LogFormat "%h %l %u %t %P \"%r\" %>s %X %b %I %O %D \"%{Referer}i\" \"%{User-Agent}i\" \"%{Host}i\" \"%{X-Forwarded-F... by splunkmeuser New Member in Splunk Search 08-07-2013 0 6	0	6
field extractor help Hi, I need to extract some fields via field extractor. I got most of them, but it is ignoring the ones that have dec... by a212830 Champion in Splunk Search 08-07-2013 0 4	0	4
Get a Time Series in between The Event Times Hello Everyone, I was doing some aggregation with stats, i had to show all the events between 15 minutes interval. Th... by linu1988 Champion in Splunk Search 08-07-2013 0 3	0	3
DB Connect Tail Command not updating I am using a tail db command to pull events from a Oracle database every hour. I was able to pull in all of the data... by knewter Engager in Splunk Search 08-06-2013 0 8	0	8
Searching _fishbucket I'm trying to figure out how to analyze and manage specific records in the _fishbucket index. I have big directorie... by pembleton Path Finder in Splunk Search 08-06-2013 1 3	1	3
Splunk-perfmon failing: InitQuery failed in PeriodicDataCollector::tick Hi all, I'm pulling some logs in from Windows perfmon. All was going well, but now I am seeing the following error... by BenjaminWyatt Communicator in Splunk Search 08-06-2013 0 3	0	3
The lookup table 'nix_action_lookup' does not exist. It is referenced by configuration 'IDS Arg this is so frustrating. I cant find the nix_action_lookup and I can't find the IDS config. How do i troubleshoo... by hartfoml Motivator in Splunk Search 08-06-2013 0 4	0	4
Bad timestamps in DB Connect query results I am running a query via a created dashboard on one of my production databases. I defined this in the DB Connect app,... by Karunamon Explorer in Splunk Search 08-06-2013 0 4	0	4
why does this form search work Can anybody enlighten me on why the form below (shortened) works when it's designed exactly this way, but not in any ... by usd0872 Path Finder in Splunk Search 08-06-2013 1 2	1	2
Having issues with Subquery when comparing two searches of same source at different points in time We're trying to compare searches from our Security source, trying to see if someone hasn't logged in within the last ... by mhamill Engager in Splunk Search 08-06-2013 0 2	0	2