Splunk Search

Community Activity

adding up of two rows hi, when i run a following command it index="New" "Phase * ended" \| table phase_0_ended,phase-1-ended,datetime it... by harsh1734 New Member in Splunk Search 08-08-2013 0 1	0	1
Change/disable 4.2 Help link We're using Splunk on a network that is cordoned off from the interwebs. Is there a way that we could either disable... by kevintelford Path Finder in Splunk Search 08-07-2013 4 5	4	5
Interactive Field Extraction (regex) I have my data here Xml Data, I need to extract using Splunk IFX, Generated pattern (regex). Example 1: (22/7)19:55... by sbnoobbb Path Finder in Splunk Search 08-07-2013 0 2	0	2
wildcard monitoring Hi, I'm doing some testing in my lab, and want to monitor all files in a directory that don't have .csv. I have the ... by a212830 Champion in Splunk Search 08-07-2013 0 2	0	2
Find time range matching events in another log - subquery? I am new to splunk and cannot figure out how to do this - I have start and end transactions in a webAPI log that I p... by mvgetz Engager in Splunk Search 08-07-2013 2 1	2	1
Is it possible Prioritize Search from a specific Role/User Hi There, I was wondering if there is any way of prioritize searches from a Specific Role/User. Actually we have so... by saad_siddiqi Path Finder in Splunk Search 08-07-2013 0 2	0	2
Is there any way to globally disable auto-open? I know that it's possible to go into a dashboard's XML and disable auto-open. Is there any way to globally disable i... by responsys_cm Builder in Splunk Search 08-07-2013 1 3	1	3
Date Time parsed incorrectly We have data coming into Splunk that looks like: DATA_FEED[00ZA044]:08/07 06:59:59 Got 'ABCDL NO PENDING TRANSAC... by rmorlen Splunk Employee in Splunk Search 08-07-2013 0 9	0	9
Regex in Field Transform not greedy? Hi Base, could it be that Regexes in Field Transforms are not greedy? I am using this field transformation to extra... by Olli1919 Path Finder in Splunk Search 08-07-2013 0 3	0	3
All the numbers in the summary page went all weird (was: Corrupt MetaData?) Somehow, Splunk MetaData has become corrupt. My event counts are all off. What do I do? by the_wolverine Champion in Splunk Search 08-07-2013 3 4	3	4
help with apache access searching LogFormat "%h %l %u %t %P \"%r\" %>s %X %b %I %O %D \"%{Referer}i\" \"%{User-Agent}i\" \"%{Host}i\" \"%{X-Forwarded-F... by splunkmeuser New Member in Splunk Search 08-07-2013 0 6	0	6
field extractor help Hi, I need to extract some fields via field extractor. I got most of them, but it is ignoring the ones that have dec... by a212830 Champion in Splunk Search 08-07-2013 0 4	0	4
Get a Time Series in between The Event Times Hello Everyone, I was doing some aggregation with stats, i had to show all the events between 15 minutes interval. Th... by linu1988 Champion in Splunk Search 08-07-2013 0 3	0	3
DB Connect Tail Command not updating I am using a tail db command to pull events from a Oracle database every hour. I was able to pull in all of the data... by knewter Engager in Splunk Search 08-06-2013 0 8	0	8
Searching _fishbucket I'm trying to figure out how to analyze and manage specific records in the _fishbucket index. I have big directorie... by pembleton Path Finder in Splunk Search 08-06-2013 1 3	1	3
Splunk-perfmon failing: InitQuery failed in PeriodicDataCollector::tick Hi all, I'm pulling some logs in from Windows perfmon. All was going well, but now I am seeing the following error... by BenjaminWyatt Communicator in Splunk Search 08-06-2013 0 3	0	3
The lookup table 'nix_action_lookup' does not exist. It is referenced by configuration 'IDS Arg this is so frustrating. I cant find the nix_action_lookup and I can't find the IDS config. How do i troubleshoo... by hartfoml Motivator in Splunk Search 08-06-2013 0 4	0	4
Bad timestamps in DB Connect query results I am running a query via a created dashboard on one of my production databases. I defined this in the DB Connect app,... by Karunamon Explorer in Splunk Search 08-06-2013 0 4	0	4
why does this form search work Can anybody enlighten me on why the form below (shortened) works when it's designed exactly this way, but not in any ... by usd0872 Path Finder in Splunk Search 08-06-2013 1 2	1	2
Having issues with Subquery when comparing two searches of same source at different points in time We're trying to compare searches from our Security source, trying to see if someone hasn't logged in within the last ... by mhamill Engager in Splunk Search 08-06-2013 0 2	0	2
improving lookup and inputlookup performance Hi, when trying to filter a high EPS feed with a lookup I am experiencing quite some performance issues. Are are kno... by Olli1919 Path Finder in Splunk Search 08-06-2013 0 5	0	5
chart drill down to table Hello, We have the following table with this search but would like to drill down to a table with just the ticket det... by aaronkorn Splunk Employee in Splunk Search 08-06-2013 0 2	0	2
Search Bucket ID Range Greetz, Is it possible to search a range of bucket ids? I have moved a lot of warm/cold buckets and scrubbed the id... by ephemeric Contributor in Splunk Search 08-06-2013 0 2	0	2
Lookups and non matching values One of our users has a lookup requirement that I'm struggling to find a workable solution. They want to have a numbe... by samhughe Path Finder in Splunk Search 08-06-2013 0 4	0	4
timechart with SLA value I would like to create a timechart with an SLA value. I have tried this search sourcetype=foo \| eval sla=50 \| timech... by hartfoml Motivator in Splunk Search 08-06-2013 0 4	0	4