Splunk Search

Community Activity

Ways to store a list/conditionals in search settings? Hey guys, I am trying to keep my search code as neat as possible. I have a simple code that uses key words to help ... by ktrumpol Path Finder in Splunk Search 06-24-2013 0 5	0	5
How do I organize a table by time without altering other data? I have a table with three columns displaying one with user names and two differing ones arranged by user names. I wan... by mab17 New Member in Splunk Search 06-24-2013 0 2	0	2
searching TOP query Hi Folks, First time using splunk, i've managed to get my draytek router chucking the logs to splunk. id like to per... by rootadmin New Member in Splunk Search 06-24-2013 0 1	0	1
Splunkd.log fills with messages LMUtil - found a future time=1512518400 today=1370995200 Splunkd.log fills with messages like LMUtil - found a future time=1372085077 today=1372085076 The future date is 24 J... by dshakespeare_sp Splunk Employee in Splunk Search 06-24-2013 0 1	0	1
Find range between min and max values for field in transaction Hi everyone. I have this query which works really well. It is returning an identifier and list of descriptions, dates... by matthewcanty Communicator in Splunk Search 06-24-2013 0 4	0	4
Create a list Hi Im very new to splunk (first day using it) Is it possible to create a list of known mac addresses so that i can ... by rootadmin New Member in Splunk Search 06-24-2013 0 1	0	1
Event for when a log host or source fails Is there a way to configure an event to fire when a certain log host or source fails to send logs after a given amoun... by jasrich New Member in Splunk Search 06-24-2013 0 2	0	2
Search for 5 maximal values per field Hi All, My data in Splunk contains information about sales from different store branches. More specifically, I have ... by omend Path Finder in Splunk Search 06-24-2013 0 4	0	4
Empty csv lookup file (contains only a header) I'm getting an error message complaining about a CSV based lookup file containing only a header. But it doesn't. It's... by Dimitri_McKay Splunk Employee in Splunk Search 06-24-2013 2 11	2	11
Three different search on single chart Hi, I've three different types of logs. Sharepoint: 04/14/2013 23:51:56.49 wsstracing.exe (0x0B14) ... by ChhayaV Communicator in Splunk Search 06-23-2013 0 3	0	3
Calculate Processing time for transactions/snapshots I'am a total newbie on splunk, so I would really appreciate your help. right now i have these query index=[index] h... by markgomez00 Explorer in Splunk Search 06-23-2013 0 1	0	1
How do check the number of events of an index? For example, I have added some other indexes, I want to know that whether the events have been sent into the correspo... by perlish Communicator in Splunk Search 06-23-2013 0 3	0	3
Improve my search commands for weather Given search below, do anyone have a better way of displaying my result on a chart ? The weather data is updated ever... by sbnoobbb Path Finder in Splunk Search 06-23-2013 1 6	1	6
The events time do not march the time field in events Why the time of a part of the events are different from what the time field show? And how to set the config to make t... by perlish Communicator in Splunk Search 06-23-2013 0 3	0	3
Send fields from subsearch to main search Here is what I'm trying to do: I have two events- both have the field 'requestId'. One of them has the field 'process... by merrin Engager in Splunk Search 06-23-2013 0 1	0	1
For how many days we can get the audit.log - in splunk ? Since 5th December 2012 , I am using Splunk on windows OS. For audit purpose i need the audit.log files from Decembe... by chimbudp Contributor in Splunk Search 06-22-2013 0 3	0	3
CIDR Blocks in a lookup table Hi, i have CSV file for a IP lookups. Question is can i use a CIDR block in the csv file? and when search time will ... by xvxt006 Contributor in Splunk Search 06-22-2013 0 3	0	3
Best way to filter clientips as internal/external and group them by class Given a set of clientip values from internal IP's, external IP's, as well as different classes of internal networks o... by sideview SplunkTrust in Splunk Search 06-22-2013 2 3	2	3
Regex expression Help pls ! urgent ! I have these fields time : 1371877918 windBearing : 209 windSpeed : 6.34 psiAverage : 186 latitude : 1.429463 longi... by kailun92 Communicator in Splunk Search 06-22-2013 1 5	1	5
Generated pattern (regex) I need to extract both of the words, is there anyone that knows how ? I have used this (?i)summary : (?P<FIELDNAME>[... by kailun92 Communicator in Splunk Search 06-22-2013 1 8	1	8
Extracting fields using regex When i try to extract a field using this (?i)humidity : (?P.+) expression. The result below is given. Is there anyway... by kailun92 Communicator in Splunk Search 06-21-2013 1 3	1	3
Detection of repeating values over a period I have a log that contains details of policy violations committed by users and this is available for a period of few ... by anusuya_k New Member in Splunk Search 06-21-2013 0 4	0	4
HiddenChartFormatter: how to pass "external" value with an intention Hi guys, I have this situation: I have an HiddenSearch that receives a value (ID of a process) through and intention... by RiccardoV Communicator in Splunk Search 06-21-2013 0 1	0	1
Lookup table question Hi, i have a lookup table where i have the below values My questions are: When i specify CIDR block would it work? o... by xvxt006 Contributor in Splunk Search 06-21-2013 0 5	0	5
Grouping of similar events Hi, How can we associate log entries that lead to a particular issue. I mean suppose there is button click event(Sa... by ChhayaV Communicator in Splunk Search 06-21-2013 0 6	0	6