Splunk Search

Community Activity

Search for 5 maximal values per field Hi All, My data in Splunk contains information about sales from different store branches. More specifically, I have ... by omend Path Finder in Splunk Search 06-24-2013 0 4	0	4
Empty csv lookup file (contains only a header) I'm getting an error message complaining about a CSV based lookup file containing only a header. But it doesn't. It's... by Dimitri_McKay Splunk Employee in Splunk Search 06-24-2013 2 11	2	11
Three different search on single chart Hi, I've three different types of logs. Sharepoint: 04/14/2013 23:51:56.49 wsstracing.exe (0x0B14) ... by ChhayaV Communicator in Splunk Search 06-23-2013 0 3	0	3
Calculate Processing time for transactions/snapshots I'am a total newbie on splunk, so I would really appreciate your help. right now i have these query index=[index] h... by markgomez00 Explorer in Splunk Search 06-23-2013 0 1	0	1
How do check the number of events of an index? For example, I have added some other indexes, I want to know that whether the events have been sent into the correspo... by perlish Communicator in Splunk Search 06-23-2013 0 3	0	3
Improve my search commands for weather Given search below, do anyone have a better way of displaying my result on a chart ? The weather data is updated ever... by sbnoobbb Path Finder in Splunk Search 06-23-2013 1 6	1	6
The events time do not march the time field in events Why the time of a part of the events are different from what the time field show? And how to set the config to make t... by perlish Communicator in Splunk Search 06-23-2013 0 3	0	3
Send fields from subsearch to main search Here is what I'm trying to do: I have two events- both have the field 'requestId'. One of them has the field 'process... by merrin Engager in Splunk Search 06-23-2013 0 1	0	1
For how many days we can get the audit.log - in splunk ? Since 5th December 2012 , I am using Splunk on windows OS. For audit purpose i need the audit.log files from Decembe... by chimbudp Contributor in Splunk Search 06-22-2013 0 3	0	3
CIDR Blocks in a lookup table Hi, i have CSV file for a IP lookups. Question is can i use a CIDR block in the csv file? and when search time will ... by xvxt006 Contributor in Splunk Search 06-22-2013 0 3	0	3
Best way to filter clientips as internal/external and group them by class Given a set of clientip values from internal IP's, external IP's, as well as different classes of internal networks o... by sideview SplunkTrust in Splunk Search 06-22-2013 2 3	2	3
Regex expression Help pls ! urgent ! I have these fields time : 1371877918 windBearing : 209 windSpeed : 6.34 psiAverage : 186 latitude : 1.429463 longi... by kailun92 Communicator in Splunk Search 06-22-2013 1 5	1	5
Generated pattern (regex) I need to extract both of the words, is there anyone that knows how ? I have used this (?i)summary : (?P<FIELDNAME>[... by kailun92 Communicator in Splunk Search 06-22-2013 1 8	1	8
Extracting fields using regex When i try to extract a field using this (?i)humidity : (?P.+) expression. The result below is given. Is there anyway... by kailun92 Communicator in Splunk Search 06-21-2013 1 3	1	3
Detection of repeating values over a period I have a log that contains details of policy violations committed by users and this is available for a period of few ... by anusuya_k New Member in Splunk Search 06-21-2013 0 4	0	4
HiddenChartFormatter: how to pass "external" value with an intention Hi guys, I have this situation: I have an HiddenSearch that receives a value (ID of a process) through and intention... by RiccardoV Communicator in Splunk Search 06-21-2013 0 1	0	1
Lookup table question Hi, i have a lookup table where i have the below values My questions are: When i specify CIDR block would it work? o... by xvxt006 Contributor in Splunk Search 06-21-2013 0 5	0	5
Grouping of similar events Hi, How can we associate log entries that lead to a particular issue. I mean suppose there is button click event(Sa... by ChhayaV Communicator in Splunk Search 06-21-2013 0 6	0	6
Throttling-parameters in realtime search Hello Everyone, I have created alerts where i have to throttle according the fields. So my doubt is, whether i need ... by linu1988 Champion in Splunk Search 06-21-2013 0 1	0	1
External lookup not working... I have a scripted input that takes the "hash" field as an input and outputs JSON. Works like: python virusTotal.py ... by responsys_cm Builder in Splunk Search 06-21-2013 0 1	0	1
How to get the latest of a group In all our logs we write out the PID of the unix process. In many cases I just want to look at the latest run of a sc... by MikeKulls Path Finder in Splunk Search 06-20-2013 0 3	0	3
nesting switchers Hello, Is it possible to nest switcher modules? I have a dashboard panel that I want to break out with a tab switch... by cphair Builder in Splunk Search 06-20-2013 0 2	0	2
Splunk DB connect tarball corrupt? I've attempted to download the Spunk DB connect app. I get a 3kb .tar.gz file. When uploading it to Splunk it rejects... by johnarmstrong Explorer in Splunk Search 06-20-2013 0 4	0	4
calculate time statistics over an hour, but only find releated events that occur within one minute I am trying to calculate statistics for when a transaction enters our application, and when the reply is sent from th... by systemsatpayzon Path Finder in Splunk Search 06-20-2013 0 3	0	3
Splunk DB Connect - unable to specify to_date in the rising column I have configured a database input with a query that finishes with the following code: Where TimeStamp > '2013-06-20... by abpe Path Finder in Splunk Search 06-20-2013 0 3	0	3