Splunk Search

Community Activity

regex to get xml (Element Name + Value) I have a xml-field with two different Elements : ... ... I wanted to extract ... by sbsbb Builder in Splunk Search 05-02-2013 1 2	1	2
Max values per unique field name I currently have a search that gives me the top counts by time and site. For example, I might get the following resul... by tnkoehn Path Finder in Splunk Search 05-01-2013 0 2	0	2
Different TimeRangePicker values for different reports in same app Hi, I have successfully configured in a times.conf file the options I want for each of two different TimeRangePicker... by oded4478 Explorer in Splunk Search 05-01-2013 3 5	3	5
Help with Sub Searches I am attempting to search our networking logs based off the snort alert logs but I can't figure out how to perform th... by rmcdougal Path Finder in Splunk Search 05-01-2013 0 1	0	1
Why two charts show different results? Hello, I have two different chart results (visualization) for queries that start at 9:15AM and finsih 4:15PM. When I ... by thiru25 Explorer in Splunk Search 05-01-2013 0 2	0	2
Populating search not working Hello I am trying to autopopulate the below input type and its not giving any data in the dropbox. Can anyone please... by theouhuios Motivator in Splunk Search 05-01-2013 0 9	0	9
Rangemap shows "other" for 3rd value always I'm trying to do a rangemap pie chart to show ranges (0-40, 40-100, and everything else). If I do 2 ranges (0-40 and... by nandrews New Member in Splunk Search 05-01-2013 0 2	0	2
disapearing results I have a search that will show the results populating as it runs. Then out of nowhere the results drop to 0 and the ... by cramasta Builder in Splunk Search 04-30-2013 2 3	2	3
Can one tell how much of the 16TB of my log data is being searched on any regular basis? Can one tell how much of the 16TB of my log data is being searched on any regular basis? by khourihan_splun Splunk Employee in Splunk Search 04-30-2013 1 1	1	1
stats command file doubt Hi, Is the default stats command for computing avg,min,max and sdev a custom search command which calls the rawstat... by rakesh_498115 Motivator in Splunk Search 04-30-2013 0 9	0	9
Problem with custom search command vs timechart in results chart I've written a custom (generating) Splunk command that retrieves data from Carbon/Graphite, a numerical data-logging ... by gcoles Communicator in Splunk Search 04-30-2013 1 4	1	4
BUG : macros do not expand within 'map' If I create a simple macro called 'test' defined as * \| head 1 \| eval text="boo" \| fields text Then run a search... by jonuwz Influencer in Splunk Search 04-30-2013 2 1	2	1
Count sessions in a month - rolling 30 minute sessions I have an IIS log file and want to count all sessions in a month. So the simple thing to do is a distinct_count(clie... by vevani Engager in Splunk Search 04-30-2013 0 5	0	5
Field Extractions Never Appear Starting a new project with Adobe's CQ5... I'm starting with the access log, as it is straight forward. I've done f... by vbrtrmn Explorer in Splunk Search 04-30-2013 0 3	0	3
Plans for Rgraph Are there any plans for Splunk or an app to support Rgraph? by bessery New Member in Splunk Search 04-30-2013 0 1	0	1
Spreading transaction duration over spans Hi, I have some data containing transactions that might take short (a couple of seconds) or very long (hours). I want... by davidjehoul Explorer in Splunk Search 04-30-2013 0 3	0	3
How to Read Query results in JAVA SCRIPT in my View I would like to read query results(from Search Module) in my javascript written in my View. Note: I'm not using js... by ma_anand1984 Contributor in Splunk Search 04-30-2013 1 3	1	3
Format results with comma thousands separator How do I format the output to have comma separators - I want 1,234,567, not 1234567. Any easy way? Given a query li... by Oren Explorer in Splunk Search 04-29-2013 1 2	1	2
How to join a json log source with Json format with a log source with key = value pairs log format.... I have a query that is able to join two or more source types with the same log format in each source log (all log wi... by lpolo Motivator in Splunk Search 04-29-2013 0 1	0	1
Field extraction hi, I want to extract a particular word and add it to a calculated field from a message field i have a share point s... by ChhayaV Communicator in Splunk Search 04-29-2013 0 4	0	4
Can We add diffrent search timing Hi, Is it possible to run the same search with diffrent search time? My requirement to have the count of transactio... by ravindra_ap Explorer in Splunk Search 04-28-2013 0 4	0	4
Fulfill empty table entries Is there a way I can fulfill empty tables. name="*" \| chart count by name,severity \| rename 1 as alert, 2 as critical... by zugji Path Finder in Splunk Search 04-28-2013 1 1	1	1
regex fu (if contains : do this) Hey guys, this is one for any regex grand masters. I have a field (snort_dst) which contains addresses in both these... by nickhills Ultra Champion in Splunk Search 04-28-2013 0 2	0	2
realtime searches canceled I keep getting a message on top of my search app, that says: "The running job "rt_1367002880.1350" was canceled or r... by tmarlette Motivator in Splunk Search 04-26-2013 0 2	0	2
How can I alter the searches being executed by *NIX app? Based on other questions submited, it looks like I might be able to change the inputs.conf file but need to make sure... by jchilovich New Member in Splunk Search 04-26-2013 0 1	0	1