Splunk Search

Community Activity

Basic search help I've got a custom source A and B, which I need to compute a weighted average over, each source has only 2 collums: da... by splunk_zen Builder in Splunk Search 03-26-2013 0 8	0	8
Search for Multiples Values and extract them into a single field? Can you please help me to figure out how can I extract multiple values in a source and extract them into a single fie... by ito27 New Member in Splunk Search 03-26-2013 0 6	0	6
Combine features from both stats and chart command My fields in this example are (row, column, data and count) I want to combine the features of this command: chart s... by cmak Contributor in Splunk Search 03-26-2013 0 2	0	2
Search with placeholder I would like to filter the following messages in a way that i would get only the events where "DISK "?" Status : Onli... by ammannpa New Member in Splunk Search 03-26-2013 0 1	0	1
Cumulative total "resets" with timechart and streamstats Hello, I can't for the life of me figure out what am I doing wrong here. I'm trying to keep track of total running t... by juraj Explorer in Splunk Search 03-26-2013 0 2	0	2
Not able to view my support cases I opened a support case at http://splunk.com/ but I am not able to view progress on the issue. I get following messag... by adminssplunknum New Member in Splunk Search 03-26-2013 0 1	0	1
Extracting Data from Website Hi, I have a requirement in a project of extracting the data from a website to make a metrics report. How do I extra... by abhayneilam Contributor in Splunk Search 03-26-2013 0 3	0	3
how to make eval to work for multivalued fields.. I have multivalued fields so if i use eval it picks and displays only one value for the multivalued field ... Can u s... by dilstn Explorer in Splunk Search 03-26-2013 0 1	0	1
フィールド抽出の正規表現の使用について正規表現を使って、サーチ時にフィールドを抽出していますが、この正規表現では日本語を使用できますか？ by cwl Contributor in Splunk Search 03-26-2013 1 1	1	1
Convert numbers to string Hi, My search formula returns a value in number. I want to check that number and if the number is below 50 a Word sh... by chamil3001 Explorer in Splunk Search 03-25-2013 0 3	0	3
Need help in stats for value-to-multivalue relationship in output My Search: index="_audit" [search index=_internal source="*web_access.log" user!="-" \| stats by user \| fields user] ... by wrangler2x Motivator in Splunk Search 03-25-2013 0 1	0	1
Trying to create a new field called hashtag I am a novice, experimenting with a free version of Splunk, and I have a twitter feed in a text file. A part of it lo... by sohampb Engager in Splunk Search 03-25-2013 0 4	0	4
transaction - solution for scheduling Is there a solution where a transactional query, run as a cron, can be forced to find all related events? As I see... by the_wolverine Champion in Splunk Search 03-25-2013 0 1	0	1
Two intention searches on one timechart Hi, I have two separate searches that I would like to put together one graph. I don't think I can use a join because... by lain179 Communicator in Splunk Search 03-25-2013 0 1	0	1
Timechart different job I would like to draw a time chart that shows the jobs that are running. For example: - Job A was running from 8am t... by lain179 Communicator in Splunk Search 03-25-2013 0 2	0	2
addterm operator How can I use the addterm intention to search for two fields with an OR? So in this case, I want to search or source... by lain179 Communicator in Splunk Search 03-25-2013 1 2	1	2
Use the Splunk Search EarliestTime and LatestTime timestamps for query in oracle DB I would like to select a number of records in a view on a Oracle DB. I have a field where there is a Oracle Timestamp... by dominiquevocat SplunkTrust in Splunk Search 03-25-2013 0 2	0	2
How to properly extract fields using regex I have a following field in my data cells : "< aN20%title=1\| basic%ipin=7\| basic%opin=1> " This means that I have ... by cmak Contributor in Splunk Search 03-25-2013 0 2	0	2
How do I search for synchronized activity of hosts? So, I recently read an article discussing the difficulty of and various approaches to catching new or unknown botnet ... by digital_alchemy Path Finder in Splunk Search 03-25-2013 1 1	1	1
ACK not enabled on Forwarder Since I have upgraded to version 5.0 I keep receiving the above message in the yellow bar at the top of the web gui. ... by rmcdougal Path Finder in Splunk Search 03-25-2013 3 2	3	2
Counting number of hits in a range Hi, I'm trying to count the number of events where a value is over a certain amount as well as within a number of ra... by mehuman New Member in Splunk Search 03-25-2013 0 3	0	3
Splunk treating multiple lines as one event since they have the same timestamp Hi, I have the following events. You can see that the timestamps are the same to the second. Due to this Splunk seem... by sourabhguha Explorer in Splunk Search 03-24-2013 0 6	0	6
External Commands calling perl script fails I have been able to have my external commands use subprocess to call commands because not all modules exist in the sp... by rdownie Communicator in Splunk Search 03-24-2013 1 2	1	2
Logging from Python in Splunk What are the conventions for logging from a custom search command in Python? I didn’t see my log outputs showing up ... by timpgray Path Finder in Splunk Search 03-23-2013 2 1	2	1
finding the most recent sourcetype=hardware (similar to metadata command) Hello everyone, in my dashboard I have a table displaying the hardware configuration of a server and several other s... by lemikg Communicator in Splunk Search 03-23-2013 0 4	0	4