Splunk Search

Community Activity

What is the Splunk ECCN classification ? I need to know the Export Control Classification Number (ECCN) for the Splunk software. by mataharry Communicator in Splunk Search 03-08-2013 0 1	0	1
subsearch help Not sure how to really explain this.... I would like to look in my windows logs for new installed products and list ... by mcbradford Contributor in Splunk Search 03-08-2013 0 2	0	2
pipe separated instead of csv I was wondering if it is possible to build a regex for a pipe separated file… Where the Header row carries the name ... by chetanvartak New Member in Splunk Search 03-08-2013 0 1	0	1
How to configure MV_ADD in the search language? Hi I am trying to figure out how to count 'abc' string in the following string field. 2012/07/21 16:18:30 string=bb... by melonman Motivator in Splunk Search 03-08-2013 0 6	0	6
Combining "stats dc(x)" with "stats dc(x) by y" in same search I am having a ton of trouble expressing this query. Suppose I have 1,000 distinct people, and 25 cities. Over a time... by bryanfe New Member in Splunk Search 03-08-2013 0 4	0	4
How do I adjust a time calculation for results being generated in multiple timezones I need to calculate the duration of time between events however my source does not adjust for timezones. In my exam... by bigtyma Communicator in Splunk Search 03-08-2013 0 2	0	2
Ignore pairs of "matching" (not identical) events I have a stream of events where a user has an activity={purchase, return, subscribe, unsubscribe} and product={prodA,... by woodcock Esteemed Legend in Splunk Search 03-08-2013 0 1	0	1
Timechart expression - No results found. I'm having trouble computing an aggregate performance indicator. The following expression (which has the goal to obta... by splunk_zen Builder in Splunk Search 03-08-2013 0 3	0	3
Timechart of open sessions per username. I have a file like this: Time,User-Name,Action Thu Mar 7 15:09:22,admin,login Thu Mar 7 17:46:21,admin,login Thu Mar... by MikhailArefiev Explorer in Splunk Search 03-08-2013 0 2	0	2
Problem with the number of column in a row Hi, I am running a query which would produce 29 column all total, but in my SPLUNK result set it is showing only up... by abhayneilam Contributor in Splunk Search 03-07-2013 0 4	0	4
List events from latest log indexed? I'm looking for help creating a search that returns all events from the last log indexed. This is what i've tried bu... by bfinney Engager in Splunk Search 03-07-2013 0 3	0	3
I need a wildcard in reg I have an event that I want to extract the inside/outside IP Addresses and Port numbers. Mar 6 13:59:59 192.168.140... by RNB Path Finder in Splunk Search 03-07-2013 0 4	0	4
Search-Time Field Extraction - Not Working Hello all, We are collecting Cisco firewall logs into Splunk and have installed the "Splunk for Cisco Firewalls" app... by vragosta Path Finder in Splunk Search 03-07-2013 0 3	0	3
Using field values as paramaters for macros bis Hi! I have the need to write a "macro" that takes field values as parameters. I have understood from this thread tha... by guilhem Contributor in Splunk Search 03-07-2013 0 4	0	4
Unable to extract IP Address and Port number with reg I have an event that I want to extract the IP Address and Port number. Mar 6 13:59:59 192.168.140.215 %ASA-4-106023... by RNB Path Finder in Splunk Search 03-07-2013 0 3	0	3
Use "Splunk" relative times for custom fields?@ Hi, i have records like this: 2013-03-05 01:02:03.456Z foo=bar value=key start="2013-03-05 05:00:00.000Z" end="2013... by JensT Communicator in Splunk Search 03-07-2013 0 2	0	2
Metadata Command Alerting Here's my command: \| metadata type=hosts index= \| sort lastTime \| convert ctime(lastTime) as Latest_Time \| sort -la... by ryangibson99 Explorer in Splunk Search 03-07-2013 0 1	0	1
addcoltotal name? Hi, I have a table that gives me connections, and I want to show those connections, plus a total. The search works, ... by a212830 Champion in Splunk Search 03-07-2013 0 3	0	3
Problem with the summation in chart command in SPLUNK Hi, I want to find out how what is the total number of "Exit" and "Entry" for the particular CARD_NUMBER for a parti... by abhayneilam Contributor in Splunk Search 03-07-2013 0 6	0	6
How does automatic key=value extraction works? Hello, we have a logfile that contains key=value pairs. Usually Splunks automatic field extraction is working fine ... by tpaulsen Contributor in Splunk Search 03-07-2013 1 2	1	2
Counts and sum of counts I'm sure this is obvious but I'm not seeing it I've a search endiing in "chart count by UserName, host" which gives... by alnapp Engager in Splunk Search 03-07-2013 1 2	1	2
problem with lookup command Hi, I have a master .csv file in which I have 10 rows, now I have one more child file which contains only 4 rows, no... by abhayneilam Contributor in Splunk Search 03-07-2013 0 1	0	1
How do I display the average processing time after the total count? Fellow Splunkers, I have a chart that displays my Apache processing times as such Seconds count 0 1919... by ten_yard_fight Path Finder in Splunk Search 03-06-2013 0 3	0	3
Find Avg Diff two Date fields Splunkers, I have events from our Helpdesk ticketing system that have two date fields, DateOpen and DateClosed, both... by I-Man Communicator in Splunk Search 03-06-2013 0 2	0	2
How to add lookups that don't have matching fields on the log entries Let's say I have log entries as follows: sourcetype-syslog: time, event_id, host I want to be able to incorporate t... by sa_splunk New Member in Splunk Search 03-06-2013 0 2	0	2