Splunk Search

Community Activity

Update lookup file just before running my search? I'm running a subsearch which updates a lookup file (using outputlookup) but it doesn't seem to work. The subsearch ... by the_wolverine Champion in Splunk Search 01-30-2013 0 7	0	7
Convert field from Unix Epoch Time to another format I have events that are being stored in large groups (say 10,000 at a time). The timestamp that they are given at inde... by cosullivan66 Explorer in Splunk Search 01-30-2013 0 1	0	1
Splunk CLI search only returns 100 events Hi, I am looking for a Splunk CLI search workaround for option (-maxout 0) which shows unlimited events instead of d... by tarunm Engager in Splunk Search 01-30-2013 1 4	1	4
Rolling over data to a a Share I have a distributed Environment consisting of 2 SH and 2 indexers. I would like to keep around 30 days of logs on my... by paul_1994 Path Finder in Splunk Search 01-30-2013 0 2	0	2
JOIN two tables in Splunk Need to extract the value of 'A' from Query 1 - Then do a JOIN to extract the value of 'A' if they occur in Query 2 ... by kthakkar New Member in Splunk Search 01-30-2013 0 2	0	2
Regular expression used in transform not performing as expected I have written a Regex to perform an extraction in transforms.conf that I've tested in multiple PCRE compliant regula... by jklumpp_splunk Splunk Employee in Splunk Search 01-30-2013 0 5	0	5
How can I use LDAPSearch to retrieve email based on selected specific CN Hi I have used ldapsearch to narrow down the list of members based on a specific CN: e.g. \|ldapsearch domain="mydom"... by Joshie New Member in Splunk Search 01-29-2013 0 1	0	1
Extracting usernames from Solaris 9 syslog Hi guys, I hope this is an easy one for you. We have Solaris 9 boxes sending syslogs to nfs share and our Splunk 4.3 ... by cgisplunk Path Finder in Splunk Search 01-29-2013 0 7	0	7
How to hide time without values in timechart Hello comunity, I need help to hide a value unavailable in a timechart. I searched for some functions, but I have no... by alvaromoraes Path Finder in Splunk Search 01-29-2013 0 4	0	4
Add search term and external link. Hi I have a panel which displays the following in columns AD Events (log dictionary) WSUS (log dictionary) Qualy... by sanju005ind Communicator in Splunk Search 01-29-2013 0 3	0	3
search based on logged in user id I need to plug in the logged in user id and build a search query. How do I accomplish this ? I see cherrypy.session... by Sriram Communicator in Splunk Search 01-29-2013 2 4	2	4
How to change the horizontal width of a column in a table Eexperts, I am a newbie to Splunk. When I changed the width of a table, the width of the panel used to create or extr... by katesplunk Explorer in Splunk Search 01-29-2013 0 5	0	5
Scoping a search string to a valid field yields no results Hi, I have some very strange behaviour from Splunk v4.3.3. When I search for: index="something", splunk correctly p... by mark Path Finder in Splunk Search 01-28-2013 0 1	0	1
Splunk question on stats/multiple stats Hi, I have two sourcetypes with disparate pieces of information that i want to bring together. Note that there are... by asarolkar Builder in Splunk Search 01-28-2013 0 5	0	5
Field extraction doesn't show full log I am trying to extract a line "lockouttime=*" it is on line 107. when I use the extract field tool. It only shows the... by jared_anderson Path Finder in Splunk Search 01-28-2013 0 4	0	4
Limit on the number of realtime searches Hi, I would like to know what is the limit on the number of real time searches for the following H/W and user count ... by strive Influencer in Splunk Search 01-28-2013 1 9	1	9
unable to change password / edit users There seems to be a dependency on roles inheriting from 'user' and 'admin'. Example. I create a new role defined li... by jonuwz Influencer in Splunk Search 01-28-2013 0 9	0	9
total similar events I am having problems trying to keep a sum of similar events in a field called 'count.' This field should group events... by Michael_Schyma1 Contributor in Splunk Search 01-28-2013 0 3	0	3
Compare by field value from two searches My problem is: I have an id that should be logged from two systems if integration between these two have worked as su... by Petra Engager in Splunk Search 01-28-2013 0 4	0	4
Streamstats with time window Hi, a question about streamstats as described here: http://docs.splunk.com/Documentation/Splunk/5.0.1/SearchReference... by gschmitz Path Finder in Splunk Search 01-28-2013 0 5	0	5
Report of distinct count of MAC addresses per session Greetings Community, I'm trying to figure out how to create a daily and weekly report that captures each unique patr... by lunatik280 New Member in Splunk Search 01-27-2013 0 1	0	1
Count events with blank or null values Traditionally when we do a count across fields we would run: \|top limit=0 Hostname, Error Job Name, Error ID, Service... by tsunamii Path Finder in Splunk Search 01-25-2013 0 1	0	1
Subsearch - clause to match values with main search I'm having trouble using a condition to match a subsearch results with the main search ones, running each one indivi... by splunk_zen Builder in Splunk Search 01-25-2013 0 5	0	5
Can i move the position of the search button in forms ?? Hi.. Can i move the search button in my form to right most position ?? i have seen some param like float but it did... by rakesh_498115 Motivator in Splunk Search 01-25-2013 0 1	0	1
Slanted X axis labels on bar or line charts I have some line/column graphs where I have quite a few X axis labels that are relativly long (time / date) fields of... by pbunce1 Explorer in Splunk Search 01-25-2013 1 4	1	4