Splunk Search

Community Activity

How to do this below? Hi all, Am new to splunk tool and i have downloaded to use my project for reporting,analysis,charts and alerts notif... by balajsoz Path Finder in Splunk Search 12-17-2012 0 1	0	1
Multikv not extracting data Hello I am trying to input data of free -tm in splunk. The raw data would look like total used ... by theouhuios Motivator in Splunk Search 12-17-2012 0 4	0	4
Problem with set command I'm trying to get use the set command to monitor differences between two sets of DNS records. I've looked through th... by megancarney Explorer in Splunk Search 12-16-2012 0 3	0	3
extract from calculated field I can't find anything that says you can't do a field extraction from a calculated field, but I found that this works ... by pwattssplunk Splunk Employee in Splunk Search 12-15-2012 0 2	0	2
Main differences between a saved report and a saved search I wonder if there is any site in splunk Docs that clearly define the distinct differences between the two of them. I ... by e82than Communicator in Splunk Search 12-15-2012 1 2	1	2
OR (\|) condition in regular expression I am missing something in my regular expression I am having similar log and I can do with two regex but I want to com... by jangid Builder in Splunk Search 12-14-2012 0 3	0	3
Dividing Field by a Number in stats Hi, How do I divide a field by a number. I want to divide Att.Duration by 100 and use the new field in the stats s... by yinon_nadav New Member in Splunk Search 12-14-2012 0 3	0	3
Splunk search regex how to?? from this string 'op-failed', 'text': "[Errno 2] bad format", 'time': 1355388330.578211, 'error': 'fetch-error'} how ... by hostedtower3 New Member in Splunk Search 12-14-2012 0 5	0	5
Time Specifier (Yesterday 12AM until Yesterday at current time) Trying to compare numbers of events that have come in from 12AM until NOW, with yesterday's data 12AM until NOW(Yeste... by beaunewcomb Communicator in Splunk Search 12-14-2012 0 2	0	2
External file lookup is failing, possible due to a "/" character in the lookup fields. Hi all, I'm having trouble getting an external file lookup to work in the Search app. I've setup a number of these p... by martinpugh Explorer in Splunk Search 12-14-2012 0 4	0	4
How to create a field with a value repeated a number of times when the number of time comes from another field - to get around concurrency limitation Hi, I am trying to implement our requirement for "concurrency". Lets say we want to measure user concurrency every 5 ... by fere Path Finder in Splunk Search 12-14-2012 0 1	0	1
Can we replace certain value in field ?? Hi , I have a field called UniqueID which contains the following values..like A,B,C,D etc..Now For this field i want... by rakesh_498115 Motivator in Splunk Search 12-14-2012 1 11	1	11
How to modify / change x axis values in timechart graph? Hi all, I have created a graph which shows time intervals in x axis and application up or down time % in y axis.I ha... by balajsoz Path Finder in Splunk Search 12-14-2012 1 1	1	1
Custom dynamic field extraction Dear fellow splunkers, I've got some events where the automatic field extraction of Splunk doesn't work. The log for... by Simon Contributor in Splunk Search 12-14-2012 0 2	0	2
Are Lookups appropriate here? I work with a bunch of media companies and on monthly basis licensing for the content they provide changes. So this ... by marquiselee Path Finder in Splunk Search 12-13-2012 0 4	0	4
Simplifying event displays Hi there, I have XML logs that I bring into spunk. Unfortunately, there is far too much not required information fo... by rdb_splunk Explorer in Splunk Search 12-13-2012 0 2	0	2
Relative time and stats I have a somewhat complicated question about how the now() method applies in the context of stats. I have a splun... by asarolkar Builder in Splunk Search 12-13-2012 0 4	0	4
How do I find the name of the index? For performing archives, it seems I have to use the name of the index in the conf file. How do I know what index name... by uayub Path Finder in Splunk Search 12-13-2012 0 3	0	3
Converting Numerical value(s) to Character(s) or String(s) - Oracle SQL to Splunk Languages - Part1 Hi, I am looking for Splunk search languages that might be corresponding to the following SQL: CHAR(13) Are there an... by syusjk6 Engager in Splunk Search 12-13-2012 0 8	0	8
Having issues with rex Hello I am not that comfortable yet with rex commands and have been slowly learning it.I want to rex some data from ... by theouhuios Motivator in Splunk Search 12-13-2012 0 5	0	5
Using parameters in rangemap Hi, what I want to achieve is a dynamic (datetime based) rangemap of an application's exceptions. So, instead of ter... by stefano_guidoba Communicator in Splunk Search 12-13-2012 0 2	0	2
Query results with field values as column header I have following fields Datacenter, Category(Cat ), Application(APP), Description(Desc). Datacenter has 10 or more p... by ma_anand1984 Contributor in Splunk Search 12-13-2012 0 1	0	1
Count also occurences that are not present for alerting I've made some searchs for alerting, but my problem is when I make a \| stats count, if some occurences are not presen... by sbsbb Builder in Splunk Search 12-13-2012 0 2	0	2
Comparing average I'm trying to compare the average of a data field over two different time period, also including a few other comparis... by sflunk Engager in Splunk Search 12-12-2012 0 1	0	1
Correlate events, get parameters from only one of the events Hi *, I'm trying to correlate events with the transaction function. This is my search: source="auditd"\| transaction... by horizonsecurity Explorer in Splunk Search 12-12-2012 1 3	1	3