Splunk Search

Community Activity

libpcre.so.0 error of bloom command Installed Splunk 5.0.1 on Gentoo Linux (x64). Execute "/opt/splunk/bin/bloom" and get the error message: /opt/splunk... by takol Explorer in Splunk Search 11-30-2012 0 10	0	10
Dashboard Question I have a request to create a dashboard that among other things has a panel that text can be input into and written to... by menkurau Path Finder in Splunk Search 11-30-2012 0 2	0	2
Having trouble writing a group by query Here's the issue, my data is in JSON Format (see example below). Each event that I have is associated with a user_... by haqkap New Member in Splunk Search 11-29-2012 0 1	0	1
Additional field in search results Hi, A field OTHER is getting displayed in search results. My Log is: FieldA FieldB FieldC event 123 123 234 ... by strive Influencer in Splunk Search 11-29-2012 0 4	0	4
timechart with each line defined by multiple fields my search is something like ... \| stats avg(weight) by color, shape which results in : color shape ... by benobviate Explorer in Splunk Search 11-29-2012 0 3	0	3
Field Extraction from Regex So I am relatively new to extracting fields in Splunk, but I have some knowledge of regex, and I'm attempting to appl... by tmarlette Motivator in Splunk Search 11-29-2012 2 6	2	6
Creating a status graph - 0 or 1 - based only on "started" and "ended" messages I have a very similar question to this one: I have a dataset that tells me when a service starts (such as index=_int... by Jason Motivator in Splunk Search 11-29-2012 0 2	0	2
How to sum output of table command Hi I have a output of the table command as below : dataset datacount corp_zero 32 ebz_europe 6 icm 362 mbs ... by ashu_g50 Path Finder in Splunk Search 11-29-2012 0 12	0	12
top command with values I want top 10 values for a field based on the timer control. mysearch \| top 10 E_Time above command return top 10 r... by jangid Builder in Splunk Search 11-29-2012 1 5	1	5
eval & coalesce I'm trying to normalize various user fields within Windows logs. The fields I'm trying to combine are users Users and... by hagjos43 Contributor in Splunk Search 11-29-2012 1 3	1	3
unit along with fieldname Hi all is there any option in splunk, so that we can list the table contents and their units along with the table nam... by smolcj Builder in Splunk Search 11-29-2012 0 3	0	3
イベントから任意の文字列を置換する方法は？データを取り込んだ後に、イベントの中の文字を置換したり追加・削除することは可能ですか。例えば、イベント中に含まれるすべての"(ダブルクオート）を外してから検索を行う、など。 by Splunk_Shinobi Splunk Employee in Splunk Search 11-28-2012 0 1	0	1
How do I do a chart in splunk whereby I can forecast into the future? How do I do a chart in splunk whereby I can forecast into the future? Hi there appreciate any help here. Coming from... by HattrickNZ Motivator in Splunk Search 11-28-2012 0 4	0	4
Eval Question I am trying to translate a user, to an external IP address and be accurate within 5 seconds. I have to do this using ... by tmarlette Motivator in Splunk Search 11-28-2012 0 5	0	5
Trouble with Field Extraction I am attempting to pull information from multiple eventtypes into 1 field called ext_ip I can get two of them, but I ... by tmarlette Motivator in Splunk Search 11-28-2012 0 2	0	2
Need to Create Two Time Series in One Chart Answer below. by msettipane Splunk Employee in Splunk Search 11-28-2012 0 1	0	1
listing events directly from a table Hi all, is there any option to directly list the events for a particular table entry.. after a search in dashboard u... by smolcj Builder in Splunk Search 11-28-2012 0 3	0	3
index a file in a file system which can be mounted on different servers Hi I would like to index a file which is in a file system which can be mounted on different servers at different poi... by bob87 Explorer in Splunk Search 11-27-2012 0 1	0	1
Temporal Input lookups? We have been able to successfully use inputlookup with lookup files we have created. However, our lookup files have t... by bread555 Explorer in Splunk Search 11-27-2012 1 2	1	2
Sorting Charts I have the following search that returns a chart of response times for web pages by GET and POST. index=iis_PRODUC... by richnavis Contributor in Splunk Search 11-27-2012 0 2	0	2
How flexible use search if statement?How flexible use search if statement? To produce a single value dashboard, the utilization of the CPU and the MEN , and when any value exceeding the target... by lacusmax New Member in Splunk Search 11-27-2012 0 2	0	2
Possible bug - Deleting a saved search deletes all searches with the same name I believe I have found a possible bug. There is a condition that when you delete a saved search all saved searches wi... by ztom Explorer in Splunk Search 11-27-2012 0 1	0	1
eval fails if fields have a ":" in their name I have some data in the form of xml records. The fields extract fine using the xmlkv operator, but I can not perform ... by bnolen Path Finder in Splunk Search 11-27-2012 2 5	2	5
multiple values for single field in multiple lines of a single multi-lined event Below is my sample log. I'm trying to extract all the 'Pend Reason' codes and still maintain the host field which I'm... by sf-mike Splunk Employee in Splunk Search 11-27-2012 0 3	0	3
Regular expression help and error (Regex: unmatched parentheses ) The regular expression is correct according to RegExr, but i keep on getting this error Regex: unmatched parentheses... by Michael_Schyma1 Contributor in Splunk Search 11-27-2012 0 2	0	2