Splunk Search

Community Activity

Timechart with multiple fields and calculating percentage My query is something like .. \| eval color_and_shape = color + "/" + shape \| timechart count as total, count(eval(he... by benobviate Explorer in Splunk Search 11-20-2012 1 1	1	1
Trying to schedule a search and save it in summary index, index=new Search peer denpda3log01 has the following message: received event for unconfigured/disabled index='new' with source=... by mike7860 Explorer in Splunk Search 11-20-2012 0 1	0	1
Regex for SAR data in UNIX Hello I need to create a timechart for the data below based on cpu's available and the utilization of that specific... by theouhuios Motivator in Splunk Search 11-20-2012 0 1	0	1
Calculation of area of a graph Hi there, today I have a special question. I am not sure how to realise this. I have on the one hand a lot of perfor... by nebel Communicator in Splunk Search 11-20-2012 0 2	0	2
Is there a way to manipulate time range picker using just a seach query? Since some days ago I was thinking a way to manipulate the "time range picker" or even the period to retrieve data fr... by wagnerbianchi Splunk Employee in Splunk Search 11-20-2012 0 5	0	5
how to change graph line color I have drawn one line graph by severity. and it has three types: Error,Warning,Notice. I want to Display Error line i... by geetanjali Path Finder in Splunk Search 11-20-2012 0 2	0	2
text box input Hi all in a form i need a Text box .in that whatever the value i am giving it should reterive only those task havin... by splunkpoornima Communicator in Splunk Search 11-20-2012 0 6	0	6
input through text box hi all, I used below query and i got the table which has the duration and TaskName source="C:\Users\20875\Desktop\... by splunkpoornima Communicator in Splunk Search 11-20-2012 0 1	0	1
Testing and debugging an Inline Field Extraction I'm trying to setup Splunk to understand CloudFront log files. I've setup a field extraction like this: ^(?<DATE>[\... by adamb0mb Explorer in Splunk Search 11-19-2012 0 3	0	3
I need to calculate the number of business days between two dates. Any help or direction on this will be very helpful. I need to calculate the number of business days between two dates. Any help or direction on this will be very helpfu... by yaminims New Member in Splunk Search 11-19-2012 0 1	0	1
Threshold stats count table I want to use stats count with several fields and am running my search every hour I don't want to show any results u... by hartfoml Motivator in Splunk Search 11-19-2012 0 2	0	2
Help with Reporting Need a little assistance with reporting. I am currently indexing multiple anti-virus reports into SPlunk daily and ar... by efelder0 Communicator in Splunk Search 11-19-2012 0 4	0	4
Extract username and domain from field order depends on delimiter We have a Username field which we are extracting via search time rex. \| rex field=_raw "User (?\S+)" The Username ... by solarboyz1 Builder in Splunk Search 11-19-2012 0 8	0	8
How do I measure measuring wKB_PS across a four disk LUN with iostat? I have Netapp LUNS mapped to a Centos server. when I run iostat, I see all the individual disks that are mapped. I ... by belka Path Finder in Splunk Search 11-19-2012 0 3	0	3
Generating the report in .doc format Hi, AFter analyzing the raw log in splunk, we generate excel reports and from that we make reports in .doc format fo... by abhayneilam Contributor in Splunk Search 11-19-2012 0 7	0	7
slash error in the source hi all i have created the view contains the dropdown for index and if i select the index i will get all the sources ... by splunkpoornima Communicator in Splunk Search 11-19-2012 0 17	0	17
.bat to run my program located at desktop Start C:\Users\User\Desktop\setup.exe Hi, above is what I put for my .bat located Splunk "bin" directory. What shou... by elaine0102 Explorer in Splunk Search 11-19-2012 0 16	0	16
search query for line graph earliest=-30d@d-1h latest=-1d@d+11h \| bucket _time span=24h \| stats sum(eval(if((date_hour>=23) OR (date_hour<11),1... by elaine0102 Explorer in Splunk Search 11-19-2012 0 1	0	1
Rex extraction specific example Hello Splunkers, Problem: Splunk query returns events where "Account_Name" appears twice, thus returning multiple/in... by cburr2012 Path Finder in Splunk Search 11-19-2012 1 5	1	5
number of threads Hi all, I have an eventtype called threads. how can i find the number of threads in it? suppose under eventtype threa... by smolcj Builder in Splunk Search 11-18-2012 0 3	0	3
field value is field name Defined Defined as the value of the field of the field name is possible? ex) A_Field item is values "B_Field" conversion ... by jcisha Path Finder in Splunk Search 11-18-2012 0 4	0	4
How to get info from user's first session? I have user logs that look like this per session: userId=u1 sessionId=s1 level=l1 userId=u1 sessionId=s1 level=l2 ... by ysdeos New Member in Splunk Search 11-17-2012 0 1	0	1
how to extract nested fields using search command Hi, I have a data like this. I need to extract HDID and VNM fields. Any help. {[-] BVER : "10.47b", CHIP : "Bcm7... by disha Contributor in Splunk Search 11-17-2012 0 1	0	1
Date field Extraction ?? Hi, I have the following format of Dates in my logs like 2007/01/25 and 2006/12 . i want to extract these dates to a... by rakesh_498115 Motivator in Splunk Search 11-17-2012 0 4	0	4
range(_time) help ?? I have bulk of 1 lakh events in my logs . I have used the stats(_range) command to calculate the average response tim... by rakesh_498115 Motivator in Splunk Search 11-17-2012 0 6	0	6