Splunk Search

Community Activity

Count By host I am using this statement below to run every hour of the day looking for the value that is 1 on multiple hosts named ... by hartfoml Motivator in Splunk Search 10-30-2012 0 1	0	1
how to avoid duplicates when a log file is read from an url using scripted input ? we are reading http logs from a weburl using the curl command the webserver log is exposed as http://host/webserver.l... by vallurupalli New Member in Splunk Search 10-30-2012 0 2	0	2
Define size up popup window in ViewRedirector module Is there any way to define the size of a popup browser window when using the ViewRedirector Module? True by jedatt01 Builder in Splunk Search 10-30-2012 2 4	2	4
My Selected Fields do not stay in the Selected Fields Area I have some saved searches and I have fields from a data source (csv file) and my fields are defined in props and tra... by ngcgoon Explorer in Splunk Search 10-30-2012 0 3	0	3
Multi-valued Index-time key extraction not working, please help! Hi all, I've been struggling with Splunk for weeks now (and had Developer training!) and I still can't get it to do ... by jonaubrey Explorer in Splunk Search 10-30-2012 1 11	1	11
Migrating from Windows to Linux Hello Splunkers, (1st post) I'm closing down one a Splunk 'test' instance we have on a Windows virtual machine and br... by lbogle Contributor in Splunk Search 10-30-2012 0 4	0	4
regular expression for XML Log I have following log in xml format <tec><items><item><name>Status</name><value>Online</value></item><item><name>Comp... by jangid Builder in Splunk Search 10-30-2012 1 1	1	1
Can't extract fields names from tab delimited source Hi. I'm new to Splunk. I've got basic import and searching working on the windows install, but I want to get the fiel... by nosignal Explorer in Splunk Search 10-29-2012 0 1	0	1
fomation in pattern matching- please help urgently I have 2 keywords and I am running query : index="maa" \| table Name Age Location \| rex field="Location" (?(?i)"kol")... by abhayneilam Contributor in Splunk Search 10-29-2012 0 9	0	9
want 0 count if keyword does not match index="usb_weekly_data" \|rex field="src_file_name" (?(?i)"presentation") \| stats count as First by key_word above qu... by abhayneilam Contributor in Splunk Search 10-29-2012 0 2	0	2
bar chart with five search I want to create a bar chart with these following search eventtype="et_system_metrics" Stage=A* \| stats count(eval... by jangid Builder in Splunk Search 10-29-2012 0 6	0	6
What's wrong in this sub search ? What is the wrong in this sub search ? Individually both are working fine. eventtype="et_system_metrics" Stage=A* A... by jangid Builder in Splunk Search 10-29-2012 0 4	0	4
docs.splunk.com wrong link to answers Dear Doc Team, if one uses the link to Answers on top of the docs.splunk.com page, you end up at docs.splunk.com/Ans... by MuS SplunkTrust in Splunk Search 10-29-2012 5 1	5	1
problem with REX I am giving the following search : index="maa" \| table Name Age Location \| rex field="Location" (?(?i)"delhi") \| eva... by abhayneilam Contributor in Splunk Search 10-29-2012 0 10	0	10
how to merge multiple rex commands Hi, I have a query as follows : index="maa" \|rex field="Location" (?(?i)"delhi") \| eval ONE=lower(ONE) \|stats count... by abhayneilam Contributor in Splunk Search 10-29-2012 0 3	0	3
Search for items not matching values from a lookup Related to http://splunk-base.splunk.com/answers/7581/best-way-to-search-using-a-lookup-table I want this inverse sc... by gohar Explorer in Splunk Search 10-27-2012 1 2	1	2
Rex in If else ladder Hi, I am running the below query and want to print 0 for the keyword that is not matched , can this be possible to g... by abhayneilam Contributor in Splunk Search 10-27-2012 0 2	0	2
Alerting based on deviation on multi dimensional data I have a challenge that I'm hoping someone can help with. There are around 24,000,000 events being indexed per 24 ho... by hirsts Path Finder in Splunk Search 10-26-2012 0 2	0	2
Unabe to get the search result in text box using javascript inside html module Hi, Just have a look at this code < module name="HiddenSearch" layoutPanel="panel_row2_col1" autoRun="True"> <... by madanashok Path Finder in Splunk Search 10-26-2012 0 2	0	2
RegEx for variable message field extraction Hello, I have logs coming in that look like the following: (Tab between columns) server1.something.com ApacheLog ... by johnebgood Path Finder in Splunk Search 10-26-2012 1 4	1	4
Can i know the results retrieved for each search query ? Hi. I have search query that query returns certains fields . these information will vary according to the realtime d... by rakesh_498115 Motivator in Splunk Search 10-26-2012 0 2	0	2
Is it possible to use saved search RESULTS as a subsearch? My problem with this is that the saved search takes longer than 60 seconds to run, so I only get partial answers if I... by dspracklen Path Finder in Splunk Search 10-26-2012 1 3	1	3
what is the signifincance of $ symbol in splunk ?? Hi.. I know that the dolloar $ is used for variables . like $a or $b something like this.In splunk i have seen in fe... by rakesh_498115 Motivator in Splunk Search 10-26-2012 0 1	0	1
Extract domain from FQDN in Windows Event log I need to create a transform stanza that will seperate some events depending on which domain they originate from. ... by bkcarter Path Finder in Splunk Search 10-26-2012 0 1	0	1
Custom fields to be extracted from the Odata for splunk app This is a question on the OData App. I have a search that lists the output as a table, when I save this search and a... by giridhar_tm Engager in Splunk Search 10-26-2012 1 2	1	2