Splunk Search

Community Activity

Need help with Stats report I have hundreds of log files containing the following pattern. Basically, I need to create a report for each PROJECTN... by lain179 Communicator in Splunk Search 11-01-2012 0 2	0	2
calculating average bandwidth I've got a log that looks like the following after extraction.... RPD_MPLS_PATH_UP: MPLS path up on LSP host1 path b... by DTERM Contributor in Splunk Search 11-01-2012 0 1	0	1
Gauge to show current % usage of monthly bandwidth I am trying to produce a gauge which will display the current percentage used of my fixed monthly bandwidth of 200GB.... by stevenhorner New Member in Splunk Search 11-01-2012 0 2	0	2
Does Splunk support logback as source type? Splunk supports log4j as source type. But we use logback. Hence are there any ways for mentioning logback as source t... by santoshkumar New Member in Splunk Search 11-01-2012 0 1	0	1
Specific Page Views by Day How can I see a specific page's view count by day? For any given day, it will show the count of the number of views. ... by slierninja Communicator in Splunk Search 11-01-2012 0 2	0	2
Wrong sorting Hi everyone, We met a problem with sorting data in a table. We sort users id-s, let's say there's 350000 of them, it... by iKate Builder in Splunk Search 11-01-2012 0 5	0	5
Calculate percentage from a join query I need to calculate the percentage of products that I have searched for that exist in a specific product catalog. I ... by justjosh Explorer in Splunk Search 11-01-2012 0 1	0	1
rex extraction of multiple fields from a record (multi-line) I'm trying to extract some Oracle audit log fields on the fly. I can't seem to get my regex to match. Source: Audi... by nocostk Communicator in Splunk Search 11-01-2012 2 4	2	4
How do I get all the values. I have tried this source=/var/log/testlog "EXP" OR "Q up" OR "X listing" \| rex "(?<myword>EXP\|Q up\|X listing)" \| st... by chappe4 New Member in Splunk Search 11-01-2012 0 4	0	4
Can't replace a healthcheck string in nginx Hi, I have looked at the docs and tried to remove a line from nginx access log regarding our LB : 192.168.27.169 - ... by scalp42 New Member in Splunk Search 10-31-2012 0 4	0	4
Subsearch Realtime - Parent Search Last 5 minutes Is it possible to have a subsearch looking for a log entry in realtime, then take that field and look back the past 5... by BP9906 Builder in Splunk Search 10-31-2012 0 4	0	4
Using rex to extract one or two character digit from string Hello I am trying to extract some digits from a string and I can't seem to get the regex to work. Here is an example ... by naydenk Path Finder in Splunk Search 10-31-2012 1 4	1	4
I just need to see a simple example of using click.value where my summary chart can be used to drill down to raw events. I've got a dashboard that renders using summarized data. When a user clicks on the chart, I want Splunk to return th... by the_wolverine Champion in Splunk Search 10-31-2012 1 4	1	4
Search for unique count of users Hi, I have a Splunk query which lets me view the frequency of visits to pages in my app. sourcetype="iis" source="*... by bnitesh Explorer in Splunk Search 10-31-2012 1 5	1	5
Splunk for Exchange 2.0 - Blank charts with 4.3.4 Hello, I just upgraded from 4.3.3 to 4.3.4 and Splunk for Exchange to 2.0, and now it seems that all the charts are ... by letienne Path Finder in Splunk Search 10-31-2012 0 6	0	6
Count By host I am using this statement below to run every hour of the day looking for the value that is 1 on multiple hosts named ... by hartfoml Motivator in Splunk Search 10-30-2012 0 1	0	1
how to avoid duplicates when a log file is read from an url using scripted input ? we are reading http logs from a weburl using the curl command the webserver log is exposed as http://host/webserver.l... by vallurupalli New Member in Splunk Search 10-30-2012 0 2	0	2
Define size up popup window in ViewRedirector module Is there any way to define the size of a popup browser window when using the ViewRedirector Module? True by jedatt01 Builder in Splunk Search 10-30-2012 2 4	2	4
My Selected Fields do not stay in the Selected Fields Area I have some saved searches and I have fields from a data source (csv file) and my fields are defined in props and tra... by ngcgoon Explorer in Splunk Search 10-30-2012 0 3	0	3
Multi-valued Index-time key extraction not working, please help! Hi all, I've been struggling with Splunk for weeks now (and had Developer training!) and I still can't get it to do ... by jonaubrey Explorer in Splunk Search 10-30-2012 1 11	1	11
Migrating from Windows to Linux Hello Splunkers, (1st post) I'm closing down one a Splunk 'test' instance we have on a Windows virtual machine and br... by lbogle Contributor in Splunk Search 10-30-2012 0 4	0	4
regular expression for XML Log I have following log in xml format <tec><items><item><name>Status</name><value>Online</value></item><item><name>Comp... by jangid Builder in Splunk Search 10-30-2012 1 1	1	1
Can't extract fields names from tab delimited source Hi. I'm new to Splunk. I've got basic import and searching working on the windows install, but I want to get the fiel... by nosignal Explorer in Splunk Search 10-29-2012 0 1	0	1
fomation in pattern matching- please help urgently I have 2 keywords and I am running query : index="maa" \| table Name Age Location \| rex field="Location" (?(?i)"kol")... by abhayneilam Contributor in Splunk Search 10-29-2012 0 9	0	9
want 0 count if keyword does not match index="usb_weekly_data" \|rex field="src_file_name" (?(?i)"presentation") \| stats count as First by key_word above qu... by abhayneilam Contributor in Splunk Search 10-29-2012 0 2	0	2