Splunk Search

Discussions

Thread Info

Percentage network bandwidth by site

Hi all, Another question... I have two extracted fields: "MB" and "site". I wish to do the following, over a pe...

by Path Finder in

Does splunk-wmi use the evt_resolve_ad_obj directive with remote "pulled" event logs?

I'm able to pull the events fine with the config below, but the GUIDs aren't being expanded. I've tried evt_resolve_a...

by Path Finder in

If field matches regex then make the value foo

Okay so, I have a field, "basedomain". This contains a huge list of data such as: google.com facebook.com googl...

by Path Finder in

How can i append my search results to a csv file ?

Hi . I have a scheduled search which runs for every 5 min . How do i save these results in a csv file ? when using...

by Motivator in

Fuzzy Search

I have a field called 'err_msg' this field contains a long line which consists of the error as well as the file name ...

by Communicator in

can i know the best95 and worst5 stats in splunk?

Hi, I have written a query which gives me the list of durations of all the transactions.Now i need to calucalte th...

by Motivator in

Can someone help me with a query relating to averages?

I was wondering if someone can help me with something I am trying to do. I have two extract fields called metricvalue...

by Engager in

splunk query slow.......

Is there a way to take a query, run it in the background, save the results to a file, and then reference that file in...

by Contributor in

Reverse DNS lookup and replacing host field with returned host name [SOLVED]

Running Splunk 4.2.3 on CentOS 5.3 x64 to capture syslog data sourced from network devices. I needed to enable DNS re...

by Explorer in

include indexTime in output file

I am looking to include the indexTime in my output file and then append that that field to an existing 'CreateTimeSta...

by Communicator in

Weekdays on Timechart

Hi, Is it possible for Splunk to show ALL days on the x-axis for a timechart? I have a search which returns data f...

by Explorer in

searching on syslog messages

I am testing out replacing LogLogic with Splunk. Right now, we have forwarded the LogLogic messages to a splunk forwa...

by Champion in

Grouped Search Results by IP

I am building a small visual app to assist cyber-security analysts. They have an automated process to identify "SO...

by Contributor in

Event Types not working

I have loaded logs and can do the following search: index=cms_cc_logs error This returns 239 events. If I d...

by Path Finder in

Transactions that span time period are counted in stats in all time periods from start to end

I need stats on transactions (WAN outages) over a given period - 1 day, for instance - to be grouped by hour. Howe...

by Engager in

Regex - fqdn, basedomain etc. from URL in CK log

Hi there, I have taken the following regex from here... http://splunk-base.splunk.com/answers/9736/revisiting-r...

by Path Finder in

What is a good search where I can capture the last 24hrs of successful AD domain logins?

I need to identify how many authorizations (active directory domain logins) per day on average we have per domain con...

by Splunk Employee in

Splunk response time is quite slow when I use the lookup script

Splunk response time is quite slow when I use the lookup script presented below. The response time of the web service...

by Motivator in

REGEX to collect all data after final closing bracket

Hey Guys, Here are a few examples of the logs that we have. I am having trouble grabbing from the last bracket ] to t...

by Contributor in

User ID and Password

I forgot my user id and password

by New Member in

Unsure how to append additional field after stats command.

Hi all, I am trying to do the following search: sourcetype=squid 192.168.1.20 | stats sum(bytes_in) as bytes by sr...

by Path Finder in

Can both hostname and source IP be searchable?

Right now we have a lot of devices reporting syslogs into splunk. I'd really like to be able to search them by hostna...

by Path Finder in

host name from path using regex

I'm trying to learn some regex and I was hoping to get the host name from the path when entering a new data source, b...

by Explorer in

Real Time search for Today()

hi, it is possible to do a real time search for today? for the saved searches or reports, we can actually do a @...

by Explorer in

Splunk - Everyday checks to make sure everything is working fine.

Hi, I am new to Splunk. I have an environement with devices sending Syslogs and some ESX hosts. I would like check...

by Explorer in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Percentage network bandwidth by site

Does splunk-wmi use the evt_resolve_ad_obj directive with remote "pulled" event logs?

If field matches regex then make the value foo

How can i append my search results to a csv file ?

Fuzzy Search

can i know the best95 and worst5 stats in splunk?

Can someone help me with a query relating to averages?

splunk query slow.......

Reverse DNS lookup and replacing host field with returned host name [SOLVED]

include indexTime in output file

Weekdays on Timechart

searching on syslog messages

Grouped Search Results by IP

Event Types not working

Transactions that span time period are counted in stats in all time periods from start to end

Regex - fqdn, basedomain etc. from URL in CK log

What is a good search where I can capture the last 24hrs of successful AD domain logins?

Splunk response time is quite slow when I use the lookup script

REGEX to collect all data after final closing bracket

User ID and Password

Unsure how to append additional field after stats command.

Can both hostname and source IP be searchable?

host name from path using regex

Real Time search for Today()

Splunk - Everyday checks to make sure everything is working fine.

Stay Connected: Your Guide to November Tech Talks, Office Hours, and Webinars!

Index This | When is October more than just the tenth month?

Observe and Secure All Apps with Splunk

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions