Splunk Search

Community Activity

when I use timechart with "sum" why does the graph only show me a graph of events When using this query: index=development host=*app.dev.dps "dgs_size" \| timechart sum(dgs_size) It doesn't graph th... by rogerdpack Path Finder in Splunk Search 09-11-2012 0 1	0	1
analyzing transactions based on the values in the raw data Is there anyway to analyze trans data in SplunkStorm? Here is what I have: transaction is defined by beginTour and... by fere Path Finder in Splunk Search 09-11-2012 0 2	0	2
UNC failed to follow files in a directory Windows: When I point my inputs.conf file to index the contents of a directory of files. The files live on a UNC sha... by davecroto Splunk Employee in Splunk Search 09-11-2012 0 4	0	4
Changes to search configuration (field extractions etc) don't take effect right away in my distributed search environment. Why so? Can it be changed? I'm adding and modifying settings to my Splunk search-time behavior -- improving extractions, creating lookups, and s... by jrodman Splunk Employee in Splunk Search 09-10-2012 2 1	2	1
Rename values using transforms.conf I originally asked this question here: http://splunk-base.splunk.com/answers/55254/rename-values-extracted-into-fiel... by gnovak Builder in Splunk Search 09-10-2012 0 5	0	5
How to adjust the subsearch auto-finalized time limit Hello I currently have 3 searches that I am appending together. When I run the search I get the message "[subsearch]:... by AntonioM Explorer in Splunk Search 09-10-2012 2 2	2	2
How to use differnt Eval statement for the same column Hello everyone, I am trying to create a search that will tell me yesterdays total usage. We have both a dev and a pro... by Michael_Schyma1 Contributor in Splunk Search 09-10-2012 0 6	0	6
Count as a limiting factor for results of a nested query? I'm attempting to identify the top 5 hosts responsible for my errors via the following query: sourcetype=logs [ sea... by fncds3 Explorer in Splunk Search 09-10-2012 0 1	0	1
Creating a Data Table from CSV I am new to Splunk and only really understand the STATS Functions. I have some CSV files that contain the fields th... by ezajac Path Finder in Splunk Search 09-10-2012 0 5	0	5
Trouble Matching a regex for Transforms.conf Hi, I am auditing the Splunk Data directories for any kind of access. To do this, I put EVERYONE in the audit group... by kholleran Communicator in Splunk Search 09-10-2012 0 1	0	1
prefix string to search query I am creating an app and want to prefix index= to all searches done in the app. Is there a way this can be done. The ... by manikdham Path Finder in Splunk Search 09-10-2012 0 3	0	3
Splunk Query with complex join and groupBy Events type name, subtype, type, sal EVENT sample jack,male,human, 1000 rose,female,human,1500 I want to get the... by ma_anand1984 Contributor in Splunk Search 09-10-2012 0 4	0	4
A NOT Filter against a REGEX I have a search that filters out the value of account number from a log entry USING A REGEX extraction --> sourcety... by asarolkar Builder in Splunk Search 09-10-2012 0 4	0	4
Where are my Aloha Pos data files? Where are my Aloha Pos data files? by kevinleonardwal New Member in Splunk Search 09-09-2012 0 1	0	1
Second dropdown is not getting populated ?? I am using two dropdowns in a view in my applicationa. First drop down is getting populated and I want the second dro... by ranjyotiprakash Communicator in Splunk Search 09-09-2012 0 5	0	5
Is it possible to bundle multiple searches together? Hello! I'm trying to run many queries on a log every day. Is it possible to bundle these searches together, so Splun... by balidani Explorer in Splunk Search 09-09-2012 0 4	0	4
Searching by Transaction TYPE The following query finds what I would call "RejectedTrasnactions" index="radius" \| transaction nps_Class maxspan=1... by mikefoti Communicator in Splunk Search 09-09-2012 0 1	0	1
group ip by count Hello, I'm trying to write search, that will show me denied ip's sorted by it's count, like this: host="1.1.1.1" deni... by janfabo Explorer in Splunk Search 09-07-2012 2 6	2	6
Can Splunk interpret json? I have event files in json format. Splunk doesn't seem to know to make of it. Is this outside of Splunk's capabilit... by nsxdavid Engager in Splunk Search 09-07-2012 5 9	5	9
Turn the date on a graph I have a graph that is showing data by date over the last 30 days. I have converted timeformat down to "%m/%d. Even ... by hartfoml Motivator in Splunk Search 09-07-2012 0 5	0	5
MUST_BREAK_AFTER -How to give for multiple values I have log where each transaction ends with either of one below lines SignaturePolicy: BINDING_DEFAULT SignatureSt... by splunkatl Path Finder in Splunk Search 09-07-2012 0 4	0	4
search through saved searches with a wildcard? Show all results of searches with name ending with treshold Hi Splunkeez, for a dashboard we created about 50 savedsearches. 15 of the names are ending with treshold. They are ... by jan_wohlers Path Finder in Splunk Search 09-07-2012 0 1	0	1
Joining results from saved searches Is it possible to merge the results from different saved searches in splunk? I have come across 2 similar questions w... by brettcave Builder in Splunk Search 09-07-2012 3 4	3	4
Count of set diff from previous bucket I'm trying to produce a report that shows the difference between new and missing IDs from one day to the next day ove... by jberd126 Path Finder in Splunk Search 09-07-2012 0 1	0	1
Extended Regex in Inputs.conf I have some complicated Extended Regexes that give the right files when used with a find /\|grep -E "regex" but do not... by glitchcowboy Path Finder in Splunk Search 09-06-2012 0 3	0	3

Get Updates on the Splunk Community!

Deep Dive: Accelerate threat investigation with Splunk’s AI Assistant in Security

AI is one of the biggest topics in the market today, and for security teams, its value goes far beyond the ...

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Detection Engineering Office Hours: Real-World Troubleshooting & Q&A

[REGISTER HERE] This thread is for the Community Office Hours session on Detection Engineering Office Hours: ...

Splunk Search

when I use timechart with "sum" why does the graph only show me a graph of events

analyzing transactions based on the values in the raw data

UNC failed to follow files in a directory

Changes to search configuration (field extractions etc) don't take effect right away in my distributed search environment. Why so? Can it be changed?

Rename values using transforms.conf

How to adjust the subsearch auto-finalized time limit

How to use differnt Eval statement for the same column

Count as a limiting factor for results of a nested query?

Creating a Data Table from CSV

Trouble Matching a regex for Transforms.conf

prefix string to search query

Splunk Query with complex join and groupBy

A NOT Filter against a REGEX

Where are my Aloha Pos data files?

Second dropdown is not getting populated ??

Is it possible to bundle multiple searches together?

Searching by Transaction TYPE

group ip by count

Can Splunk interpret json?

Turn the date on a graph

MUST_BREAK_AFTER -How to give for multiple values

search through saved searches with a wildcard? Show all results of searches with name ending with treshold

Joining results from saved searches

Count of set diff from previous bucket

Extended Regex in Inputs.conf

Deep Dive: Accelerate threat investigation with Splunk’s AI Assistant in Security

Announcing Modern Navigation: A New Era of Splunk User Experience

Detection Engineering Office Hours: Real-World Troubleshooting & Q&A

How to get an extract of threshold values set in s...

how to query OCI Audit logs from Datasafe

SPLUNK ES 8.2.3 Drill Down not appearing

Using Splunk to Analyze Web Traffic & Machine-Gene...

How can i export a list of all services in APM

Splunk Search

Join the Conversation