Splunk Search

Community Activity

Scripted Input field extractions not working like a csv one-shot I have a use-case that requires a scripted input. I have built a scripted input app following the docs, but I'm havi... by anewell Path Finder in Splunk Search 07-20-2012 1 8	1	8
Having Splunk use a Unique Log Entry ID As part of logging events from our application we add a unique GUID to the event stream is there a way to tell spunk ... by cid_tangogroup New Member in Splunk Search 07-20-2012 0 1	0	1
Is there a search command to look up results from saved results? Hi there! Is there a search command that will allow me to look up results from a "saved result"? I'm looking for way... by monicato Path Finder in Splunk Search 07-20-2012 3 5	3	5
Dashboard --> search last 24h --> logfiles of other splunk server Good day Currently receives a master Splunk server log files from 3 other splunk server. I created a dashboard for ea... by fischera Explorer in Splunk Search 07-20-2012 0 1	0	1
Filter count? Trying to output just names where the count=1. Original Search Aliases="hba" \| rex "Aliases:\s+(?<Aliname>\S+)_h... by clintla Contributor in Splunk Search 07-20-2012 0 1	0	1
Multiple regex expressions for 1 field name I have 2 different extractions but their values need to be part of the same field. How can I do that? I've tried usin... by beaunewcomb Communicator in Splunk Search 07-20-2012 0 2	0	2
100 result limit in JS SDK I tried adding "count" to params object when calling service.search() but it doesn't work. How do I get more than 100... by LordVoldemort Explorer in Splunk Search 07-19-2012 2 4	2	4
Show percent instead of count in top chart I'm using the top command and wanted the generated chart to show the percent value for each of the items instead of t... by ctoo Engager in Splunk Search 07-19-2012 0 5	0	5
Splunk for OSISoft PI logs? Anybody experience with OSIsoft PI logs and Splunk? http://www.osisoft.com/value/business/Business_Solutions.aspx I ... by mmichel_splunk Splunk Employee in Splunk Search 07-19-2012 1 2	1	2
Regex matching in search when it doesn't in regex creator This regex is actually a lot longer, and obviously the events are too, but here's what appears to be happening. I wan... by beaunewcomb Communicator in Splunk Search 07-19-2012 0 2	0	2
Locked/Unlocked rex field=_raw "Message=A user account was.*(?<accaction>.+?)\." 07/19/2012 11:32:19 AM LogName=Security SourceName... by Michael_Schyma1 Contributor in Splunk Search 07-19-2012 0 3	0	3
Graphing conversion rate over time by banner I have data like this: [2011-04-23T23:59:54-05:00] bannerid=1210 action=view [2011-04-23T23:59:55-05:00] bannerid=12... by opticsplanet Path Finder in Splunk Search 07-19-2012 0 5	0	5
Live Product Roadmap & Input? Hi In the support program page: http://www.splunk.com/view/support-programs/SP-CAAACC8 what does "Live Product R... by melonman Motivator in Splunk Search 07-18-2012 1 1	1	1
Index time SEDCMD not applying when indexer is split from search head I have a configuration working perfectly in development in an environment with a single Splunk instance. This is the... by dbryan Path Finder in Splunk Search 07-18-2012 0 2	0	2
Using AND in case() function Hi all, I'm currently trying to get the case() function working so that for each .csv file I have (which has informa... by Paxxxman Explorer in Splunk Search 07-18-2012 1 4	1	4
Need help creating alerts using regular expressions I am new to Splunk logging and I have a host name and source that I would like to create an alert for. I want to crea... by rmccaffery New Member in Splunk Search 07-18-2012 0 1	0	1
how to set x-axis and y-axis Now i select two fields A and B , it default set A as x-axis and B as y-axis. But now i want set B as x-axis and A as... by lihongyan_84 Explorer in Splunk Search 07-18-2012 1 3	1	3
Obtaining the search time range in a custom search command I have a custom command that takes in the input from a search command and I would like to make available in that comm... by radu_groupon New Member in Splunk Search 07-18-2012 0 1	0	1
Help with rex We are looking to create a multi field rex command to capture the following: 1. Firstname Lastname 2. OrgUnit I am... by zindain24 Path Finder in Splunk Search 07-18-2012 0 1	0	1
field alias limit? Hi, Are there any limitations in amount of alias fields or is it a bug in 4.3.2 that fields are randomly aliased? I ... by jagresz Explorer in Splunk Search 07-18-2012 1 1	1	1
Using now() in real-time Hello everyone. I want to track in real-time the time since the last event occurred. When I do this currently the ti... by matthewcanty Communicator in Splunk Search 07-18-2012 2 2	2	2
Multivalue XML extraction not working I'm trying to add several lines of XML to a multi-valued field. The data looks like: <EXPLT> <REF><... by responsys_cm Builder in Splunk Search 07-18-2012 0 1	0	1
how to set the retention policy of index Hi,I'm also confusing about the retention policy. I want to keep some indexes for 90 days. Now I'm doing some test,wh... by jichen Explorer in Splunk Search 07-17-2012 0 4	0	4
Regex help! (easy one) I need to extract fields from a set of results with inconsistent formatting. I think this would be easy for a regex p... by beaunewcomb Communicator in Splunk Search 07-17-2012 0 6	0	6
retrieve earliest and latest boundaries of a search Hi, I've a search where I need to know the time boundaries of the search and use it to further filter results of the ... by dadi Path Finder in Splunk Search 07-17-2012 1 2	1	2

Get Updates on the Splunk Community!

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

We are excited to announce that the upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform ...

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

After a whole week of being on call, you fell asleep on your keyboard, and you hit a sequence of buttons that ...

Splunk Search

Scripted Input field extractions not working like a csv one-shot

Having Splunk use a Unique Log Entry ID

Is there a search command to look up results from saved results?

Dashboard --> search last 24h --> logfiles of other splunk server

Filter count?

Multiple regex expressions for 1 field name

100 result limit in JS SDK

Show percent instead of count in top chart

Splunk for OSISoft PI logs?

Regex matching in search when it doesn't in regex creator

Locked/Unlocked

Graphing conversion rate over time by banner

Live Product Roadmap & Input?

Index time SEDCMD not applying when indexer is split from search head

Using AND in case() function

Need help creating alerts using regular expressions

how to set x-axis and y-axis

Obtaining the search time range in a custom search command

Help with rex

field alias limit?

Using now() in real-time

Multivalue XML extraction not working

how to set the retention policy of index

Regex help! (easy one)

retrieve earliest and latest boundaries of a search

Announcing Modern Navigation: A New Era of Splunk User Experience

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

Datamodel summaries not visible

How to get an extract of threshold values set in s...

how to query OCI Audit logs from Datasafe

SPLUNK ES 8.2.3 Drill Down not appearing

Using Splunk to Analyze Web Traffic & Machine-Gene...

Splunk Search

Join the Conversation