Splunk Search

Community Activity

Monitor Proliant hardware Hi, Does anyone have Splunk monitoring HP Proliant servers for raid, psu, nic failures etc? If so, how did you go ab... by bazcurtis Explorer in Splunk Search 06-25-2012 0 2	0	2
scheduled summary searches in a distributed setup - where do they run? Hello, I have a search head that has the webintelligence app loaded. I've created the summary indexes on a pair of ... by briang67 Communicator in Splunk Search 06-25-2012 1 3	1	3
How do I get Sampledata.zip indexed into Windows based Splunk? Hi I was trying to go thru Splunk Tutorial, but now I am having trouble in getting sampledata.zip indexed using the ... by melonman Motivator in Splunk Search 06-25-2012 0 4	0	4
Multi Value Field with Auto Extracted Field Can Splunk be configured to create a multi value field with auto extracted "name=value" fields. 11/2/11 08:03:00 fie... by msettipane Splunk Employee in Splunk Search 06-25-2012 1 3	1	3
Date Range Search on DateTime Field Hi, I have a field which contains a DateTime. I want to be able to search between a range of Dates on this as opposed... by matthewcanty Communicator in Splunk Search 06-25-2012 0 5	0	5
regex help Hi, I'm new to Splunk so hope: 1) I'm not asking a stupid question 2) someone can help Anyway, I want to extract a h... by mariof New Member in Splunk Search 06-25-2012 0 3	0	3
how to use eval and stats first() (for dummies) Hello, Summary: how to get most recent vents for a given ID (for dummies) I have data in the following format: # O... by wsw70 Communicator in Splunk Search 06-25-2012 1 5	1	5
Problem using eventstats - not populating all fields I have the following search string (which I've obfuscated slightly): sourcetype=NetworkImpression \| fields User_ID I... by dbryan Path Finder in Splunk Search 06-24-2012 0 9	0	9
Splunk 4.3 Field Extraction Tool I am using the Field Extraction tool that is built in Splunk 4.3 and I am having some issues. I know that fields are... by peasead Path Finder in Splunk Search 06-24-2012 0 7	0	7
sourcetype not visible when using user created index When I create an input and assign it to a particular index(a new one I have created) and I also assign it a custom so... by timpgray Path Finder in Splunk Search 06-24-2012 0 4	0	4
counting occurences of a string in the log message Our logs contain some multi-line messages (e.g. a list of tasks running) that look like this ID, state, comment 1544... by tomasv Explorer in Splunk Search 06-23-2012 0 3	0	3
Tracing field extractions in multi-user environment Is there a way to figure how which config file is causing a particular field extraction at search time? Thx. C by responsys_cm Builder in Splunk Search 06-23-2012 0 1	0	1
How to deal with empty field extractions in regex Here is an example log entry I'm trying to do field extractions from: 2012 Jun 22 11:15:08 server.company.com [aut... by responsys_cm Builder in Splunk Search 06-22-2012 0 2	0	2
field extraction on Chinese characters There are actually 2 parts in my question i want to do an field extraction based on my existing field i have read so... by cpuppet Path Finder in Splunk Search 06-22-2012 0 1	0	1
Transaction - how to exclude entire transaction based on a keyword I have a list of Account ID and URL accessed. So, for an Account ID, there are many URLs being accessed. I want to b... by Joshie New Member in Splunk Search 06-22-2012 0 2	0	2
Question regarding subtraction within "eval" I am working on a query which indexes two indexes of data. The formats are different but I am crunching only integers... by aputz Path Finder in Splunk Search 06-22-2012 0 4	0	4
average from a series of numbers How do I get average of a numeric series by every n seconds? Performance Counter increasing sequentially, now I want... by jangid Builder in Splunk Search 06-22-2012 0 4	0	4
Splunk realtime searches high availible Hi there, I am having a searchhead which runs a lot RT-Searches with a eMail alerting. Now I want to have a kind of ... by nebel Communicator in Splunk Search 06-22-2012 0 1	0	1
how to join 2 different searches in a single index with different fileds and mapping them to the common field I have a new problem now when i try to filter the search with a fieldname value and both the search has different nam... by balavenkatachal New Member in Splunk Search 06-21-2012 0 1	0	1
how to join 2 different searches in a single index with different fileds and mapping them to the common field how to join 2 different searches in a single index with different fileds and mapping them to the common field, please... by balavenkatachal New Member in Splunk Search 06-21-2012 0 2	0	2
Transaction command causing zero results I have events that come in on a webform save action that logs the value pairs of all data elements. They look someth... by mrjester Explorer in Splunk Search 06-21-2012 1 2	1	2
how to mesure the duration of unfinished and uncompleted transactions ? Hi I am collecting events of states of devices, a device is supposed to be go from the state "false"=beginning of tr... by mataharry Communicator in Splunk Search 06-21-2012 1 3	1	3
Handling ad hoc groups in a form or search Hello, What is the recommended way to handle ad hoc groups? Specifically, if a user has a CSV or text file with a l... by cphair Builder in Splunk Search 06-21-2012 1 2	1	2
Query Help !! Hi I have to use a query similar to sql like this in splunk. select * from table1 where color NOT IN [select color... by rakesh_498115 Motivator in Splunk Search 06-21-2012 0 1	0	1
Splunk encountered the following unknown module: "Timeline" . The view may not load properly. This is on version 4.3 / 4.3.1 / 4.3.2 of splunk, I have a dashbaord set to timeline and not flashtimeline in the def... by Dark_Ichigo Builder in Splunk Search 06-21-2012 0 4	0	4