Splunk Search

Thread Info

How to use the DOTALL option in a regular expression

I'm running a regular expression on a string which runs for 5 or more lines. The first few words on the first line he...

by Engager in

host lookup

I'm getting some unexpected results when I run the following query for hosts: index=mydata | top host I expect ...

by Contributor in

transaction too complex?

Hi, I'm trying to create a report that does the same search for two different dates, the regular search uses a transa...

by Path Finder in

create chart monthly/weekly

I have a requirement in that i have events for diiffrent dates 28,489,BLR 3BC019-Web18,172.22.16.21, Mani Sundaram...

by Builder in

chart sum eval if not working....

Hi, I have the following search string which works (sourcetype="cds_fms_access" x_event="*connect" x_status="20...

by Contributor in

log hostname in metrics.log

In a distributed deployment on the indexer in metrics.log there are logged 2 fields: sourceHost and sourceIp. In my s...

by New Member in

xfs/ext3/ext4

Doesn't look like there are any recent answers here on this subject, so I'll ask - What are people using for the file...

by Path Finder in

How can I compute durations of nested method calls ?

Hi there, I'm new to Splunk, so apologies if this question has been answered before. I would like to compute the e...

by Explorer in

Splunk EPS

Indexing throughput. Events-per-second (EPS) is a common throughput measurement, but consider that event sizes can v...

by Explorer in

Issues with splunk 4.3

Dear, Since I upgraded to the 4.3 (before 4.2.5) I have some issues with splunk. The first thing : is about the...

by Explorer in

Context Search

Hi, Is there any way to do a contextual search in Splunk? For example, if I issue the command "grep -C 5 failed ...

by Path Finder in

Log Archive

Hi, I am testing automatic Log Archiving for my Splunk Deployment. i am testing this on one of my single index nam...

by Path Finder in

lookup hostname to ip address but output different results?

Hi~there i found that when using external_lookup.py provided in $SPLUNK_HOME/etc/system/bin/, the lookup results s...

by Contributor in

Problem with the diff command

Hi! Every time a user enters my system, I report his userId. I tried using the DIFF operation to find out which us...

by New Member in

compare linecount for files

I am using splunk to compare the output of routes from a list of firewalls. The output contains a listing of routes. ...

by Communicator in

Extracting stats from different fields in the same series of events

I've got a series of events with a timestamp and two numbers, like so: "2011-05-29 22:54:06",68,31 "2011-08-15 10:...

by Communicator in

Possible to achieve eval results per host?

Working with stat log events from DJB's dnscache. These look like: @400000004f3ebb59244cc72c stats 275245265 ...

by Engager in

stats for user internet traffic

I am trying to write a query that filters our users' network traffic. I would like the query to return information on...

by Path Finder in

Add events mid search

Is it possible to recover events that I've filtered out in a search, ie (and I know this is a daft example but it's g...

by Path Finder in

Issue with accessing http://l-156009194:8000/

Hi, I recently installed splunk on Windows. I was able to login into the Splunk webbased UI. ( http://l-156009194:800...

by Engager in

how to search with one variable to pull different types of values back and make another search with those values

I will lay out the scenario, i work in security and I want to look for trending from our VPN users. I want to pass on...

by New Member in

Removing a listener via CLI

Hey everyone, I am just trying to figure out how to remove a specific listener via CLI. I can find the command to cre...

by Builder in

how do I find the different packages installed on two hosts?

I have a scripted input that takes in rpm -qa output and want to find out the difference in packages installed on two...

by Splunk Employee in

total change in a field every time another field changes

I am working on a game, and have been asked to create an interesting dashboard. My superiors want to know how long it...

by Path Finder in

How to pass a value from the outer search to the inner subsearch?

I'm trying to compose a search like this: sourcetype=A | eval param=ceil(SomeField) | join Name [search sourcetype...

by Communicator in

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Splunk Search

Discussions

How to use the DOTALL option in a regular expression

host lookup

transaction too complex?

create chart monthly/weekly

chart sum eval if not working....

log hostname in metrics.log

xfs/ext3/ext4

How can I compute durations of nested method calls ?

Splunk EPS

Issues with splunk 4.3

Context Search

Log Archive

lookup hostname to ip address but output different results?

Problem with the diff command

compare linecount for files

Extracting stats from different fields in the same series of events

Possible to achieve eval results per host?

stats for user internet traffic

Add events mid search

Issue with accessing http://l-156009194:8000/

how to search with one variable to pull different types of values back and make another search with those values

Removing a listener via CLI

how do I find the different packages installed on two hosts?

total change in a field every time another field changes

How to pass a value from the outer search to the inner subsearch?

Detecting Brute Force Account Takeover Fraud with Splunk

Buttercup Games: Further Dashboarding Techniques (Part 9)

Buttercup Games: Further Dashboarding Techniques (Part 8)

Search for triggered save searches and their actio...

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Using Machine Learning Toolkit to detect auth abus...

Proactively stream data to different index after C...

Splunk Search

Are you a member of the Splunk Community?

Discussions