Splunk Search

Community Activity

Lead\ Lag in splunk? Hi, when I work with SQL I find the "Lead\ Lag" function very crutial. I'm using it mostly between dates. Does splun... by Yarsa Path Finder in Splunk Search 03-07-2012 0 3	0	3
How to search for results using Java splunk api How do i call the Java splunk api to search using the splunk search language from the Splunk search endpoint? by misteryuku Communicator in Splunk Search 03-07-2012 0 1	0	1
find max of averaged field over a month of daily data I've got a very basic query which computes an average of some daily attempts to do something like this: index=monito... by dang Path Finder in Splunk Search 03-07-2012 0 1	0	1
find max of two averaged fields over a month of daily data I've got a very basic query which computes an average of some daily attempts to do something like this: index=monito... by dang Path Finder in Splunk Search 03-07-2012 0 2	0	2
Unable to get viewstate information;formatting may not be correct From time to time when moving an application from development to production we get the following view start error. "U... by fresned Path Finder in Splunk Search 03-07-2012 0 1	0	1
Reformat a field My logs contain mac addresses. Sometimes they have colons and sometimes dots. I want to build a view where the user ... by fk319 Builder in Splunk Search 03-07-2012 0 5	0	5
timechart without a split clause not showing all results I have a search showing 288 results but the chart is not showing them all I know timechart has a "limit" switch but ... by hartfoml Motivator in Splunk Search 03-07-2012 0 8	0	8
Top Values of 2 fields Hi, I'm trying to create a search that would show the following data Top unique field1 Top field2 E.g. (Userna... by mcm10285 Communicator in Splunk Search 03-07-2012 3 5	3	5
Getting "error code 1" messages when trying to do an external lookup 4.3 In 4.3 Getting "error code 1" messages when trying to do an external lookup with a Python Script. Script runs ok sta... by davecroto Splunk Employee in Splunk Search 03-07-2012 0 2	0	2
multiple output rex with a directory sometimes exists Hi I have a question about a rex with multiple outputs. I use rex to get two fields out of the source-path to fill t... by fritzsplunk Engager in Splunk Search 03-07-2012 0 1	0	1
splunk 4.3 - searchPostProcess on chart component not working After upgrading to 4.3 our custom forms with a chart component started to show up the following error: Search did ... by chusi New Member in Splunk Search 03-06-2012 0 8	0	8
Join or something better? I'm new to splunk, here's my issue. I have a log file which contains the extracted fields below: task_id task_duratio... by tb582 Explorer in Splunk Search 03-06-2012 0 6	0	6
Dotted Line chart with Multiple Lines A while back I posted this question: http://splunk-base.splunk.com/answers/29015/dotted-line-chart The answer gave m... by Dark_Ichigo Builder in Splunk Search 03-06-2012 0 4	0	4
Help with a STRPTIME So when Splunk admon changed from 4.1.5 to 4.1.6 they also changed how it exacted a timestamp field from AD 4.1.5 ha... by cramasta Builder in Splunk Search 03-06-2012 0 2	0	2
Run "splunk test" in Windows command line I used windows version Splunk 4.3. I was trying to run the following line command in window shell: splunk test sourc... by myli12 Path Finder in Splunk Search 03-06-2012 3 1	3	1
Human Redable Legend text without using case Hi, My log snippet is as shown below: productid=12 email=abc@gg.com productid=13 email=pqr@aa.com productid=14 em... by freephoneid Path Finder in Splunk Search 03-06-2012 0 1	0	1
Pick latest event Hi, I want only return the latest event The following seems to work so far. It is correct? No entirely sure what the... by aleem SplunkTrust in Splunk Search 03-06-2012 0 1	0	1
timechart suppress values lower then x Hi Base, I just run into a problem and I can´t solve it by my own. So, maybe someone here can bring me back on track:... by ndcl Path Finder in Splunk Search 03-06-2012 0 2	0	2
Return single field values Hi, I am importing custom CSV files. I have a field value named "color". I just want to be able to get Splunk to retu... by aleem SplunkTrust in Splunk Search 03-06-2012 0 2	0	2
Top item from each group in transaction I am grouping the data by using transaction (using maxspan option). After that the requirement (final result) is to ... by ramab Engager in Splunk Search 03-06-2012 0 1	0	1
Interesting regex/transforms.conf question My dilemma: We have a log file that dumps out info from an array. Four fields: Count FieldA FieldB FieldC In the ... by kubowler99 New Member in Splunk Search 03-05-2012 0 1	0	1
Suppress NULL column in the result set Hi, My log snippet is as shown below: productid=12 email=abc@gg.com productid=13 email=pqr@aa.com productid=14 emai... by freephoneid Path Finder in Splunk Search 03-05-2012 0 1	0	1
Drilldown not working for some users I created a simple report showing the top 100 IPs and their counts for a certain event. I clicked save and share res... by LanMan6501 New Member in Splunk Search 03-05-2012 0 3	0	3
Inconsistent Search results Hi, I am having some inconsistent search results and I'm not terribly sure why. search #1: earliest=-7d latest=-2h... by Kate_Lawrence-G Contributor in Splunk Search 03-05-2012 1 3	1	3
Run a search for every possible 60 minute period in the past 24 hours? Greetings everyone. We are using a search against CDR data to calculate the 60 minute period in a day which has the h... by msarro Builder in Splunk Search 03-05-2012 1 1	1	1