Splunk Search

Community Activity

Unable to get viewstate information;formatting may not be correct From time to time when moving an application from development to production we get the following view start error. "U... by fresned Path Finder in Splunk Search 03-07-2012 0 1	0	1
Reformat a field My logs contain mac addresses. Sometimes they have colons and sometimes dots. I want to build a view where the user ... by fk319 Builder in Splunk Search 03-07-2012 0 5	0	5
timechart without a split clause not showing all results I have a search showing 288 results but the chart is not showing them all I know timechart has a "limit" switch but ... by hartfoml Motivator in Splunk Search 03-07-2012 0 8	0	8
Top Values of 2 fields Hi, I'm trying to create a search that would show the following data Top unique field1 Top field2 E.g. (Userna... by mcm10285 Communicator in Splunk Search 03-07-2012 3 5	3	5
Getting "error code 1" messages when trying to do an external lookup 4.3 In 4.3 Getting "error code 1" messages when trying to do an external lookup with a Python Script. Script runs ok sta... by davecroto Splunk Employee in Splunk Search 03-07-2012 0 2	0	2
multiple output rex with a directory sometimes exists Hi I have a question about a rex with multiple outputs. I use rex to get two fields out of the source-path to fill t... by fritzsplunk Engager in Splunk Search 03-07-2012 0 1	0	1
splunk 4.3 - searchPostProcess on chart component not working After upgrading to 4.3 our custom forms with a chart component started to show up the following error: Search did ... by chusi New Member in Splunk Search 03-06-2012 0 8	0	8
Join or something better? I'm new to splunk, here's my issue. I have a log file which contains the extracted fields below: task_id task_duratio... by tb582 Explorer in Splunk Search 03-06-2012 0 6	0	6
Dotted Line chart with Multiple Lines A while back I posted this question: http://splunk-base.splunk.com/answers/29015/dotted-line-chart The answer gave m... by Dark_Ichigo Builder in Splunk Search 03-06-2012 0 4	0	4
Help with a STRPTIME So when Splunk admon changed from 4.1.5 to 4.1.6 they also changed how it exacted a timestamp field from AD 4.1.5 ha... by cramasta Builder in Splunk Search 03-06-2012 0 2	0	2
Run "splunk test" in Windows command line I used windows version Splunk 4.3. I was trying to run the following line command in window shell: splunk test sourc... by myli12 Path Finder in Splunk Search 03-06-2012 3 1	3	1
Human Redable Legend text without using case Hi, My log snippet is as shown below: productid=12 email=abc@gg.com productid=13 email=pqr@aa.com productid=14 em... by freephoneid Path Finder in Splunk Search 03-06-2012 0 1	0	1
Pick latest event Hi, I want only return the latest event The following seems to work so far. It is correct? No entirely sure what the... by aleem SplunkTrust in Splunk Search 03-06-2012 0 1	0	1
timechart suppress values lower then x Hi Base, I just run into a problem and I can´t solve it by my own. So, maybe someone here can bring me back on track:... by ndcl Path Finder in Splunk Search 03-06-2012 0 2	0	2
Return single field values Hi, I am importing custom CSV files. I have a field value named "color". I just want to be able to get Splunk to retu... by aleem SplunkTrust in Splunk Search 03-06-2012 0 2	0	2
Top item from each group in transaction I am grouping the data by using transaction (using maxspan option). After that the requirement (final result) is to ... by ramab Engager in Splunk Search 03-06-2012 0 1	0	1
Interesting regex/transforms.conf question My dilemma: We have a log file that dumps out info from an array. Four fields: Count FieldA FieldB FieldC In the ... by kubowler99 New Member in Splunk Search 03-05-2012 0 1	0	1
Suppress NULL column in the result set Hi, My log snippet is as shown below: productid=12 email=abc@gg.com productid=13 email=pqr@aa.com productid=14 emai... by freephoneid Path Finder in Splunk Search 03-05-2012 0 1	0	1
Drilldown not working for some users I created a simple report showing the top 100 IPs and their counts for a certain event. I clicked save and share res... by LanMan6501 New Member in Splunk Search 03-05-2012 0 3	0	3
Inconsistent Search results Hi, I am having some inconsistent search results and I'm not terribly sure why. search #1: earliest=-7d latest=-2h... by Kate_Lawrence-G Contributor in Splunk Search 03-05-2012 1 3	1	3
Run a search for every possible 60 minute period in the past 24 hours? Greetings everyone. We are using a search against CDR data to calculate the 60 minute period in a day which has the h... by msarro Builder in Splunk Search 03-05-2012 1 1	1	1
Add a lookup csv colum information to the results of a inputlookup search Hi, I have a lookup search that works fine but I would like to add information from the lookup table that the source... by Mannyi31 Explorer in Splunk Search 03-05-2012 1 3	1	3
Extracting geo data from zip codes with a static csv and lookups I have some data in splunk with zip code. I would like to be able to map this using the google maps app. I have add... by jbertoli Engager in Splunk Search 03-03-2012 1 1	1	1
using the collect command with file option I have a search command that looks like: \| mysqlquery spec="users" query="select * from users" \| collect index="new_... by imosquera Explorer in Splunk Search 03-03-2012 1 1	1	1
Multiple Records - one file Is it possible for splunk to be able to index a file with this kind of formatting: host=hostname sourcetype=source t... by jgauthier Contributor in Splunk Search 03-02-2012 0 1	0	1