Splunk Search

Community Activity

Splunk Search group by parameter I am trying to perform a search and using regx and parameter can summarize the result based on two categories which ... by zservati Explorer in Splunk Search 02-01-2012 2 4	2	4
Evaluating if splunk is for me. Hi Everyone, I'm trying to find a log solution and here is what I would like to achieve. I have 50 systems with wee... by infinitiguy Path Finder in Splunk Search 02-01-2012 1 2	1	2
rex not working for log4j trying to extract COMPANY from each matched log line, given tomcat log4j lines like this: 31 Jan 2012 23:59:39,963 [... by pcorchary Explorer in Splunk Search 02-01-2012 0 2	0	2
Combining historical and realtime searches Is there any way to combine historical and realtime searches into a single search? For example, I'd like to be able ... by dwaddle SplunkTrust in Splunk Search 02-01-2012 5 7	5	7
Extracting field from source for indexing Hi, I have to add a field which has to be indexed along with the default fields. I can pick up the value from the So... by Krishna_R Path Finder in Splunk Search 01-31-2012 3 3	3	3
Exactly what configuration file or properties can I reload when I do '\| extract reload=t'? Hi When I update props.conf and/or other .conf files, I usually issue 'extract reload=t' to reload configurations w... by melonman Motivator in Splunk Search 01-31-2012 5 2	5	2
Eval can not concatenate fields where there is a null value Given that: Field1="foo" Field2="" (Field2 has a null value) and we use eval to concatenate the two \|eval Field3... by Rob Splunk Employee in Splunk Search 01-31-2012 2 3	2	3
Transaction works in small time window I am trying to develop a way to track down time by evaluating the windows event logs. Condition – Someone has reques... by hartfoml Motivator in Splunk Search 01-31-2012 0 2	0	2
Charting large amount of data points I have a form that charts some data for me. However it's not charting enough data points for the search I specified.... by gnovak Builder in Splunk Search 01-31-2012 0 2	0	2
How to have events show closer together and delete the whitespace between two rows of events So, the customer wants to see less whitespace between each row of events. As it currently is, if you use /en-US/ in y... by Genti Splunk Employee in Splunk Search 01-31-2012 3 5	3	5
"SbrkSysAllocator failed" while performing splunk fsck I just got this error while running fsck. I upgraded to 4.3 and after doing the indexer it told me I should run an f... by hodsonc Explorer in Splunk Search 01-31-2012 2 8	2	8
Multi indexer distributed search I would like to index data separately using two indexers and have distributed search capability. I read here ( http:... by mcgrathd New Member in Splunk Search 01-31-2012 0 1	0	1
Create table containing hosts,sources metadata? I would like to have a list of all the hosts (over some period of time, presumably) and the sources that they've gene... by gowen Path Finder in Splunk Search 01-31-2012 1 4	1	4
Extracting Date Fields If I am doing custom field extraction on an event should I name the fields the same as the default day, month, year, ... by sseekamp Explorer in Splunk Search 01-30-2012 0 1	0	1
Trying to get reltime from last searched for event I'm trying to show the relative time for the last time data was refreshed successfully. I search for all success text... by mmelnick Path Finder in Splunk Search 01-30-2012 0 6	0	6
indicate an average value on a chart Greetings, I am putting together a dashboard and have a bar graph doing the total counts. Is there a way to do an o... by wwhitener Communicator in Splunk Search 01-30-2012 2 3	2	3
Drilldown chart needs a different query Greetings, I am doing the Advanced XML and I have a bar chart showing the results of a summary query--the count of v... by wwhitener Communicator in Splunk Search 01-30-2012 1 2	1	2
Repeating control in form? Hey all, I was poking around doing a custom form and, since there are no checkbox controls that I can find, came up ... by wwhitener Communicator in Splunk Search 01-30-2012 0 2	0	2
Change of colors changes report to flash Hello, we are running a Splunk 4.3 Installation on a Windows XP Desktop PC. We want to customize the colors of a char... by tpaulsen Contributor in Splunk Search 01-30-2012 0 2	0	2
SearchSelectLister with HiddenSearch and stringreplace I see examples for using SearchSelectLister with a HiddenSearch and addterm, but nothing using stringreplace. I have... by anotherpyr New Member in Splunk Search 01-30-2012 0 1	0	1
Custom Apache log REGEX Splunk noob REGEX question. I'm attempting to customize the REGEX for the ootb Apache extraction. I've got it worki... by kubowler99 New Member in Splunk Search 01-30-2012 0 2	0	2
Cumulative sum of a distinct count over time. I've got a variable, call it "flowers," related to orders from a shop. I'm trying to get a chart of the number of un... by howyagoin Contributor in Splunk Search 01-29-2012 2 9	2	9
ncftpd log extractions I'm trying to do field extractions for ncftpd xfer logs. These are generally csv but the fields differ depending on ... by jspears Communicator in Splunk Search 01-28-2012 1 1	1	1
Epoch time millisecond lenght longer than standard My epoch time in the events are this long: 1327695522762361 How can I get splunk to extract the time including the ... by suhprano Path Finder in Splunk Search 01-27-2012 3 3	3	3
regex help I have the following regex which I am using search time extraction..this returns the field I want but I need to tweak... by desi-indian Path Finder in Splunk Search 01-27-2012 0 2	0	2