Splunk Search

Community Activity

How to compare to searches in different indexes? How can I compare two or more source-types (each source-type has a unique index) with each other? Each source-type ha... by mkelderm Path Finder in Splunk Search 11-29-2011 0 2	0	2
Get % Uptime I am useing this search to get both up and down status "index=monitoring \| stats count by status " The Table shows ... by hartfoml Motivator in Splunk Search 11-29-2011 1 2	1	2
Lookup issues I have a table of bad IP's that I want to use in a search agnest my firewall logs in the past I have done this low t... by hartfoml Motivator in Splunk Search 11-29-2011 0 3	0	3
How to get Splunk access statistics We need to provide Splunk user access statistics: How many user accessed splunk the last month How many times a spec... by snevarezh Explorer in Splunk Search 11-29-2011 1 2	1	2
Replacing Results Rather Than Appending A script has been set up to produce a txt file every 10 mins The txt file has been set to import as follows: 'Conti... by parkerio Engager in Splunk Search 11-29-2011 0 3	0	3
Merging Results from 3 Searches Hi I have 3 searches from 3 different device, I would like to have 1 report which contains data from the the 3 device... by welkinson Explorer in Splunk Search 11-28-2011 0 5	0	5
FlashTimeline - how many time bars can be displayed? I have noticed that when doing a search in the default Search view, flashtimeline, the green time bars will be a usef... by Jason Motivator in Splunk Search 11-28-2011 2 2	2	2
Speed impact of field extractions? I've got a custom log format using a format similar to an Apache access log but with different data. I've used the in... by dpadams Communicator in Splunk Search 11-28-2011 0 5	0	5
Scheduled Searches and Multiple Searchheads How are scheduled searches handled for an app if the app is installed on multiple searchheads? Will the search run o... by rmorlen Splunk Employee in Splunk Search 11-28-2011 1 1	1	1
Exclude Hosts In A Saved Search I have a saved search that is looking at the % disk space free on each drive over a number of window server. There ar... by itsomana Path Finder in Splunk Search 11-28-2011 0 4	0	4
Advanced Search I have a top ten search fpor windows Errors that I run each day. My bose want to to know how many days each of the t... by hartfoml Motivator in Splunk Search 11-28-2011 0 8	0	8
where username NOT equal to list of usernames in Lookup table i have some data indexed which is a snapshot of users who have access to a system. i have uploaded a 1 column csv wi... by r999 Path Finder in Splunk Search 11-28-2011 1 5	1	5
better field discovery with SUF I was under the impression that using SUF to forward events would some hope provide more automatically discovered fie... by mikefoti Communicator in Splunk Search 11-28-2011 0 5	0	5
rex - matching everything until a tab Hello, I am trying to parse a log from a Tipping Point IPS. An example of the log I get is (the log is cut for clari... by wsw70 Communicator in Splunk Search 11-28-2011 0 2	0	2
Search - Fields function Hello, I want to display only the specify field(s) of the logs in the results display. Using: *\|fields + ProductName... by leiniao Explorer in Splunk Search 11-28-2011 0 2	0	2
Count Consecutive Errors and alert Hi, We have some transaction logs which log business event transactions. I have a requirement to alert when a particu... by ashleyherbert Communicator in Splunk Search 11-27-2011 0 9	0	9
How I can make rows in red color of a table of a view if some condition meets How I can make rows in red color of a table of a view if some condition meets for example in table output of this vie... by kml_uvce Builder in Splunk Search 11-25-2011 0 1	0	1
Retirement and archiving period for one file We have a file which will be updated very rarely(may be once a year or so that too may be a line will be added or del... by sushildabare Path Finder in Splunk Search 11-24-2011 0 9	0	9
How do I get TimeRangePicker to revert to the default? The dropdown box for the search time-range doesn't revert to the default value after I run a search, can I make this ... by mctester Communicator in Splunk Search 11-23-2011 4 2	4	2
Merge results of two searches with transactions Hi there Is there a way to merge the results of two different searches, where I'm grouping the events with the trans... by Simon Contributor in Splunk Search 11-22-2011 0 4	0	4
Polling Interval Will changing the polling interval of my remote data help in reducing the amount of data indexed in a day? I am hopin... by tympaniplayer Path Finder in Splunk Search 11-22-2011 0 3	0	3
Field Extraction for REST API Logs The content of the log is basically API REST calls. I am facing the issue of not being able to extract the fields of ... by lpolo Motivator in Splunk Search 11-22-2011 0 9	0	9
Sum of call_duration I have a field called "call_duration" expressed as 00:00:17, and another field called "Party1Name" which is simply a... by joshftx Explorer in Splunk Search 11-22-2011 0 4	0	4
Certain REGEX strings in transforms.conf will fail I have requierement where i need to route data from certain sources to a specific index. The index name will be extra... by _d_ Splunk Employee in Splunk Search 11-22-2011 2 1	2	1
conditional event to display different static picture is there any ways to display different static picture on dashboard depends on different search result. this is sort o... by cpuppet Path Finder in Splunk Search 11-21-2011 1 4	1	4